OT Anybody else have SUIPACKD7.BPL on their system?

  • Thread starter Thread starter John Doe
  • Start date Start date
J

John Doe

Ad-Aware identifies the file SUIPACKD7.BPL as a Trojan.

Win32.TrojanPWS.OnlineGames
SUIPackD7.bpl

Doing some research, finding very little information about that.

Symantec doesn't identify it as a problem.
 
John said:
Ad-Aware identifies the file SUIPACKD7.BPL as a Trojan.

Win32.TrojanPWS.OnlineGames
SUIPackD7.bpl

Doing some research, finding very little information about that.

Symantec doesn't identify it as a problem.
Click to expand...

"SUIPack is a suite of enhanced GUI components for Delphi & C++Builder"

D7 could stand for Delphi 7 release compatible.

http://en.wikipedia.org/wiki/CodeGear_Delphi

BPL indicates a packed library.

http://www.file-extensions.org/bpl-file-extension

But whether it is the real mccoy, or a Trojan, only
a malware program can decide.

You could run it through virustotal. I've never tried
this.

http://www.virustotal.com/

Paul
 
I've got the program. The file was created in 2005. There
are some references to the Delphi Interface.

They must have the signature wrong. Why would it take 3 years
to detect this?
 
I have it as well. Recent install and scan with Ad-Aware also identifies it
as a trojan.
From digging through Backup Logs, the file on my system has been there since
Dec 05/Jan 06 and the MD5 sum for the file hasn't changed from then till
now. From my backups, it showed up after installing a whole bunch of
applications when I was building my system.

Nothing else identifies it as a problem, not even virustotal.

File on my system has MD5 sum of 470ac726b03ed74b699b8f57da3d7d79.

... I think is must be a false positive, but I am nervous about finding it.

--drb




I've got the program. The file was created in 2005. There
are some references to the Delphi Interface.

They must have the signature wrong. Why would it take 3 years
to detect this?
 
I have it as well. Recent install and scan with Ad-Aware also
identifies it as a trojan.
Click to expand...
Nothing else identifies it as a problem, not even virustotal.
Click to expand...
.. I think is must be a false positive,
Agreed.

but I am nervous about finding it.
Click to expand...

If I'm not mistaken... deleting, renaming, or moving the file can help
troubleshoot the problem. That might help identify any program that
uses it, no complaints so far.
 
LavaSoft has confirmed it is a false positive. Supposed to be corrected in
current update (0143.0007)
 
Back
Top