SOLVE msa.exe problem in Task Manger Windows

October 23, 2009 on 9:59 am | In Windows | No Comments

Hi guys. You might have come across the issue with the process msa.exe in your task manager.  Yep it is malicious process.

Lets look how to remove it.

Open Task Manager. Find exactly “msa.exe” from the “processes” tab
Start –> Search
Then select “All files and folders”
Make a search called “msa.exe” (all harddrives) When found, stop the search.

Now kill the process in the task manager named msa.exe(keep mouse on it and right click kill process tree)
Now in the search window, delete the msa.exe found using Shift + delete so that it won’t go to your recycle bin.

Now do this

Start > Run > Type regedit.exe

Navigate to

HKEY_CURRENT_USER\Software\AntiVirus
HKEY_CURRENT_USER\Software\MSA
HKEY_CLASSES_ROOT\.key
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
 “Antivirus”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
“Antivirus”

Remove MS Antivirus Registry Values from all of the above locations.

Reboot your system… thats all.

SOLVE b.exe problem in Task Manger Windows

October 23, 2009 on 9:51 am | In Windows | No Comments

Hi guys. You might have come across the issue with the process b.exe in your task manager.  Yep it is malicious process.

Lets look how to remove it.

go to task manager kill the the process tree for b.exe

The soon edit the registry by

Start > Run > Type regedit.exe

Navigate to

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
  “b”   Delete it
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
  “b”  Delete it

From both of the registry delete the entry for b.

Now remove the file b.exe

Usually it will be in the temp folder

c:\Documents and settings\<logged in user name>\Local Settings\tmp

Start > Run > type cmd

In the prompt type

c:\Documents and settings\<logged in user name>\Local Settings\Temp

(replace logged in user with your name)

now check whether the file is there

dir b.exe (it should show the file).
attrib b.exe
(this will show the attribute that is set. Usually it will be a caps "A")
If it is "A" remove the attribute using
attrib -A b.exe

Remove the file
del b.exe

Now to be on the safeside, have a system reboot.