Joined
Aug 10, 2013
Messages
133
#1
Hi members, when i scanned my pc with EEK it found a file i just stored in my download folder to try someday.
It was Hard_Configurator 4.0.0.0 but my SHA-2569cb9a4a7892da4808908bcfe854f6ebf0d5c07fe67ad7a383cb2757b0eedf324, MD5 c83a532a9c29c18ab81b4b29954d0774 SHA-1f363a0cde31f5ebded839aed8962dc076be03f3f
were not to original ones and it is now flagged as 15/65 on virus total.
Since my browser is sandboxed there is no history or downloaded files there.
I wanted to know from which website i downloaded it. Any hints how to check that?
Didn't know which forum section would be the right one, sorry if this is the wrong one:)

Any hints?
 
Operating System
Windows 10
Are you using a 32-bit or 64-bit operating system?
64-bit (x64)
Infection date and initial symptoms
Emisoft Emergency Scan
Current issues and symptoms
None since file was not executet
Logs added to Help Request
I did not upload the FRST logs (I understand that this will increase the time need it to clean-up the PC)
Joined
Jul 29, 2018
Messages
193
OS
Windows 10
Antivirus
Avast
#2
Hi members, when i scanned my pc with EEK it found a file i just stored in my download folder to try someday.
It was Hard_Configurator 4.0.0.0 but my SHA-2569cb9a4a7892da4808908bcfe854f6ebf0d5c07fe67ad7a383cb2757b0eedf324, MD5 c83a532a9c29c18ab81b4b29954d0774 SHA-1f363a0cde31f5ebded839aed8962dc076be03f3f
were not to original ones and it is now flagged as 15/65 on virus total.
Since my browser is sandboxed there is no history or downloaded files there.
I wanted to know from which website i downloaded it. Any hints how to check that?
Didn't know which forum section would be the right one, sorry if this is the wrong one:)

Any hints?
@Andy Ful mentioned here Update - Hard_Configurator - Windows Hardening Configurator that H_C 4.0.0.0 was flagged as malicious at the beginning, so he released a corrected version later.
Maybe you downloaded the first one
 
Likes: Freki123

shmu26

Level 70
Content Creator
Verified
Joined
Jul 3, 2015
Messages
5,938
OS
Windows 10
#4
It's because he included an option somewhere for disabling Windows Defender. That made it smell like malware.
It's sort of like a really good undercover cop who looks like a thug. :)