Malware in dstream windows driver

I just got this message when trying to send the zip file over email:


Microsoft Forefront Protection for Exchange Server removed a file since it was found to be infected.

File name: “winmail.dat”

Malware name: “ExceedinglyInfected”>

Me too. i just try to download the USB driver for windows and it was quarantined and deleted by Windows Defender. How can I get a healthy copy asap? Thx, Ricardo

Hello. I tried to download the Direst Stream USB driver for windows and once downloaded it was quarantined and deleted by my Windows Defender. Could you check if it is infected pls? And if yes, how can I get a non infected copy? Thx, Ricardo

I just did a download and checked with the Windows 10 Windows Defender and it didn’t detect any problems.

FWIW I get an sha1 hash of 18B3076EB9DB23C6569942F2F3E4E42B06A26B1A and an md5 hash of E167BC047E768141FA353AD262979C71 on the download:

Whew! For a minute I thought that Microsoft had partnered with MQA.4_gif

This is my printscreen


There’s no malware or spyware loaded in our USB driver. My guess is your machines are attaching something. You should scan them to find out what.

Here’s a list of the files in our driver when downloaded.


[multiple threads on the same topic combined. Thus, this thread may read a little odd.]

Winmail.dat is not a virus. It is file is used to preserve/delineate rich text formatting. It can be automatically added when emailing a zip file or text containing an RTF file, etc. It is not harmful.

I just downloaded the driver and scanned it with a couple of virus detection programs. Everything checks out OK.

Have any of you having problems recently updated to Windows 10? The Windows 10 version pushed by Microsoft has led to a few problems for some, particularly with Outlook, and this issue may be related.

I know that it’s weird, but this is what Defender says.


Perhaps your cache (or the cache of some server along the way) is stale or corrupted. Clear your internet cache, update your Defender signatures, make sure you are getting the file from the servers. If none of that works you might use Malwarebytes or something else to scan your computer. The problem isn’t on the psaudio end.

And check that it returns identical MD5# to Ted’s.