[solved] Windows Defender killed DirectShow dll (1 Viewer)

E

Eaglehawk

MP Donator
  • Premium Supporter
    • September 12, 2015
    28
    9
    52
    Home Country
    Australia Australia
    I'm pretty sure it's a false positive:

    TrojanSpy:Win32/Skeeyah.A!rfn

    C:\Program Files (x86)\Team MediaPortal\MP2-Client\Plugins\VideoPlayers\DirectShowWrapper.dll
     
    HTPCSourcer

    HTPCSourcer

    Retired Team Member
  • Premium Supporter
    • May 16, 2008
    11,382
    2,369
    Home Country
    Germany Germany
    Eaglehawk said:
    I'm pretty sure it's a false positive:
    C:\Program Files (x86)\Team MediaPortal\MP2-Client\Plugins\VideoPlayers\DirectShowWrapper.dll
    Click to expand...
    Well, I am not. ;)

    I don't get an an alert here when explicitely testing the file with Defender. The file on my system is version 2.16.4.7790 with a size of 257 kB
     
    HTPCSourcer

    HTPCSourcer

    Retired Team Member
  • Premium Supporter
    • May 16, 2008
    11,382
    2,369
    Home Country
    Germany Germany
    OK, the latest available definitions (from today) trigger the same alert here. I did update this morning when the new definitions were not yet available.

    47 of 56 online scanners have no issue with it, the others suspect some keylogging elements. I believe that you can safely ignore the alert.
     
    E

    Eaglehawk

    MP Donator
  • Premium Supporter
    • September 12, 2015
    28
    9
    52
    Home Country
    Australia Australia
    I agree, let's hope it doesn't kill too many MP2 installs :)
     
    J

    JohnHind

    Portal Member
    August 3, 2013
    17
    4
    67
    Home Country
    United Kingdom United Kingdom
    I'm seeing this too - reluctant to just take a majority verdict of virus scanners particularly when reputible ones like Kaspersky are reporting it - maybe the others are just slower to update? Could MediaPortal team scan a known good version to confirm this is false positive? Maybe also publish a checksum so we can be sure this is not a targeted attack with someone slipping in a "ringer" file?
     
    J

    JohnHind

    Portal Member
    August 3, 2013
    17
    4
    67
    Home Country
    United Kingdom United Kingdom
    @Eaglehawk - That is the hash of the file that EMSIsoft say is infected! I meant the hash of the file that MediaPortal team officially distribute and stand by as safe. If it is a false positive, the file will be the same, but if it is a ringer someone else has infiltrated after instalation, then it would be different and probably the same as the one EMSIsoft tested. However, for the record my copy of the file matches the EMSIsoft report.
     
    HTPCSourcer

    HTPCSourcer

    Retired Team Member
  • Premium Supporter
    • May 16, 2008
    11,382
    2,369
    Home Country
    Germany Germany
    @morpheus_xx ,

    I don't think that we have changed the file since we released Spring 16.

    Any comments?
     
    TiVo

    TiVo

    Portal Member
    June 6, 2016
    11
    0
    Fareham Hampshire UK
    Home Country
    Great Britain (UK) Great Britain (UK)
    I installed MP 2 for the first time from the official download over the last week.
    One as client / server to a 64 bit Windows 10 (upgrade from 7).
    One as a client to a 64 bit Windows 10 (upgrade from 7).
    One as a client to a 64 bit Windows 10 new purchase OEM.

    All three had Windows Defender quarantine C:\Program Files (x86)\Team MediaPortal\MP2-Client\Plugins\VideoPlayers\DirectShowWrapper.dll as above.
     

    Users who are viewing this thread

    Online now: 2 (members: 0, guests: 2)

    Similar threads

    Mainhattan Olli
    MP1 MP2 MP2 Server Dienst beendet DE
    So langsam bin ich mit meinem Latein echt am Ende. Jetzt habe ich zwei verschiedene Asus MBs (B660 Plus D4 und B760Plus D4 getestet mit dem i3 14100 und 2x16GB RAM - 3200). Alternativ habe ich einen alten Rechner mit einem i5 4. Generation neu installiert und habe immer den Fehler dass der MP 2.5 Server nach ca 30 Minuten nicht mehr...
    So langsam bin ich mit meinem Latein echt am Ende. Jetzt habe ich zwei verschiedene Asus MBs (B660 Plus D4 und B760Plus D4 getestet...
    Seit ein paar Tagen habe ich Probleme mit meinem MP2 Server. Folgende Fehlermeldungen habe ich in der Windows Ereignisanzeige unter...
    Replies
    3
    Views
    974
    Mainhattan Olli
    Mainhattan Olli
    osre
    MP1 MP2 MP 2.4.1 won't start DE
    I avoid touching that system as long as it runs. Now that 2.4.1 seems to run again, I probably wait for the next issue.
    I avoid touching that system as long as it runs. Now that 2.4.1 seems to run again, I probably wait for the next issue.
    Hi, I have just upgraded from MP 2.2.2 to MP 2.4.1, and now the client won't start. I see the splash screen, and then it just...
    Replies
    3
    Views
    2K
    osre
    osre
    B
    MP1 MP2 TvControl.RemoteControl.set_InstanceLocal error after 1.37 install DE
    Thank, very helpful. My download was done today from the link on Download MediaPortal for free! - MEDIAPORTAL but is the initial release MediaPortalSetup_x86_1.37.000_2025-04-14-08-37.zip. The page MediaPortal 1.37 Release - MEDIAPORTAL has a more recent link, MediaPortalSetup_x86_1.37.000_2025-05-03-18-19.zip. I've now installed...
    Thank, very helpful. My download was done today from the link on Download MediaPortal for free! - MEDIAPORTAL but is the initial...
    I updated to 1.37 (x86) today, and the TV service is now failing to start. TVService.log has this line: Tvservice stopped due to...
    Replies
    2
    Views
    1K
    bryankitts
    B
    A
    MP1 MP2 Volume Control Configuration DE
    Any other suggestions for this?
    Any other suggestions for this?
    I have Flirc and the Skip 1s remote sending volume +/- events. I prefer to rely on just the Windows volume control so in...
    Replies
    4
    Views
    2K
    Aridyme
    A
    C
    MP1 MP2 Clean and modernize the repo DE
    If you’re planning to submit a pull request, let’s go through the list of issues and their solutions. I or someone from the team will create a Jira ticket, and for each ticket, you’ll make the changes and submit a pull request. This will be transparent and straightforward.
    If you’re planning to submit a pull request, let’s go through the list of issues and their solutions. I or someone from the team...
    I'm very glad to see that mediaportal 1 is on github, where ordinary devs with github accounts can make contributions. Please can...
    Replies
    7
    Views
    1K
    ajs
    ajs

    About The Project

    The vision of the MediaPortal project is to create a free open source media centre application, which supports all advanced media centre functions, and is accessible to all Windows users.

    In reaching this goal we are working every day to make sure our software is one of the best.

             

    Quick Navigation

    Support MediaPortal!

    The team works very hard to make sure the community is running the best HTPC-software. We give away MediaPortal for free but hosting and software is not for us.

    Care to support our work with a few bucks? We'd really appreciate it!

    Community platform by XenForo® © 2010-2021 XenForo Ltd.
    Top Bottom