miunst_.exe (AVG detection)

[Guest]

Well here's another odd one. I've just installed Superantispyware, and it was
running its first quick scan this morning when up popped AVG (AVG, please
note, not SuperAntispyware) saying it had detected a 'generic trojan',
miunst_exe. (The file path was C:\Documents and Settings\[my name]\Local
Settings\Temp\miunst_.exe) So I quarantined it. Superantispyware meanwhile
continued its scan, and reported nothing.

I sent the file in the virus vault to the Virustotal scanner, and it was
reported unanimously clear.
I did a search of my hard drive for 'miunst' and it found a file
miunst_.exe-054536DD.pf in the Windows prefetch folder, apparently created a
few days ago. I scanned this with AVG, and sent it to virustotal, but it was
clear.

Googling it doesn't show up anything I can make much sense of. Can anyone
shed any light on it, please?

 

[Guest]

Hello Alan D,

You can clear prefetch files by going to Start menu and Run and typing
prefetch, and then click OK.
Prefetch files are there to help programs load/open quicker but they will be
replaced in prefetch when they are used agªin.
This folder may accumulate useless junk, especially if you change your
configuration a lºt. There's no harm in emptying it. Simply delete all the
files in that folder; Windows will rebuild it as needed
http://www.windowsnetworking.com/articles_tutorials/Gaining-Speed-Empty-Prefetch-XP.html

For the benefit of the community reading this post, please rate the pºst.

I hope this post is helpful.

Let us know how it works ºut.

Еиçеl

 

[Guest]

You can clear prefetch files by going to Start menu and Run and typing
prefetch, and then click OK.

Thanks Engel - I've done that now.

For the sake of anyone else who may encounter this alert, I can now report
that I've also done some detective work using Event viewer. This prefetch
file was created at exactly the time when I uninstalled mIRC on 18th
November, so I'm virtually certain that miunst_.exe in the TEMP files and
this prefetch file were generated during the uninstall of mIRC, and I presume
they were just harmless remnants of that uninstallation.

This new AVG alert I got seems to have been associated with this 'riskware'
nebulous area in which mIRC uncomfortably sits, and presumably something
about Superantispyware's poking at them set it off. Hopefully I've now got
rid of all traces of this program that I never actually found a use for!

 

[Guest]

Hello Alan D,

Prefetch files are there to help programs load/open quicker but they will be
replaced in prefetch when they are used agªin.
This folder may accumulate useless junk, especially if you change your
configuration a lºt. There's no harm in emptying it. Simply delete all the
files in that folder; Windows will rebuild it as needed

Can I just confirm this please, as it seem like a scary thing to do for
someone who's never done it before: I can delete ALL the files in the
prefetch folder - there's nothing in there that's of any permanent use. Have
I got that right?

If I delete EVERYTHING in the pf folder, should I expect XP to take longer
to start up the first time after doing so?

 

[Guest]

Hi Alan D,

Yes, you can delete all the files in the * prefetch * folder.

The time in start up is about 7 attoseconds, a division of time called *
attosecond *
No fear. ;-)
--

 

[Guest]

I periodically use Windows Explorer and just delete the folder Prefetch and
then run Disk Cleanup. That should convince you that there is nothing
critical there. It's hard to quantify, but it usally takes 2 or 3 logons
before prefetch has a respectable number of entries in it. So if there is a
performance hit after initially deleting Prefetch, it doesn't last long.
Happy Turkey!

 

[Guest]

Hi Alan D,

More about prefetch
http://www.windowsnetworking.com/articles_tutorials/Gaining-Speed-Empty-Prefetch-XP.html

attosecond IN BRIEF: n. - One quintillionth (10^-18) of 1/60th of a minute.

 

[Guest]

Hi Alan D,

Yes, you can delete all the files in the * prefetch * folder.

Thanks Engel (and Mr Cat also.) Do you have any thoughts on this alternative
view about the prefetch folder (see link)? It seems there's a school of
thought that suggests it's not so good to delete everything in it, though the
issue seems to be about performance, not security.
http://www.edbott.com/weblog/archives/000743.html

 

[Guest]

It seems there's a school of
thought that suggests it's not so good to delete everything in it

But this link is more disturbing:
http://www.neowin.net/forum/lofiversion/index.php/t331072.html

Is it certain that the layout.ini file can be deleted without unfortunate
consequences?

 

[robinb]

also do not delete the layout.ini in prefetch- only the prefech files
robin

Hello Alan D,

You can clear prefetch files by going to Start menu and Run and typing
prefetch, and then click OK.
Prefetch files are there to help programs load/open quicker but they will
be
replaced in prefetch when they are used agªin.
This folder may accumulate useless junk, especially if you change your
configuration a lºt. There's no harm in emptying it. Simply delete all the
files in that folder; Windows will rebuild it as needed
http://www.windowsnetworking.com/articles_tutorials/Gaining-Speed-Empty-Prefetch-XP.html

For the benefit of the community reading this post, please rate the pºst.

I hope this post is helpful.

Let us know how it works ºut.

??ç?l
--

Well here's another odd one. I've just installed Superantispyware, and it
was
running its first quick scan this morning when up popped AVG (AVG, please
note, not SuperAntispyware) saying it had detected a 'generic trojan',
miunst_exe. (The file path was C:\Documents and Settings\[my name]\Local
Settings\Temp\miunst_.exe) So I quarantined it. Superantispyware
meanwhile
continued its scan, and reported nothing.

I sent the file in the virus vault to the Virustotal scanner, and it was
reported unanimously clear.
I did a search of my hard drive for 'miunst' and it found a file
miunst_.exe-054536DD.pf in the Windows prefetch folder, apparently
created a
few days ago. I scanned this with AVG, and sent it to virustotal, but it
was
clear.

Googling it doesn't show up anything I can make much sense of. Can anyone
shed any light on it, please?

 

[Guest]

Hi Alan D,

You'll get nearly as many differing opinions as you will responses.

 

[Guest]

You'll get nearly as many differing opinions as you will responses.

You mean about the layout.ini folder, etc, Engel? Yes, I guess so, though I
think I've resolved my own position on this. My understanding is that Windows
looks after the prefetch folder automatically, tidying it up every few days -
so as far as I can see there's no clear performance benefit to be had from
trying to defragment it, and no need to completely clear it out periodically
either - unless there are some specific files that would be better removed
(such as prefetch files for programs that are no longer installed, as in my
case).

 

[Robin]

true but i had a client that took out the layout.ini and he could not get
new prefech files. thank goodness it was still sitting in recylce bin, so i
put it back and all went well from there.
robin

Hi Alan D,

You'll get nearly as many differing opinions as you will responses.

Well here's another odd one. I've just installed Superantispyware, and it
was
running its first quick scan this morning when up popped AVG (AVG, please
note, not SuperAntispyware) saying it had detected a 'generic trojan',
miunst_exe. (The file path was C:\Documents and Settings\[my name]\Local
Settings\Temp\miunst_.exe) So I quarantined it. Superantispyware
meanwhile
continued its scan, and reported nothing.

I sent the file in the virus vault to the Virustotal scanner, and it was
reported unanimously clear.
I did a search of my hard drive for 'miunst' and it found a file
miunst_.exe-054536DD.pf in the Windows prefetch folder, apparently
created a
few days ago. I scanned this with AVG, and sent it to virustotal, but it
was
clear.

Googling it doesn't show up anything I can make much sense of. Can anyone
shed any light on it, please?

 

[Robin]

you should clean out the prefech folder every couple of months.(i do about
every 3mths) there is no need to clean it out every month.
The reason for the clean out also is if you have deleted a program its
prefech file still sits there and if you have not used a program in ages, it
sits there too so if you clean it out it gets rid of old files.
robin

 

[Guest]

And if you read only the advice of really knowledgeable people, you'll
quickly realize that there's lots of foolish people out there copying all the
bad ideas from one another. The web is a great place for dis-information, or
more descriptively, mob mentality. If Joe tells, Jim, who tells George, who
tells me, then they can't all be wrong can they?

Beware of Bogus XP Advice
http://www.edbott.com/weblog/archives/000024.html

Bitman

 

[Guest]

Beware of Bogus XP Advice
http://www.edbott.com/weblog/archives/000024.html

That's excellent advice, and also an excellent article - which I'd
fortunately discovered myself before rushing off and clearing out everything
in the Prefetch folder!

As far as I can understand the way it works (which admittedly isn't far, but
I think it's far enough), the only point of removing any file from the
prefetch folder is
(a) if it's associated with something nasty; or
(b) if it's associated with a program you no longer use or have uninstalled.
And even in case (b) it doesn't matter much whether you do it or not.

Looking at the files in my prefetch folder, I can see that every one of them
has been updated during the last few days. Since all of them are current, and
none of them are nasty - there's nothing to be gained by clearing them out.

 

[Guest]

That's excellent advice, and also an excellent article - which I'd
fortunately discovered myself before rushing off and clearing out everything
in the Prefetch folder!

As far as I can understand the way it works (which admittedly isn't far, but
I think it's far enough), the only point of removing any file from the
prefetch folder is
(a) if it's associated with something nasty; or
(b) if it's associated with a program you no longer use or have uninstalled.
And even in case (b) it doesn't matter much whether you do it or not.

Looking at the files in my prefetch folder, I can see that every one of them
has been updated during the last few days. Since all of them are current, and
none of them are nasty - there's nothing to be gained by clearing them out.

That's a good synopsis, I'll just add that there's no need for you to clean
out unused programs since prefetch does this automatically over time, by
replacing the unused files with new ones. Since the analysis is done by
prefetch every time the system boots, it will constantly adjust to changes
such as new files that replace old ones.

Even Ed Bott doesn't seem to realize some design criteria inherent to
prefetch. For example, since the special prefetch defragmentation that occurs
every three days moves all of these files to a single contiguous area of the
disk, the impact of deletion of prefetch on boot after this occurs is much
less than if the files were still scattered on the disk. So if someone
deleted the prefetch every couple days, it would never perform this
defragmentation and thus never allow the largest performance improvement.

Unfortunately, once an urban legend like deleting prefetch gets started,
it's as difficult to kill as its often obviously rediculous cousins. In fact
even more so, since non-technically trained people have no basis on which to
make a sensible analysis or decision. So the entire thing becomes a "he said,
she said", since a non-technical person can't really see the difference, with
no understanding of the need to test the idea for proof. Read the comments at
the previous link and this becomes immediately clear.

These are the type of people who need security applications that simply
'tell them what to do', since trying to explain why is like talking to a
brick wall. BTW, you are NOT part of that group, no matter what you might
think. You are merely an advocate for them like myself, with less background
in computer technology than some others here at this point.

Bitman