mstask.exe - Microsoft Task Scheduler
The mstask.exe process is a component of the built-in Microsoft Windows task scheduler service, and is responsible for activating scheduled tasks at a time decided on by the user. This process is not essential for Windows XP, and only needs to be present if you are running scheduled tasks on your PC.This process can be shut down, either permanently or temporarily, if the resources it uses are needed for other purposes. If the mstask.exe process is disabled or killed, scheduled tasks will no longer run and it may be impossible to schedule any new tasks. Restarting the process will restore normal operation. This process is similar to the cron daemon found on UNIX/Linux systems.
Many businesses enable the task scheduler service on all user machines, as well as servers, in order to run disk defragmentation, software updates, reports, or other utilities during off-business hours. This eliminates the need for employees to run these tasks manually. Home users may also make use of this service, but this seems relatively unusual.
The legitimate copy of mstask.exe installed by the Windows OS will be found in c:\windows\system32. Copies found in other locations should be treated with suspicion. Some users have reported finding copies in c:\windows and c:\windows\system32\dllcache. Several malware applications have made use of this file name in order to disguise themselves.
Known viruses using this or similar file names include W32.Myparty, which uses the name msstask.exe (note the additional "s"), and W32/Opaserv-H, which hijacks the legitimate mstask.exe file name. These viruses are well known to antivirus packages and should be removed automatically during a system scan.
As always, if you suspect a malware infestation you should download and run a current copy of an antivirus/malware scanner in order to isolate and remove the offending application. Be sure to obtain the most recent definition files, since these are critical to the removal of current malware variants.
windowshelp.net