Content manager possible keylogger?
- Thread starter munckmb
- Start date
I would me more concerned with the Kaspersky software myself!
co199
Eternal Backmarker
If you read the release notes in Content Manager, there have been some changes over the last few revisions to the compression methods used in the program itself. I would venture to say you're likely seeing a false positive detection based on shared code (e.g., malicious programs use the same legit compression code that CM does).
You can check the latest scan results for CM on VirusTotal by searching for the following MD5:
07dec05b07fd0a01ef05b9f4ce021448
https://www.virustotal.com/en/file/...5a938039ba20c4892b5be72a0d3b40088ce/analysis/
As CM is open-source, you can also verify the code used in the program. I'd err on the side of caution declaring that CM contains malware without doing further research. As much as ignoring security software messages is dangerous, so is blindly trusting any detection.
You can check the latest scan results for CM on VirusTotal by searching for the following MD5:
07dec05b07fd0a01ef05b9f4ce021448
https://www.virustotal.com/en/file/...5a938039ba20c4892b5be72a0d3b40088ce/analysis/
As CM is open-source, you can also verify the code used in the program. I'd err on the side of caution declaring that CM contains malware without doing further research. As much as ignoring security software messages is dangerous, so is blindly trusting any detection.
Last edited:
co199
Eternal Backmarker
Just for everyone's edification, here are the entries relating to file compression from the last three revisions:
You can look at the notes for yourself by opening CM and going to About > Release Notes.
Code:
0.8.1350.26923
Another AV fix, now in theory it should work, for example, with Kaspersky, Avast and AVG; At least it works on my PC and in VirtualBox.
Code:
0.8.1303.26640
Urgent AV fix; Despite that it appears to be working fine, now I’ve disabled compression. Better play it safe, just in case. Maybe I’ll re-enable it later.
Code:
0.8.1303.26609
Packing changed, hopefully to solve those AV-related issuesYou can look at the notes for yourself by opening CM and going to About > Release Notes.
co199
Eternal Backmarker
No, absolutely - that's why I provided the additional information. I'm not a dev either, so "just check the source" isn't really helpful. I don't question warning lights in my cars, but I do look at the context of what the warning light is. Nothing wrong with asking a question!
Not all AV systems take all the detail that Kaspersky does... and to date Kaspersky is the only software company that has raised enough concern in the US Government that they have just specifically passed a law banning the use of the software specifically by name.
co199
Eternal Backmarker
You may not need to mark it - make sure you have the latest version of Content Manager and the latest definition set for Kaspersky. I just rescanned the executable on VirusTotal and it wasn't detected; granted VT isn't a direct representation of every installation, but I'd update just to be sure.
You are ignorant! I would be more concern to fly to uk cause I can be call GRU agent!You are ignorant and selfish !What shame full of stereotype!
Did you read his other post, in which he clarifies the reason for concern? It's not a "Russian software = malware" thing at all - it's a "this software has been explicitly highlighted as untrustworthy" thing.
Regardless of whether or not you personally trust the people issuing the warning, that's simply not stereotyping.
Holy 2017 Batman!
You are absolutely spot on. I am ignorant and selfish. However that doesn't change the fact that Kaspersky was internationally flagged as untrusted at the time I made that post.
https://uk.reuters.com/article/us-u...t-ban-on-kaspersky-lab-software-idUKKBN1E62V4
