wmedia106.exe

haps · Jun 19, 2008

I can't respond to this thread (probably because I'm a new user so I don't bump the thread to the bottom. I'm new here so I don't know)

I work for a large company that is infected by this same problem. We have seen the same processes along with some others. It's a mess. Netstats find several connections through ports like 33333. I believe this is a trojan and a botnet. Our AV company hasn't found anything for us yet.

So far the only truly malicious thing that has happened besides, of course, all the traffic that is being pushed out (probably company data, and certainly user accounts/passwords) is one of our network admins had his profile deleted.

If anyone is experiencing this issue and wants to compare notes, you can email me at hapseh (at) gmail. Thanks! I will edit this with any new info.

chaslang · Jun 19, 2008

Welcome to Major Geeks!

haps said: ↑

I can't respond to this thread (probably because I'm a new user so I don't bump the thread to the bottom. I'm new here so I don't know)
Click to expand...

No it has nothing to do with being a new user. In the malware forum, normal users can only post in their own threads.

Please follow the instructions in the below link and attach the requested logs when you finish these instructions. If something does not run, write down the info to explain to us later but keep on going. Do not assume that because one step does not work that they all will not.

READ & RUN ME FIRST. Malware Removal Guide

Log in or Sign up

wmedia106.exe

haps Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member