Missing file...I think - Techist - Tech Forum

Go Back   Techist - Tech Forum > Computer Software > Microsoft Windows and Software
Click Here to Login
Closed Thread
 
Thread Tools Display Modes
 
Old 07-07-2005, 10:58 PM   #1 (permalink)
Grandfather of Techist

\_(ツ)_/
 
Trotter's Avatar
 
Join Date: Jan 2005
Location: The South
Posts: 31,307
Question Missing file...I think

I just spent the vast majority of a day working on a friend's computer for free. It was a serious mess.

We had reformatted it and reinstalled Windows a while back. Since then, it has acted up. Here recently it has been a real pill. So it came home with me.

Short of the story... I had to figure out that the chipset drivers were missing (not on his Dell CD), as well as the graphics driver for his onboard (Dell again). I cleaned out several spyware entries, as well as three or four viruses. I also completely updated his Windows (he didn't even have SP1), as well as installed a firewall, anti-virus, AdAware, Spybot, MS AntiSpy, etc (yes, he had been playing without a net, and it bit him).

Now, the problem... Somewhere in and amongst of of this, the file "sysmon32.exe" was deleted/wiped out. I have searched my comp, but that file doesn't exist on mine. What is this file? Is it important? How do I set Windows from trying to access it every time it starts up?

Any and all help will be appreciated.
__________________

__________________


My Rig: SABLE
Antec 300 Illusion / Antec EarthWatts EA650 650W / ASUS GeForce GTX 960 GTX960-DC2OC-2GD5
AMD FX 8320 x8 Black Edition / Gelid Tranquillo / MSI 970A-G43
Sandisk Ultra Plus 128GB / Samsung 840 120GB / WD Black 750GB / WD Green 1TB
2x4GB DDR3 1600 - 2x2GB DDR3 1600
Win10 Ent 64-bit - Mionix Naos 7000 Mouse - CM Storm QuickFire Rapid Mech Keyboard


R.I.P. Danny L. Trotter ... 14 Nov 1945 - 4 Sept 2009
Trotter is offline  
Old 07-07-2005, 11:02 PM   #2 (permalink)
Super Techie
 
Join Date: Jul 2005
Posts: 262
Send a message via AIM to PC Man Brian
Default

Damn, what the hell did he do to his PC man?
__________________

__________________
PC Man Brian is offline  
Old 07-07-2005, 11:23 PM   #3 (permalink)
Member (again)
 
macdude425's Avatar
 
Join Date: Jan 2005
Location: Raul's Wild Kingdom...How 'bout that, huh?
Posts: 4,202
Send a message via AIM to macdude425 Send a message via Yahoo to macdude425
Default

A quick Google shows that Sysmon32.exe may have been added by the AIDID.A worm.

http://startup.iamnotageek.com/srch-sysmon32.exe.html
__________________



Debian Support Forums!
macdude425 is offline  
Old 07-08-2005, 04:12 AM   #4 (permalink)
Super Techie
 
Join Date: Sep 2004
Posts: 371
Default

Quote:
Originally posted by PC Man Brian
Damn, what the hell did he do to his PC man?
How does that help? At least try to make suggestion..





Did you run the spyware scans in safe mode?
IAM_7154 is offline  
Old 07-08-2005, 05:52 AM   #5 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

That is indeed the SystemMonitor Sysmon32.exe "Added by the AIDID.A WORM!" Why would you need this file?
__________________
Osiris is offline  
Old 07-08-2005, 05:53 AM   #6 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

Go to msconfig and disable the entry.
__________________
Osiris is offline  
Old 07-08-2005, 08:16 AM   #7 (permalink)
Super Techie
 
Join Date: Jul 2005
Posts: 262
Send a message via AIM to PC Man Brian
Default

Quote:
Originally posted by PC Man Brian
Damn, what the hell did he do to his PC man?
Yeah? I was asking what the hell he did to his PC so I could make a suggestion...
__________________
PC Man Brian is offline  
Old 07-08-2005, 03:45 PM   #8 (permalink)
Grandfather of Techist

\_(ツ)_/
 
Trotter's Avatar
 
Join Date: Jan 2005
Location: The South
Posts: 31,307
Default

Quote:
A quick Google shows that Sysmon32.exe may have been added by the AIDID.A worm.
Duh! I done did that. That's why I posted it here.

Quote:
Go to msconfig and disable the entry.
Done did that, too.

Is there a registry entry? If so, where?

Windows pops up asking for it each time it boots.
__________________


My Rig: SABLE
Antec 300 Illusion / Antec EarthWatts EA650 650W / ASUS GeForce GTX 960 GTX960-DC2OC-2GD5
AMD FX 8320 x8 Black Edition / Gelid Tranquillo / MSI 970A-G43
Sandisk Ultra Plus 128GB / Samsung 840 120GB / WD Black 750GB / WD Green 1TB
2x4GB DDR3 1600 - 2x2GB DDR3 1600
Win10 Ent 64-bit - Mionix Naos 7000 Mouse - CM Storm QuickFire Rapid Mech Keyboard


R.I.P. Danny L. Trotter ... 14 Nov 1945 - 4 Sept 2009
Trotter is offline  
Old 07-08-2005, 05:28 PM   #9 (permalink)
True Techie
 
Join Date: Mar 2003
Posts: 200
Default

Go to start menu > run > type in regedit and press enter. Once in registry editor, click on edit > find, or press cntrl + F, type in sysmon32.exe. It should find an entry containing sysmon32.exe in a folder called 'Run' or 'Run-', or in its own folder. Delete it and reboot.
imation is offline  
Old 07-08-2005, 06:17 PM   #10 (permalink)
Ultra Techie
 
Join Date: Apr 2004
Posts: 617
Default

taken from Symantec website



1. Click Start > Run.
2. Type regedit

Then click OK.

3. Navigate to the key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run

4. In the right pane, delete the value:

"SystemMonitor"="%System%\SYSMON32.exe"

5. Exit the Registry Editor.
__________________

__________________
AdAware | Spybot S&D 1.4 | spyware guard & spyware blaster |

How did I get infected in the first place By Tony Klein

If you use IE I suggest using thes two programs IE Hosts & IE-SPYAD


Lobos is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 01:03 PM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.