jpgutils.dll

Friday, February 11, 2005 by Zinto | Discussion: Stardock Support General

I'm using norton antivirus and check my computer every week.
Today, my norton antivirus found spyware, jpgutils.dll from my computer.
I don't know how this file was installed in my com.
When I checked this file in google, some websites said it is normally used in converting some picture files like bmp or jpg.
I suspect this jpgutils.dll from object desktop.
Is this really from one of stardock programs? and is it necessary file to work in object desktop?
Or is it ok I get rid of this from my com?
PhlangePhace
Reply #1 Saturday, February 12, 2005 4:19 AM
Thats interesting, the exact same thing happened to me yesterday and AFAIK the only new installations over the last few days has been Stardock software.

Norton detected this file as being at risk from ABCKeylogger spyware.

I have quarantined the file but would appreciate an official word from stardock as to whether this file is part of any of their distributions or coincidental.


Posted via WinCustomize Browser/Stardock Central
Fuzzy Logic
Reply #2 Saturday, February 12, 2005 4:42 AM
jpgutils.dll is an important system file and part of Windows, do not delete it or some things will stop working! This is NAV incorrectly identifying a safe file as being at risk
Zinto
Reply #3 Saturday, February 12, 2005 10:13 AM
I think I found what component installed this file.

Hi, PhlangePhace. Did you install bootskin?

I uninstalled & reinstalled some components from stardock & check NAV (ah... what I'm doing in this weekend...)
I didn't check all of components, but I think theme manager, windowblinds, iconpackager, desktopX are ok, they don't install this file.
BUT "BOOTSKIN" installed this, when i repaired this bootskin in control panel, it reinstalled jpgutils.dll.

I think (not quite sure!) jpgutils.dll can be considered as a normal work file.
I hope I can hear official word from stardock about this happening.

Thanks a lot! PhlangePhace & Wizop Fuzzy Logic!
tjesterb
Reply #4 Saturday, February 12, 2005 11:15 AM
http://www.iamnotageek.com/a/file_info.php
Link to a list of file types, both good and bad.
Koasati
Reply #5 Saturday, February 12, 2005 12:09 PM
There's not a lot of info out there about this, but I did find 2 messageboad posts that might shed a little light on the subject...

JPGutils.dll is used by several programs not as a key logger - but as a converter library file for converting bitmaps to jpeg formats for use only as the program reguires to have it so as not to use the bitmap. Which the bitmap is a larger file and needs more to run it in the program. Thus the program fails to run due to error of file capacity. So with the conversion by the JPGutilty to a jpeg file it use's less space and the program will run as it should.
Now where is the key logger part of this - someone got confused at symantec and has yet to make the changes. Now I have seen where this Jpgutils.dll does work with a keylogger program to convert the file it would send out of ones computer.

I use JPGUtils.DLL as a tool to convert bitmaps captured from a webcam into JPEGs. I found it on PlanetSourceCode.COM and have been using it successfully for 5 years in a VB6 application I wrote.
PhlangePhace
Reply #6 Saturday, February 12, 2005 6:38 PM
Hi, PhlangePhace. Did you install bootskin?

I uninstalled & reinstalled some components from stardock & check NAV (ah... what I'm doing in this weekend...)
I didn't check all of components, but I think theme manager, windowblinds, iconpackager, desktopX are ok, they don't install this file.
BUT "BOOTSKIN" installed this, when i repaired this bootskin in control panel, it reinstalled jpgutils.dll.


Indeed I do have BootSkin installed and running.
However, I did uninstall and reinstall BootSkin to test this theory and yet the file in question has not reappeared!?

Mmm, strange



Posted via WinCustomize Browser/Stardock Central
Essencay
Reply #7 Saturday, February 12, 2005 8:10 PM
Since bootskin images are low quality 4-bit 16 color bitmap images applied when the systems video driver can only handle such an image, I don't see where a dll that converts bitmaps to jpegs would fall into play with that program.
Zinto
Reply #8 Saturday, February 12, 2005 8:59 PM
Sorry, PhlangePhace

You're right. When I reinstalled bootskin, there was no jpgutils.dll...
Hmm... Strange... That time, I didn't test bootskin by reinstalling. I did repair in control panel in windows xp (in add or remove program).

Ya... still in mystery... where did it come from?
Koasati
Reply #9 Saturday, February 12, 2005 9:49 PM
I've got it......... If you load a jpg in LogonStudio, and try to save the skin, JPGUtils.dll loads and converts the jpg to bmp....... (obviously it works both ways)
I read this in a newsgroup post by TheGreenReaper, and then confirmed it for myself using a tool called "Process Explorer".

Mystery sovled as far as I'm concerned. (If anyone wants to believe that it's spyware that activates when you save a jpg in LogonStudio, be my guest.

PhlangePhace
Reply #10 Sunday, February 13, 2005 8:25 AM
I've got it......... If you load a jpg in LogonStudio, and try to save the skin, JPGUtils.dll loads and converts the jpg to bmp.


Thats it ...repaired my LogonStudio install and indeed, the file in question has reappeared in windows/system32 folder.

Mystery solved, thanks Koasati, as I suspected this file was included in a StarDock distribution. And as you have discovered a legitimate reason for this file to be present, we can all safely assume that NAV is incorrect in identifying this file as malicious.

I wonder whether anyone has actually bothered reporting this to Symantec, for their information?


Posted via WinCustomize Browser/Stardock Central
BlueDev
Reply #11 Sunday, February 13, 2005 9:00 AM
Yet another reason I don't use Norton anymore.

Good info all around gang.
Zinto
Reply #12 Sunday, February 13, 2005 10:46 AM
I SEE!

THANKS A LOT!
Everyone is GREAT!

Please login to comment and/or vote for this skin.

Welcome Guest! Please take the time to register with us.
There are many great features available to you once you register, including:

  • Richer content, access to many features that are disabled for guests like commenting on the forums and downloading skins.
  • Access to a great community, with a massive database of many, many areas of interest.
  • Access to contests & subscription offers like exclusive emails.
  • It's simple, and FREE!



web-wc01