Re: Possible virus? mpg4ds32.ax
From: Rain Man (RainMan_at_discussions.microsoft.com)
Date: 09/29/05
- Next message: Fitz: "Re: Possible virus? mpg4ds32.ax"
- Previous message: Zvi Netiv: "Re: Boot Malmo removal from a USB Mem Stick???"
- Maybe in reply to: David H. Lipman: "Re: Possible virus? mpg4ds32.ax"
- Next in thread: Fitz: "Re: Possible virus? mpg4ds32.ax"
- Reply: Fitz: "Re: Possible virus? mpg4ds32.ax"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 29 Sep 2005 09:06:02 -0700
Please note the official (new) Microsoft file shows the following information:
File version: 8.0.0.4487
Description: Microsoft MPEG-4 Video Decompressor
Copyright: Copyright (C) Microsoft Corp. 1996 – 2001
Company: Microsoft Corporation
File Version: 8.00.00.4487
Internal Name: mpg4ds32.ax
Language: English (United States)
Original File name: English (United States)
Product Name: Microsoft MPEG-4 Video Decompressor
Product Version: 8.00.00.4487
For Fitz’s benefit: I did NOT just download it off some random website nor
do I ever do so. I always get original files from the file creator’s
official site. If you read my post, you would note that it came packaged
inside of IPview software version 5 which Dlink packages with their DCS900 &
DCS900W web security cameras. This is not a file people would simply
randomly download in normal cases and had I not received a warning about the
file being replaced by the IPview installer I would not have known either.
The reason I posted to this forum is to see if anyone else had heard of this
happening and why someone would hack the file information of this file.
Also, I was hoping that someone from MS would be interested in figuring out
who did this so as to not confuse their less knowledgeable customers. A
technical article may be appropriate here and / or having Microsoft Update
scan for the hacked file. I don’t believe they digitally sign the correct
file which would reduce the likelihood that a file would be able to be
modified.
"David H. Lipman" wrote:
> From: "Rain Man" <RainMan@discussions.microsoft.com>
>
> | This is a report processed by VirusTotal on 09/29/2005 at 06:27:37 (CET)
> | after scanning the file "mpg4ds32.ax" file.
> | Antivirus Version Update Result
> | AntiVir 6.32.0.6 09.28.2005 no virus found
> | Avast 4.6.695.0 09.27.2005 no virus found
> | AVG 718 09.27.2005 no virus found
> | Avira 6.32.0.6 09.28.2005 no virus found
> | BitDefender 7.2 09.29.2005 no virus found
> | CAT-QuickHeal 8.00 09.28.2005 no virus found
> | ClamAV devel-20050917 09.29.2005 no virus found
> | DrWeb 4.32b 09.28.2005 no virus found
> | eTrust-Iris 7.1.194.0 09.28.2005 no virus found
> | eTrust-Vet 11.9.1.0 09.28.2005 no virus found
> | Fortinet 2.48.0.0 09.28.2005 suspicious
> | F-Prot 3.16c 09.28.2005 no virus found
> | Ikarus 0.2.59.0 09.28.2005 no virus found
> | Kaspersky 4.0.2.24 09.29.2005 no virus found
> | McAfee 4592 09.28.2005 no virus found
> | NOD32v2 1.1236 09.28.2005 no virus found
> | Norman 5.70.10 09.28.2005 no virus found
> | Panda 8.02.00 09.28.2005 no virus found
> | Sophos 3.98.0 09.29.2005 no virus found
> | Symantec 8.0 09.28.2005 no virus found
> | TheHacker 5.8.2.116 09.28.2005 no virus found
> | VBA32 3.10.4 09.21.2005 no virus found
> |
>
>
> I'd say that it is NOT malware.
>
> Just malcontent: "Copyright: Copyright Microcrap Corp. 1996-1999"
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> http://www.ik-cs.com/got-a-virus
- Next message: Fitz: "Re: Possible virus? mpg4ds32.ax"
- Previous message: Zvi Netiv: "Re: Boot Malmo removal from a USB Mem Stick???"
- Maybe in reply to: David H. Lipman: "Re: Possible virus? mpg4ds32.ax"
- Next in thread: Fitz: "Re: Possible virus? mpg4ds32.ax"
- Reply: Fitz: "Re: Possible virus? mpg4ds32.ax"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
