wmedia32.exe

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This morning I ran a virus scan and found that the file wmedia32.exe
was infected with the bloodhound virus. Norton AV could not
eliminate the file or repair it. After multiple attempts I went into
DOS, eliminated all the Norton renamed virus files and then changed
the attributes on wmedia32.exe to allow me to delete it. I could not
delete it in Windows 98 2d edition. I was able to delete the file
and the system is now working again but I am wondering what this file
is used for as I can not find any mention of it on Microsofts
homepage or by searching Microsoft.

Bob L

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use http://www.pgp.com

iQA/AwUBQgedL9jO1d2tBga8EQKVwACg5I1U95rQkdu51dcC0OUrK8 pwrhYAn0r/
UAWjCKoXKJ6rsrZ1z9jkeeqN
=0FH8
-----END PGP SIGNATURE-----

"Bob" wrote in message
...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This morning I ran a virus scan and found that the file wmedia32.exe
was infected with the bloodhound virus. Norton AV could not
eliminate the file or repair it. After multiple attempts I went into
DOS, eliminated all the Norton renamed virus files and then changed
the attributes on wmedia32.exe to allow me to delete it. I could not
delete it in Windows 98 2d edition. I was able to delete the file
and the system is now working again but I am wondering what this file
is used for as I can not find any mention of it on Microsofts
homepage or by searching Microsoft.

Bob L

Troj/Agent-BR is a password stealing Trojan
targeted at the users of the E-Gold online services.

Troj/Agent-BR usually arrives disguised as a service pack
for the E-Gold application.

The Trojan uses a fake installation Window containing E-Gold logos
and encourages the user to install the service pack.

The installation will drop a file named wmedia32.exe
to the Windows folder which when executed can steal information
about a users E-Gold account.

http://www.sophos.com/virusinfo/anal...ojagentbr.html