Hello

I hope that is the communities.

First, let me apologize if my English is not very understandable ... I am French.

I come to you in relation to a problem we have right now.

Recently, we have a strong slowdown in our global network because some server send a lot of request on port 445.

After investigation, I found a Windows service "VMwareService.exe."

This process I found on both physical servers (not MV) and PC users.

This service runs the file C:\WINDOWS\System\VMwareService.exe (the file is set as a file system and hidden, and

there is no signature)

In settings, the service is in NOT_STOPPABLE and NOT_PAUSABLE.

I still managed to stop the service on one machine, and since we have no requests on port 445 from this machine.

I suppose it's a virus which pretend to be a VMWARE tool.

Could you tell me if anyone has encountered this problem and if you have an antivirus solution to fix the problem?

Thank you very much