- But there IS a Virus - steppe 09:06:05 04/25/09
(1)
- In Reply to: RE: Why is there a trojan in cMP? posted by audiozorro on April 25, 2009 at 07:02:23
It is called ahkosk or smth like that, it is discovered by Avast antivirus and is removed, but sometimes it remains, the files of virus are ntde1tect.com and autosomething. It is harmless at first, it manifests as always opening the same window after booting up, mostly C:\*folder* Also it easily migrates onto flash drive that I use for wav and cue transfer between comps.
Serge.
- RE: But there IS a Virus - Ryelands 01:17:45 04/26/09
(0)
- In Reply to: RE: But there IS a Virus posted by steppe on April 25, 2009 at 09:06:05
Serge wrote:
It is called ahkosk or smth like that . . .
Ahkosk.exe is NOT a virus or a trojan or any form of malware. There is a popular GPL automation utility called Autohotkey embedded in cMP to drive its remote control facility and ‘on-screen’ keyboard. The latter relies on a little executable whose name is the acronymn of:
A uto H ot K ey O n S creen K eyboard:
i.e. AHKOSK.exe.
These have been discussed on the forum (inc the reasons for using ahkosk in preference to Microsoft's OSK utility) and I think they are mentioned in the documentation though I haven't checked.
I don't use either facility so I've no direct experience of them. In fact, I'd prefer it if loading them was made optional to lower the memory footprint but it's not what I'd call an urgent mod. Meanwhile, see:
http://www.autohotkey.com/
and:
http://www.autohotkey.com/forum/topic18378.html
*** After posting this, I found that Uzeb has already pointed elsewhere to a thread on the "cMP is malware" rumour. I apologise for any duplication but it's worth nailing this one.
Best
Dave
Edits: 04/26/09
- RE: But there IS a Virus - Ryelands 01:17:45 04/26/09
(0)
- RE: Why is there a trojan in cMP? - Ryelands 08:26:19 04/25/09
(4)
- In Reply to: RE: Why is there a trojan in cMP? posted by audiozorro on April 25, 2009 at 07:02:23
audiozorro asked:
Why is there a trojan in cMP?
The short answer is that there isn't. There is no malware of any sort in cMP or cPlay or in any of the ancillary software recommended for cMP2 systems.
One or two users have reported that some malware detection programs issue a trojan warning when cMP is installed. However, the program's "user base" (some users have worked professionally with computers for a long time and are not inclined to light-minded risk-taking with data) have overwhelmingly discounted these warnings. Among its reasons for doing so are:
1. "False Positives" are, from time to time, inevitable when using malware detection software. As cMP is a replacement for XP's Explorer shell, the occasional "false positive" is perhaps not altogether surprising;
2. Dozens of users have installed the program time and again without any problems that could reasonably be put down to its containing malware.
3. If it did contain malware, it would probably be the only example whose author has been in regular and congenial correspondence with his "victims" for the best part of two years;
4. There is a wealth of information out there on detecting and removing "Trojan Generic" that should, aside from the above, put your mind at rest.
I hope that helps,
Dave
- What does the author have to say? - audiozorro 18:11:22 04/25/09
(3)
- In Reply to: RE: Why is there a trojan in cMP? posted by Ryelands on April 25, 2009 at 08:26:19
I am not implying that the author has deliberately planted a Trojan in his program. I am also aware that not all anti-virus software is equally capable in detecting malware.
It is also my impression that most users of cMP do not use anti-virus software on their computer player and a dedicated computer is recommended for cMP with no network or Internet capability. Thus the majority of cMP users wouldn’t be aware of a possible Trojan and if they are not connected to a network or the Internet any possible Trojan would not be an issue.
I did a search on “Trojan” and “cMP” in Computer Audio Asylum and came up with 10 records to date. I have seen nothing from the author, so I’m not convinced he is aware of these observations of malware or any possible problems. I do think it’s a bad practice to distribute a program without warning users that their anti-virus software may detect that the downloaded file is infected and that after the setup installation an anti-virus scan may report a Trojan Generic.
- RE: What does the author have to say? - Uzeb 21:19:25 04/25/09
(2)
- In Reply to: RE: What does the author have to say? posted by audiozorro on April 25, 2009 at 18:11:22
audiozorro did you see this post
http://db.audioasylum.com/cgi/m.mpl?forum=pcaudio&n=32201&highlight=trojan+in+cmp
PC XPpro TC Electronic Konnekt-8 firewire i/o, 2-Tact 2150's, Genesis 500 modified speakers, Virtual Dynamics & XLO cables
- RE: What does the author have to say? - audiozorro 18:12:09 04/26/09
(1)
- In Reply to: RE: What does the author have to say? posted by Uzeb on April 25, 2009 at 21:19:25
Thanks, I did review the earlier posts but I still felt uncomfortable especially if I had to install the cMP program on someone else’s computer. Although McAfee and Norton are the two most widely used anti-virus programs, in most independent tests there are several programs rated much higher in effectiveness and finding new viruses, whereas McAfee and Norton often lag behind.
I do feel somewhat better, more knowledgeable and I thank everyone for their comments. My solution will just be to follow the recommended setup, i.e. a dedicated computer not connected to the Internet or networked to other computers. Thus the anti-virus warning of a Trojan Generic will have no consequences, whether real, imagined or benign.
- RE: What does the author have to say? - Dawnrazor 13:53:57 04/27/09
(0)
- In Reply to: RE: What does the author have to say? posted by audiozorro on April 26, 2009 at 18:12:09
I think this a non issue. One of the posts you must have seen is the one from me with a bitdefender screen shot.
But I still run cmp on my rig. I am not worried.
And cmp is not alone. Here is a screen shot from a player that does give that warning you require. I bet he is using similar code to cics for the remote control. From the Mp3toys set up menu( I circled it in red):
Like cmp, I think this is a legit player too.
- RE: What does the author have to say? - Dawnrazor 13:53:57 04/27/09
(0)
- RE: What does the author have to say? - audiozorro 18:12:09 04/26/09
(1)
- RE: What does the author have to say? - Uzeb 21:19:25 04/25/09
(2)
- What does the author have to say? - audiozorro 18:11:22 04/25/09
(3)
Post a Followup:
