ratman Posted May 27 Report Share Posted May 27 I've already an open ticket (#5684720) but they're kind of slow/busy so if you can help . I tried installing a disc authoring (Imgburn) sw that I used on Windows 7. To my regret I did not work correctly so I ended uninstalling. I was advised to verify the checksum and guess my installer (downloaded back in 2015) was very different from the one currently available (https://www.imgburn.com/index.php?act=download) Did a malware scan on my old installer finding a pup while the new one looked clean Checked my EIS setting and I realized I had excluded that file from "on demand scan" (guess I thought I could install it avoiding the pup) A few minutes later I did a custom scan on the os drive finding nothing to worry (see scan_220525-191128.txt) Just finished a custom scan on every storage drive and guess that old installer is indeed infected (see scan_220526-171819) I tried following the instruction shown by ShadowPeterDude but i could not run EEK I temporarely disabled my EIS protection and tried running from a different directory but no luck (see Immagine 2022-05-27 024314.png) Had better luck with Farbar scan_220525-191128.txt scan_220526-171819.txt Addition.txt FRST.txt Link to comment Share on other sites More sharing options...
ShadowPuterDude Posted May 27 Report Share Posted May 27 Hello @ratman, Thank you for contacting Emsisoft. The ImgBurn installer has come bundled with third-party software for quite some time. Yes, it is annoying. However, the software itself is not malicious. Link to comment Share on other sites More sharing options...
ratman Posted May 27 Author Report Share Posted May 27 Thanks for your time Link to comment Share on other sites More sharing options...
ratman Posted May 27 Author Report Share Posted May 27 Do you had any chance to check my logs ? Do you think there's anything suspicious ? Can I upload the "safe" installer to have it checked? I've been asked by "Emsisoft Customer Support" (Claude Bader) ,via email, permission to log into my Workspace . Can i trust him ? Is it necessary ? Link to comment Share on other sites More sharing options...
ShadowPuterDude Posted May 27 Report Share Posted May 27 10 minutes ago, ratman said: Do you had any chance to check my logs ? Yes 10 minutes ago, ratman said: Do you think there's anything suspicious ? I see no malware or cause for concern in your FRST reports. 10 minutes ago, ratman said: Can I upload the "safe" installer to have it checked? You can upload the installer to VirusTotal https://www.virustotal.com/gui/home/upload and provide me the link to the VirusTotal results page. 11 minutes ago, ratman said: I've been asked by "Emsisoft Customer Support" (Claude Bader) ,via email, permission to log into my Workspace . Can i trust him ? Claude, is a senior member of our customer support team. 11 minutes ago, ratman said: Is it necessary ? At this point in time, no it is not necessary. Link to comment Share on other sites More sharing options...
ratman Posted May 27 Author Report Share Posted May 27 Quote You can upload the installer to VirusTotal https://www.virustotal.com/gui/home/upload and provide me the link to the VirusTotal results page. https://www.virustotal.com/gui/file/49aa06eaffe431f05687109fee25f66781abbe1108f3f8ca78c79bdec8753420?nocache=1 Quote Claude, is a senior member of our customer support team. I didn’t mean to disrespect him but these days hackers got smarter Link to comment Share on other sites More sharing options...
ShadowPuterDude Posted May 27 Report Share Posted May 27 The installer itself is not infected. Link to comment Share on other sites More sharing options...
ratman Posted May 27 Author Report Share Posted May 27 Thank goodness One more question 1)Any idea why I could not run EEK ? Link to comment Share on other sites More sharing options...
ShadowPuterDude Posted May 30 Report Share Posted May 30 EEK will not run on system with Emsisoft installed. Both use the same protection driver and with both running can cause problems. Link to comment Share on other sites More sharing options...
ratman Posted May 30 Author Report Share Posted May 30 I thought disabling/pausing EIS protection would allow it to run😅... Good to known Case closed Thx Link to comment Share on other sites More sharing options...
ShadowPuterDude Posted May 30 Report Share Posted May 30 Even when you disable/pause EIS the protection driver remains loaded. Link to comment Share on other sites More sharing options...
ShadowPuterDude Posted June 6 Report Share Posted June 6 Thread Closed Reason: Resolved Private Message me to have this thread reopened. The procedures contained in this thread are for this user and this user only. Attempting to use the instructions in this thread on a system, other than the one they were written for, could result in damaging the Operating System beyond repair. Do Not use any of the tools mentioned in this thread without the supervision of a Malware Removal Specialist. All posters requesting Malware Removal assistance are required to follow all procedures in the thread titled "START HERE if you don't we are just going to send you back to this thread" https://support.emsisoft.com/topic/31345-start-here-if-you-dont-we-are-just-going-to-send-you-back-to-this-thread/ Link to comment Share on other sites More sharing options...
Recommended Posts