Hiya, I was ripping a Nightmares On Wax CD last night circa 2002, Disc 2 DJ mix. When suddenly my virus scanner (Windows Defender) started going nuts and said I have a Trojan horse and the location was the CD drive. I removed the disc and started to remove the virus which came up incomplete. I assume that was because I removed the disc. I know Sony were a bit dodgy in the past using Trojan type software to combat DRM and installed it without permission. I ran Defender and Malware Bytes and they found nothing. I’m now stuck wondering if it was a false positive, some dodgy but not entirely harmful app on the CD or the fact I do have a Trojan. Has anyone experienced this type of behaviour on an audio CD before.
Oh I forgot the Trojan was called “AlphaAudio\AlphaPlayer.exe” .
Any help would be appreciated before I wipe the whole drive.
Google is your friend here, AlphaPlayer is indeed a DRM/copy protection gem from the early 0ties. It’s not really a false positive as the executable has properties that trigger the scanner, probably down to installation without/little user permission. Unlikely a real cause for concern, @wklie’s advice is a sound way of proceeding.
I would also do a System Restore to the previous day. That can undo changes that might have been made to the registry. You will have to temporary disable Malwarebytes for it to revert back or perform the restore from Safe Mode.
If you haven’t run the application that is on the CD you should be fine. Modern Windows devices should have autoplay turned off, so hopefully nothing ran. I also thought the Rootkit was blocked by Microsoft a long time ago.
I remember this being a Rootkit with some serious bugs in it and it was a pretty poor decision by Sony overall