?
Solved

wmon32.exe

Posted on 2004-09-06
8
Medium Priority
?
147 Views
Last Modified: 2010-04-13
On one of my PC's wmon32.exe is shown as one of the processes running at close to 100% and keeping the cpu very busy and makeing the PC extremely slow. How do I get rid of it.
0
Comment
Question by:Janekom
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 21

Accepted Solution

by:
jvuz earned 1400 total points
ID: 11994091
It' spossible you got infected with the W32/Agobot-IT virus
0
 
LVL 21

Assisted Solution

by:jvuz
jvuz earned 1400 total points
ID: 11994094
Check already with stinger:

http://vil.nai.com/vil/stinger/
0
The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

 
LVL 57

Assisted Solution

by:Pete Long
Pete Long earned 600 total points
ID: 11994572
agree,

after unning AV check for the existance of the reg keys

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
WSAConfiguration = wmon32.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices\
WSAConfiguration = wmon32.exe

if they still exist delete them, some variants of this worm also add junk to your hosts file
look in c:\winnt\system32\drivers\etc

open hosts in notepad and dete everything that appears below the

127.0.0.1    localhost

entry

Pete
0
 

Author Comment

by:Janekom
ID: 11994832
Hi jvuz and Petelong,
I have scanned with Stinger and found w32/nachitptpd virus on one PC and w32/sdbot.worm.gen.g.worms on another PC, both showed svchost.exe as infected. I will see if the problem comes up again.
Thanks.
0
 
LVL 19

Expert Comment

by:Zaheer Iqbal
ID: 11996026
0
 
LVL 21

Expert Comment

by:jvuz
ID: 12004213
Thanx,

Jvuz
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 12004787
ThanQ
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
We live in a world of interfaces like the one in the title picture. VBA also allows to use interfaces which offers a lot of possibilities. This article describes how to use interfaces in VBA and how to work around their bugs.
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question