Jump to content

Possible virus infection


Recommended Posts

I've already an open ticket (#5684720) but they're kind of slow/busy so if you can help .

I tried installing a disc authoring (Imgburn) sw that I used on Windows 7.

To my regret I did not work correctly so I ended uninstalling.

I was advised to verify the checksum and guess my installer (downloaded back in 2015) was very different from the one currently available (https://www.imgburn.com/index.php?act=download)

Did a malware scan on my old installer finding a pup while the new one looked clean

Checked my EIS setting and I realized I had excluded that file from "on demand scan" (guess I thought I could install it avoiding the pup)

A few minutes later I did a custom scan on the os drive finding nothing to worry (see scan_220525-191128.txt)

Just finished a custom scan on every storage drive and guess that old installer is indeed infected (see scan_220526-171819)

I tried following the instruction shown by ShadowPeterDude but i could not run EEK

I temporarely disabled my EIS protection and tried running from a different directory but no luck (see Immagine 2022-05-27 024314.png)

Had better luck with Farbar

 

 

Immagine 2022-05-27 024314.png

scan_220525-191128.txt scan_220526-171819.txt Addition.txt FRST.txt

Link to comment
Share on other sites

Do you had any chance to check my logs ?

Do you think there's anything suspicious ?

Can I upload the "safe" installer to have it checked?

I've been asked by "Emsisoft Customer Support" (Claude Bader) ,via email, permission to log into my Workspace .

Can i trust him ?

Is it necessary ?

Link to comment
Share on other sites

10 minutes ago, ratman said:

Do you had any chance to check my logs ?

Yes

10 minutes ago, ratman said:

Do you think there's anything suspicious ?

I see no malware or cause for concern in your FRST reports.

10 minutes ago, ratman said:

Can I upload the "safe" installer to have it checked?

You can upload the installer to VirusTotal https://www.virustotal.com/gui/home/upload and provide me the link to the VirusTotal results page.

11 minutes ago, ratman said:

I've been asked by "Emsisoft Customer Support" (Claude Bader) ,via email, permission to log into my Workspace .

Can i trust him ?

Claude, is a senior member of our customer support team.

11 minutes ago, ratman said:

Is it necessary ?

At this point in time, no it is not necessary.

Link to comment
Share on other sites

Quote

You can upload the installer to VirusTotal https://www.virustotal.com/gui/home/upload and provide me the link to the VirusTotal results page.

https://www.virustotal.com/gui/file/49aa06eaffe431f05687109fee25f66781abbe1108f3f8ca78c79bdec8753420?nocache=1

Quote

Claude, is a senior member of our customer support team.

I didn’t mean to disrespect him but these days hackers got smarter

Link to comment
Share on other sites

Thread Closed

Reason: Resolved

Private Message me to have this thread reopened.

The procedures contained in this thread are for this user and this user only. Attempting to use the instructions in this thread on a system, other than the one they were written for, could result in damaging the Operating System beyond repair. Do Not use any of the tools mentioned in this thread without the supervision of a Malware Removal Specialist.

All posters requesting Malware Removal assistance are required to follow all procedures in the thread titled "START HERE if you don't we are just going to send you back to this thread" https://support.emsisoft.com/topic/31345-start-here-if-you-dont-we-are-just-going-to-send-you-back-to-this-thread/

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...