MidiDef32.exe- WHAT IS IT?

[Fred S]

Hi folks,

Working on a PC and found this file in the startup group, MidiDef32.exe ---

This file is located in the Windows\System folder and it shows up with
the name of "Firewall Policy"

I've searched Google, Yahoo, Search.com, etc. and nothing is reported
for this file.

Does anyone know what it is and if it is OK? Virus checks are negative.

Thanks, Fred

 

[S.Sengupta]

It's related to Soundblaster Audigy driver.

regards,
S.Sengupta[MS-MVP]

 

[Fred S]

Are you sure? This file does NOT appear at all using any search engine,
it is 22kb in size, and has a date of 10/24/2005 - the day when the PC
I'm working on started to have all of its problems.

Also, this is an old HP PC with onboard sound - not Audigy.

Fred

It's related to Soundblaster Audigy driver.

regards,
S.Sengupta[MS-MVP]

Hi folks,

Working on a PC and found this file in the startup group,
MidiDef32.exe ---

This file is located in the Windows\System folder and it shows up with
the name of "Firewall Policy"

I've searched Google, Yahoo, Search.com, etc. and nothing is reported
for this file.

Does anyone know what it is and if it is OK? Virus checks are negative.

Thanks, Fred

 

[Malke]

Are you sure? This file does NOT appear at all using any search
engine, it is 22kb in size, and has a date of 10/24/2005 - the day
when the PC I'm working on started to have all of its problems.

Also, this is an old HP PC with onboard sound - not Audigy.

Fred

You can submit the file to Virus Total:
http://www.virustotal.com/flash/index_en.html

In the meantime I would certainly move it out of Startup and use Dave
Lipman's Multi-AV or Sysclean. Then go through other malware removal
steps (which include Sysclean instructions) here:

http://www.elephantboycomputers.com/page2.html#Removing_Malware
http://www.ik-cs.com/multi-av.htm - Dave Lipman's Multi-AV

Malke

 

[Fred S]

Fred S wrote:




You can submit the file to Virus Total:
http://www.virustotal.com/flash/index_en.html

In the meantime I would certainly move it out of Startup and use Dave
Lipman's Multi-AV or Sysclean. Then go through other malware removal
steps (which include Sysclean instructions) here:

http://www.elephantboycomputers.com/page2.html#Removing_Malware
http://www.ik-cs.com/multi-av.htm - Dave Lipman's Multi-AV

Malke

Thanks Malke,

I've checked it with three separate virus programs (AVG, eTrust, &
F-Prot (DOS) ) and report is negative.

I did send it on to Virus Total and will post back. Also, already
removed it from Startup (it was in HKLM Run) and so far so good - I
don't see anything different so far which is good.

Thanks, again, Fred

 

[Fred S]

Thanks Malke,

I've checked it with three separate virus programs (AVG, eTrust, &
F-Prot (DOS) ) and report is negative.

I did send it on to Virus Total and will post back. Also, already
removed it from Startup (it was in HKLM Run) and so far so good - I
don't see anything different so far which is good.

Thanks, again, Fred

Malke,

Just for your info, Virus Total reported a few positives for infection -
they say it showed up on Bit Defender, Fortinet, Ikarus, Nod32, Norman,
Panda, Sophos, and VBA32 - it does not get identified in all of the
other AV programs, including the so called "majors."

I submitted a sample file to eTrust (CA) and they said it appears
suspicious and will get back to me.

Thanks for your help, Fred

 

[Malke]

Fred S wrote:

Malke,

Just for your info, Virus Total reported a few positives for infection
- they say it showed up on Bit Defender, Fortinet, Ikarus, Nod32,
Norman, Panda, Sophos, and VBA32 - it does not get identified in all
of the other AV programs, including the so called "majors."

I submitted a sample file to eTrust (CA) and they said it appears
suspicious and will get back to me.

Thanks for your help, Fred

Cool. Thanks for the information.

Malke