wmdmlog.exe is dirty, dirty spyware

I rarely use IE anymore except to go to my banks site, because I guess their site developers are idiots and can't manage to create a simple four page site that works in Firefox. Anyways, while I'm on their site, I decided to browse on over to some other banks to see how friendly they were to Firefox. I'll repeat that because I think it bares repeating: I'm thinking of switching banks because my bank requires IE. Anyways, I accidently searched for 5/3 (actually, +5/3) in google from IE. When I load the page it briefly displays 5/3 bank at the top, but quickly a "IntelliMover Business Edition 3.5 - 5-Pack - Dell" pops up, along with "Jurlique - 3.5 Hour Relaxation Retreat." Not good times. So I run Spy Boy. I run Adaware. Nothing. Nada. Zilch. So I start going through my processes and BHOs. Nothing out of the ordinary in the processes, but I run across wmdmlog in my process list. I do a search on the ol' web, and I learn that wmdmlog is a support file for Media Player. Let me rephrase that, wmdmlog.dll is a support file for Media Player. Time to die wmdmlog.exe. Sure, enough, problem solved.

What's amazing is that in a given week I probably spend all of 30 minutes in IE, I have a Computer Science degree and am a Microsoft Certified Solutions Developer. I'm not supposed to get his. But somewhere in the past few days, something got loaded up. I guess I can install the XP SP RC, but should I do that on my mom's machine? Probably not.

Anyways, since there are only two results for wmdmlog.exe in google right now, hopefully this post will help other people fight the good fight against the asshats of the spyware world.

2 Comments

  • Your post is confusing.



    Are you saying that something got installed on your computer from a website? And it is named the same as a Windows Media Player file (wmdmlog.exe)?



    Or are you saying the file included by default with Windows Media Player is spyware causing these popups?



    If it is a malicioius file (not the default), how did it get installed? Are you suggesting it was installed just by searching for that site?



    And what do pop-ups have to do with spyware? Are they normal browser window pop-up ads? Or are they operating system dialogs?



    You are trying to help others, but you just confused me.

  • Sorry about the Josh, I was in a bit of a hurry. The spyware got installed from some page that I accidently visited. Be it a link from spam or off something like Fark which I might have the bad habit of clicking randomly. How it got installed was probably related to one of the many unpatched holes in IE. Some popup ad or even an e-mail that I accidently opened in Outlook Web Access could install that file and set up the needed entries to get the thing loading up on bootup. I heard rumors that some banks sites were attacked. Perhaps my bank was one of them.



    It's not related to Windows Media Player besides in name only. Someone went through a list of .dlls in their system folder, and created an executable with the same name to throw people off the chase when trying to figure out what's causing the problems.



    Really all I wanted to do was make sure that if someone sees that file in their task list, and hits google up to figure out if it's good or bad, they'll know its bad. How to prevent spyware - I have no idea. I have my machine set to install all patches over night automatically, and run Firefox as my main browser. And I also send e-mails to websites that require IE. But even that hasn't kept me safe.

Comments have been disabled for this content.