Re: Is MSWin.exe some form of malware?
- From: Ted Zieglar <teddy.z@xxxxxxxxxxxx>
- Date: Wed, 01 Nov 2006 15:41:30 -0500
The thing about malware these days is that it's very tricky to find, let alone eliminate. The lucky ones get infected with something everyone knows about (if you can call that luck.) Others get hit with something that's hard to pinpoint because it keeps changing its form, or because it disguises itself as part of the operating system. Also, if you've been picking away at it you may have removed just enough so that a scanner can no longer see it.
The startup tab of the system configuration utility (aka msconfig) was designed as way to test which item that runs at startup is causing a problem for the PC. Basically, you start with everything prevented from starting, then you allow one thing at a time to start until you hit on which startup item is causing the problem. It's tedious, but it usually works.
Once you know which startup item is causing a problem, you find out which program 'owns' that startup item and troubleshoot in the program itself. Msconfig is not the cure - it's the diagnostic tool. It's not a good idea to interfere with a program's startup process on a full-time basis.
Of course, malware will often try to insert itself in Windows startup. Once you have determined that a startup item belongs to malware you have to get rid of the malware. These days, that means trying half a dozen or more different scanners, or (if you're lucky) finding specific manual removal instructions from the website of one of the major anti-malware companies, a HiJackThis analysis and, when nothing else works, a clean install.
---
Ted Zieglar
"Backup is a computer user's best friend."
Roughneck wrote:
Yes, I understand msconfig doesn't remove malware--in fact it doesn't remove anything on it's own--it just provides an interface for making manual changes to a PC's configuration, including which items will run at startup. What I was trying to say is I haven't yet used msconfig to remove MSWin.exe manually--I'm hoping to get some feedback about it on this forum to see if people here agree that it is in fact some form of malware. I ran NAV and SpySweeper (both current in regard to definition updates) and neither of them flagged MSWin.exe. I've also run Spybot and AdAware within the last few weeks with current updates and they didn't flag it either. Since the google search indicates MSWin.exe is malware but none of the apps I mentioned flagged it as a problem/risk, I'm trying to determine whether or not it's really malware/adware/spyware/virus etc..
- References:
- Re: Is MSWin.exe some form of malware?
- From: Ted Zieglar
- Re: Is MSWin.exe some form of malware?
- Prev by Date: RE: local user account
- Next by Date: Re: Is MSWin.exe some form of malware?
- Previous by thread: Re: Is MSWin.exe some form of malware?
- Next by thread: Re: Is MSWin.exe some form of malware?
- Index(es):
Relevant Pages
|
