antdude Posted September 9, 2012 Share Posted September 9, 2012 (edited) Hi! Overnight, I did a full/complete scan with SUPERAntiSpyware (free edition) v5.5.1016 on my very old, updated Windows XP Pro. SP3 machine. It found my D:\winstuff\DVBViewerPro\Plugins\ImportTSP.dll possibly infected. I checked this file with the online scanners and got a few hits: http://virusscan.jotti.org/en/scanresult/755c2ce89647f2b723b69668c595e8bb9a518ef2 (ClamAV) http://r.virscan.org/report/a503683f64380937f5b0fcae027020eb.html (ClamAV and Quick Heal) http://vscan.novirusthanks.org/analysis/3ebdc7637bccded62ffa4a2748513080/aW1wb3J0dHNwLWRsbA==/ (Comodo and TrendMicro) https://www.virustotal.com/file/8670f85e989e2bc330e408da6a66cdcf0f24b2345caf9c520f54649ab26f10af/analysis/1347205299/ (TrendMicro and TrendMicro-HouseCall with latest results) I don't know if this plugin is very old and I don't think I use it? Here is what my directory listing looks like: dir.exe /o:n /s D:\winstuff\DVBViewerPro\Plugins Volume in drive D is d Volume Serial Number is ... Directory of D:\winstuff\DVBViewerPro\Plugins 06/02/2012 08:01 PM <DIR> . 06/02/2012 08:01 PM <DIR> .. 09/24/2006 12:13 AM 0 DVBSource.ini 03/02/2012 01:49 AM 100,352 ImportCSV.dll 12/08/2002 10:39 AM 185,344 ImportMDB.dll 06/19/2003 01:13 AM 12,288 ImportSDX.dll 09/29/2003 02:35 PM 24,064 ImportTSP.dll 07/24/2009 08:48 AM 215,552 NetStreaming.dll 01/22/2009 02:19 AM 60,928 PostProcessor.dll 03/02/2011 03:15 AM 873 PostProcessor.ini 03/02/2011 03:22 AM 18,533 PostProcessor_ReadMe.rtf 11/05/2010 01:08 AM 556,032 PreviewW.exe 12/11/2010 08:45 PM 800,256 TSPlayer.exe 11/05/2010 01:00 AM 4,794 TSPlayer_ReadMe.rtf 06/25/2008 07:22 AM 89,600 UniStreaming.dll 03/23/2006 10:08 PM 147 unregisterASF.bat 09/24/2006 12:55 AM 283 VRPlugin.ini 15 File(s) 2,069,046 bytes Total Files Listed: 15 File(s) 2,069,046 bytes 2 Dir(s) 187,819,069,440 bytes free Is this a real infection or a false positive? Is mine outdated? If it is, then where can I get updated ones? Thank you in advance. Edited September 9, 2012 by antdude Quote Link to comment
Griga Posted September 9, 2012 Share Posted September 9, 2012 I don't know if this plugin is very old and I don't think I use it? It's a very old and out-dated plugin for importing TechniSat channellists. You won't need it. Quote Link to comment
antdude Posted September 9, 2012 Author Share Posted September 9, 2012 It's a very old and out-dated plugin for importing TechniSat channellists. You won't need it. Thanks. Do I only delete that file only? All of Import*.dll? It would be nice to clean this old mess up. Quote Link to comment
Tjod Posted September 10, 2012 Share Posted September 10, 2012 Only ImportCSV.dll (for importing and exporting channel lists as *.csv [Comma-separated values]) comes with the current DVBViewer Version. You can delete all Import*.dll Quote Link to comment
antdude Posted September 10, 2012 Author Share Posted September 10, 2012 Only ImportCSV.dll (for importing and exporting channel lists as *.csv [Comma-separated values]) comes with the current DVBViewer Version. You can delete all Import*.dll I am confused. You said delete import*.dll, but the latest DVBViewer Pro has ImportCSV.dll file. Quote Link to comment
Griga Posted September 10, 2012 Share Posted September 10, 2012 You can delete all Import*.dll. They are not mandatory. However, ImportCSV.dll might be useful if you want to rework your channellist with database software. Quote Link to comment
antdude Posted September 10, 2012 Author Share Posted September 10, 2012 You can delete all Import*.dll. They are not mandatory. However, ImportCSV.dll might be useful if you want to rework your channellist with database software. Ah OK. I will keep ImportCSV.dll file just in case. Thanks! Quote Link to comment
antdude Posted October 19, 2012 Author Share Posted October 19, 2012 I found another possible false positive, but I don't think this file is part of Pro. Several anti-malware/AV programs say DVBViewer Technisat Edition v4.5.1.28's SkystarIR.exe has an infection:http://vscan.novirusthanks.org/analysis/1ec64621d6ef0be87fa4dc09a64c9ea3/c2t5c3RhcmlyLWV4ZQ==/https://www.virustotal.com/file/e33d469de468e2480e2e6a9c1fa415b1818bf2f171eb155824bcf5b8d100438f/analysis/1350663266/http://r.virscan.org/report/6d9fc1adc42d6ca9c1302c5af2261778.htmlhttp://virusscan.jotti.org/en/scanresult/c3e68629b3849ab4a326ddb89204140cad7c5c34Malwarebytes Anti-Malware v1.65.1.1000 says it is a Spyware.Zbot.I e-mailed hackbart DVBViewer.com and support@technisat.de about it. Quote Link to comment
hackbart Posted October 19, 2012 Share Posted October 19, 2012 Yes and i already answered you: Hi, this is a classic false alarm, probably caused by thefact that the binary is upx-compressed. You do not the binary in general, sincethe infrared control is handled via the ir dll's inside the DVBViewer-pluginfolders. Christian Quote Link to comment
antdude Posted October 19, 2012 Author Share Posted October 19, 2012 (edited) Yes and i already answered you: Christian Thanks. Do I still need this file or is it very old? It is dated 4/17/2008. Edited October 19, 2012 by antdude Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.