wmon32.exe

A

Arpan

I am working on a machine that has both Windows 2K Pro (C:\) & Windows XP Pro (D:\) installed.

The problem is whenever I logon into Win2K & open the Registry Editor by clicking "Run" (from the Start menu) & then typing "regedit", I find that the Registry Editor closes on its own after about 15 seconds. After a thorough research on this, I concluded that a program named wmon32.exe is the culprit. When wmon32.exe runs, it even disables my anti-virus software (AVG 6.0 which is upto date). When I searched for this exe file, I found that wmon32.exe resides in C:\WINNT\system32. When I tried to delete it, Windows generated a message that it cannot be deleted as the source file may be in use. Even the "Processes" tab in the Task Manager lists wmon32.exe & when I try to end the process, I am being told that "Access is denied". Please note that this happens even after I deleted all entries of wmon32.exe from the following keys from the Registry Editor

HK_LOCAL_MACHINE/Software/Microsoft/Windows/RunServices
HK_LOCAL_MACHINE/Software/Microsoft/Windows/RunOnceEx
HK_LOCAL_MACHINE/Software/Microsoft/Windows/Run
HKEY_CURRENT_USER/Software/Microsoft/Internet Explorer/Explorer Bars/{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}/FilesNamedMRU

but that doesn't make any difference; when I restart my machine, the same problem creeps up. I even deleted all instances of wmon32.exe from the Windows folder as well as from the Registry Editor by logging into Win2K in Safe Mode but this didn't make any difference either.

Now how do I overcome this & get rid of wmon32.exe?

Thanks,

Arpan
 
M

molsonexpert

I am working on a machine that has both Windows 2K Pro (C:\) & Windows XP Pro (D:\) installed.

The problem is whenever I logon into Win2K & open the Registry Editor by clicking "Run" (from the Start menu) & then typing "regedit", I find that the Registry Editor closes on its own after about 15 seconds. After a thorough research on this, I concluded that a program named wmon32.exe is the culprit. When wmon32.exe runs, it even disables my anti-virus software (AVG 6.0 which is upto date). When I searched for this exe file, I found that wmon32.exe resides in C:\WINNT\system32. When I tried to delete it, Windows generated a message that it cannot be deleted as the source file may be in use. Even the "Processes" tab in the Task Manager lists wmon32.exe & when I try to end the process, I am being told that "Access is denied". Please note that this happens even after I deleted all entries of wmon32.exe from the following keys from the Registry Editor

HK_LOCAL_MACHINE/Software/Microsoft/Windows/RunServices
HK_LOCAL_MACHINE/Software/Microsoft/Windows/RunOnceEx
HK_LOCAL_MACHINE/Software/Microsoft/Windows/Run
HKEY_CURRENT_USER/Software/Microsoft/Internet Explorer/Explorer Bars/{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}/FilesNamedMRU

but that doesn't make any difference; when I restart my machine, the same problem creeps up. I even deleted all instances of wmon32.exe from the Windows folder as well as from the Registry Editor by logging into Win2K in Safe Mode but this didn't make any difference either.

Now how do I overcome this & get rid of wmon32.exe?

Thanks,

Arpan

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_AGOBOT.ZK

http://tinyurl.com/3ona8

steve.
 
A

Arpan

Thanks, Paul, for your advice. I could finally get rid of wmon32.exe worm by
editing the 'host' file & then deleting all instances of wmon32.exe from the
Registry!

Regards,

Arpan
 
A

Arpan

Thanks, Steve, for your suggestion but sorry to say that it didn't help me in anyway since the worm wmon32.exe had blocked www.trendmicro.com through the "host" file & wasn't allowing me to visit that website!

Anyways, thanks once again for your input,

Regards,

Arpan


I am working on a machine that has both Windows 2K Pro (C:\) & Windows XP Pro (D:\) installed.

The problem is whenever I logon into Win2K & open the Registry Editor by clicking "Run" (from the Start menu) & then typing "regedit", I find that the Registry Editor closes on its own after about 15 seconds. After a thorough research on this, I concluded that a program named wmon32.exe is the culprit. When wmon32.exe runs, it even disables my anti-virus software (AVG 6.0 which is upto date). When I searched for this exe file, I found that wmon32.exe resides in C:\WINNT\system32. When I tried to delete it, Windows generated a message that it cannot be deleted as the source file may be in use. Even the "Processes" tab in the Task Manager lists wmon32.exe & when I try to end the process, I am being told that "Access is denied". Please note that this happens even after I deleted all entries of wmon32.exe from the following keys from the Registry Editor

HK_LOCAL_MACHINE/Software/Microsoft/Windows/RunServices
HK_LOCAL_MACHINE/Software/Microsoft/Windows/RunOnceEx
HK_LOCAL_MACHINE/Software/Microsoft/Windows/Run
HKEY_CURRENT_USER/Software/Microsoft/Internet Explorer/Explorer Bars/{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}/FilesNamedMRU

but that doesn't make any difference; when I restart my machine, the same problem creeps up. I even deleted all instances of wmon32.exe from the Windows folder as well as from the Registry Editor by logging into Win2K in Safe Mode but this didn't make any difference either.

Now how do I overcome this & get rid of wmon32.exe?

Thanks,

Arpan

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_AGOBOT.ZK

http://tinyurl.com/3ona8

steve.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Registry error importing .reg file 1
Cleaning up Burn4free registry droppings 3
Command line arguments for (sndrec32.exe)? 1
Loader.exe 3
Winitr32.exe 2
Any Hijack This! experts out there 7
How do I get the path to the exe of another installed application onthe machine 15
DRWTSN32.EXE 1

Top