How I got infected last time thread

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
i Did not get any prompts from BD or Voodoo, when i installed. I did not get prompts. i was not offered a custom install. They did not offer me extra stuff. (y)

thank you for replying. (y)
Thanks for your interesting post, and I am looking forward to hearing what others have to say.
Just out of curiosity, what does VirusTotal say about the installation file and/or malware files?
 

Brie

Level 10
Verified
Well-known
Jan 1, 2018
494
Thanks for your interesting post, and I am looking forward to hearing what others have to say.
Just out of curiosity, what does VirusTotal say about the installation file and/or malware files?
virustotal said what bitdefender said was a malware, was indeed a malware.

the original installation file is ok, according to virustotal. (y)

thank you for replying. (y)
 
Last edited:

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
it could be a popup from 'price watch' opera extension. but there was a malware on my PC from 'hiren's boot CD', WHIch i got from this site.

i reported it to voodooshield. they told me, no way.
Just trying to understand what happened there: hiren's boot CD is a live CD,
right? So that means when Hiren's is running, Windows is not running. So now, let's say there was malware on the Hiren's CD. None of your Windows based security software, such as BD and VS, will be able to protect you at that point in time, because they are not running. The most your security softs can do is a static scan. And if VirusTotal says it's clean, they will probably say the same, in a static scan.

Please correct me if I am misunderstanding something. :)
 

Brie

Level 10
Verified
Well-known
Jan 1, 2018
494
i downloaded hiren's boot CD software on to my PC. i did a static scan with bitdefender. it said that there was a malware in hiren's boot CD software on my PC. (y)
 
Last edited:
I

illumination

how do you operate a cable modem and/or a wifi?
Thank you @Brie for reminding some of the folks here this is a consumer forum and many users coming in are average users, and do not know how to manage a router or pi hole.

May i suggest posting this issue here: Malware Removal Assistance For Windows
And letting the community malware removal expert take a look under the hood to make sure you are good to go, he should be able to identify what it is and how you got it while helping you.
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
i downloaded hiren's boot CD software on to my PC. i did a static scan with bitdefender. it said that there was a malware in hiren's boot CD software on my PC. (y)
So did you actually install hiren software on your PC? Or the software file was just sitting there quietly and inertly on your hard disk, not doing anything?
 
Last edited:

Brie

Level 10
Verified
Well-known
Jan 1, 2018
494
So did you actually install hiren software on your PC? Or the software file was just sitting there quietly and inertly on your hard disk, not doing anything?
i made a hirens boot DVD. later i scanned with bitdefender. it found a malware from hirens
boot software iso file on my PC. it was called hiderun.jc
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
i made a hirens boot DVD. later i scanned with bitdefender. it found a malware from hirens
boot software iso file on my PC. it was called hiderun.jc
Okay, so that doesn't mean your PC is infected. It does mean you have a potentially dangerous file sitting on your hard disk, but it is inert, it is not affecting your system.
So we can blame the AV, and the voodoo Ai, for failing in static detection, just like virus total apparently failed. But on the other hand, we cannot say that your system is infected.
 
I

illumination

i made a hirens boot DVD. later i scanned with bitdefender. it found a malware from hirens
boot software iso file on my PC. it was called hiderun.jc
Some legit tools can be flagged because they can be used for malicious purposes, although as an inert file or used correctly is harmless. It's forum policy to not post for infection/help on the open board, but letting the resident trained malware removal expert help in the section I pointed you to in my other post.
 

lowdetection

Level 7
Verified
Well-known
Jul 1, 2017
317
I am sorry for what happened to you, and I appreciate your time sharing your report even if you feel bad,

I have to admit I bought that program, but, from the developer I saw not much will to solve problems, main one is incompatibility with kernel drivers from ESET along all v9 and v10,

this was some years ago, nowadays seems that program is become abandonware, a sort that many security programs lately share unfortunately :(

I started become suspicious about that program, when I saw more time spent with graphic of the site, than real content,

well, anyway, I think is not easy for developers to keep in business nowadays,

or you have huge government contractors, or huge business, or if depending on normal citizens customer is really hard, so I partly understand the non said from the dev
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Some legit tools can be flagged because they can be used for malicious purposes, although as an inert file or used correctly is harmless.
I would agree with this. Maybe the supposedly malicious file is actually a IT tool that is good in the hands of good people, and bad in the hands of bad people. If it is on Hiren's, I would bet $50 that is what it is. (Not betting, just saying I would bet :) )
 
I

illumination

I would agree with this. Maybe the supposedly malicious file is actually a IT tool that is good in the hands of good people, and bad in the hands of bad people. If it is on Hiren's, I would bet $50 that is what it is. (Not betting, just saying I would bet :) )
Example: Kali Linux "popular penetration testing" used for testing networks, if you were to drop Eset's Linux version AV on it, and run a scan, i can guarantee it will flag many of the tools as malicious.
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Anyways, I think it is unrealistic to expect an AV, or voodoo Ai, or any other detection tool to check what is inside an ISO.
When you mount the ISO, or otherwise unpack it, then it can be checked. But before that, it is a cat in a sack. You don't know what's inside.
 
I

illumination

Anyways, I think it is unrealistic to expect an AV, or voodoo Ai, or any other detection tool to check what is inside an ISO.
When you mount the ISO, or otherwise unpack it, then it can be checked. But before that, it is a cat in a sack. You don't know what's inside.
Exactly what my point was to posting what i did. Just a few posts in a thread is not enough to diagnose a system/possible infection, the user needs to post in the help section to have a deeper examination of the system.
 

Sophia Jan

Level 1
Sep 11, 2018
11
@Inkurax
mC7cTyN3.jpeg

it happens even to the best of us, and it's the very instructive story =)
Nicce thought with nice sketch
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top