WINAMP.COM | Forums : Powered by vBulletin version 2.3.9 WINAMP.COM | Forums > Winamp iPod Plugin Discussion > Malware? "ml_ipod\Process.exe"
  Last Thread   Next Thread
Author
Thread Post New Thread    Post A Reply
Nos402
Junior Member

Registered: Dec 2004
From:

Malware? "ml_ipod\Process.exe"

So Adaware is reporting that C:\Program Files\Winamp\Plugins\ml_ipod\Process.exe is "malware" of the win32.Trojan.KillProc family

This seems odd. Is this a mistake on Adaware's part or is there really some malware in ml_ipod?

Quick Link | Report this post to a moderator | IP: Logged

Nos402 is offline Old Post 03-12-2008 12:25 AM
Click Here to See the Profile for Nos402 Click here to Send Nos402 a Private Message Click Here to Email Nos402 Find more posts by Nos402 Add Nos402 to your buddy list Edit/Delete Message Reply w/Quote
Stupifier
Major Dude

Registered: Nov 2005
From:

Thats very unlikely. The only people who have been contributing code to ml_iPod for the past few years have been Abu and FatCerebrus1. I don't really see how any malware could get into ml_iPod. Strange though, thanks for bringing it up. I would do this if you want to be sure.

1. Uninstall ml_iPod
2. Run Adaware and remove any malware ect.
3. Re-download and reinstall ml_iPod (and make sure you download from http://mlipod.sourceforge.net/patches)
4. Run Adaware again and check it out.

Report back your findings. My guess is its nothing or you downloaded ml_iPod from a really bad place.

Quick Link | Report this post to a moderator | IP: Logged

Stupifier is offline Old Post 03-12-2008 01:45 AM
Click Here to See the Profile for Stupifier Click here to Send Stupifier a Private Message Click Here to Email Stupifier Find more posts by Stupifier Add Stupifier to your buddy list Edit/Delete Message Reply w/Quote
Nos402
Junior Member

Registered: Dec 2004
From:

I always download directly from the sourceforge page. Anyway, I let Adaware quarantine the file, then re-installed ml_ipod to replace the process.exe. I then ran adaware again and it didn't find anything, so I'm baffled!

Quick Link | Report this post to a moderator | IP: Logged

Nos402 is offline Old Post 03-12-2008 04:42 AM
Click Here to See the Profile for Nos402 Click here to Send Nos402 a Private Message Click Here to Email Nos402 Find more posts by Nos402 Add Nos402 to your buddy list Edit/Delete Message Reply w/Quote
Bilbo9955
Senior Member

Registered: Jan 2007
From:

Did you look at the details of the reported virus? Most programs, to try and detect still unknown viruses, look for a pattern that might be a virus. I have had this numerous times with my virus software, although not with ml_ipod. When you look at the details, it says that it has detected a potential virus but to be careful as it is not sure. This may be the case here.

Quick Link | Report this post to a moderator | IP: Logged

Bilbo9955 is offline Old Post 03-12-2008 02:33 PM
Click Here to See the Profile for Bilbo9955 Click here to Send Bilbo9955 a Private Message Find more posts by Bilbo9955 Add Bilbo9955 to your buddy list Edit/Delete Message Reply w/Quote
abu
mlipod moderator
(Senior Member)

Registered: Jun 2005
From: Germany

The process.exe is used to kill the Apple iTunesHelper.exe when ml_ipod starts, to prevent iTunes from opening when you attach your iPod. So it is a "dangerous" tool as it allows to kill running processes. But it's definitely no malware.
If you are uneasy about that, you can simply remove the file. ml_ipod will still run, but it can't kill the iTunes app then.

__________________
WinAmp Pro 5.5 with ml_iPod 3.08 + dev.patches (download it)
ml_iPod documentation Wiki - ml_iPod FAQ - search ml_iPod forum - iPhone/iTouch - Found a bug?
Donations to support the ml_iPod project can be done HERE

Quick Link | Report this post to a moderator | IP: Logged

abu is offline Old Post 03-12-2008 03:00 PM
Click Here to See the Profile for abu Click here to Send abu a Private Message Visit abu's homepage! Find more posts by abu Add abu to your buddy list Edit/Delete Message Reply w/Quote
Galileo2005
Junior Member

Registered: Jul 2007
From: Greece

I have a similar problem with nod32. It blocks me from downloading version 3.03, 3.04 from sourceforge because of "Win32/PrcView application" as it says. It is probably a false alarm and i think it will go away in the next virus definition update but you might wana contact eset if it doesn't.

Quick Link | Report this post to a moderator | IP: Logged

Galileo2005 is offline Old Post 03-28-2008 07:14 AM
Click Here to See the Profile for Galileo2005 Click here to Send Galileo2005 a Private Message Click Here to Email Galileo2005 Find more posts by Galileo2005 Add Galileo2005 to your buddy list Edit/Delete Message Reply w/Quote
All times are GMT. The time now is 09:50 PM. Post New Thread    Post A Reply
  Last Thread   Next Thread
WINAMP.COM | Forums : Powered by vBulletin version 2.3.9 WINAMP.COM | Forums > Winamp iPod Plugin Discussion > Malware? "ml_ipod\Process.exe"
Show Printable Version
 | 
Email this Page
 | 
Subscribe to this Thread

Forum Jump:
 

Forum Rules:
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts 		HTML code is off
vB code is ON
Smilies are ON
[IMG] code is ON