Imgburn Windows 98

0 views
Skip to first unread message

Ermelindo Klatt

unread,
Aug 3, 2024, 5:57:52 PM8/3/24
to kwazchorothy

I downloaded imgburn which I heard is a great program for burning ISOs from disks, ran both Kaspersky and Malwarebytes scans of the installation file and both scans indicated clean. Then executed the installation. After being unpacked...Kaspersky flagged as malicious, deleted the program and rolled back due to the damage caused by the malware. Malwarebytes at the same time blocked several websites the malware was apparently attempting to open some backdoors.

I feel stupid...not having uploaded to virus total like I usually do a file before executing...which after the fact was flagged by something like 27 or so virus engines out of 60..with all kinds of nasty malware names.

The point is this...imgburn may be a good product, but many download sites pack it with all kinds of adware, trojans, malware and who knows what else. So be careful from where you download your programs.

Still, between Kaspersky and Malwarebytes working in unison...the malware was stopped dead in its tracks, other websites blocked, the malware deleted and damage to files and registry entries rolled back.

The moral...Malwarebytes is a great program but still better to utilize in combination with another top ranked anti-virus protection. And any beware suspect programs run through total virus...when they are packed...the viruses cannot be detected until executed.

To save attachments, please click the link as shown below. You can click and drag the files to this bar or you can click the choose files, then browse to where your files are located, select them and click the Open button.

You wouldn't happen to have a link to the exact copy you downloaded or at least a link to the VirusTotal scan results handy would you? I'd really like to pass it on to the Research team for analysis (and to inspect it myself as I'm also curious to see what nasties they've packed into it; which are most likely PUPs (adware etc.) as you suspect, as that's most often what we see with such modified/bundled installers).

Wow, that is quite a few detections and based on the vendor names being used by most of the AVs that hit it, it does indeed appear to be a typical bundled installer with PUPs onboard/a downloader/installer for PUPs (not actual malware, but most likely not stuff that you want on your computer; i.e. probably some kind of adware or junk/useless software that tries to convince you to purchase it etc.).

Just for what it is worth, these imgburn download websites are all over the place..and i noticed the downloads are sometimes larger..sometimes smaller, depending on the website offering the download...the larger ones containing more malware. I have read the cleanest down load is on majorgeeks...but there is some sort of malware even in its download.

I leave it to you guys to decide if the many sites with this program should be flagged or not.....but its pretty bad when you can download a packed program that malwarebytes and antiviruses do not detect until you start installing and unpacking....and then find yourself possibly infested with all sorts of malware. I didn't even know malware in packed files was impervious to detection until I read about it after my near death experience :-)

Well, true 'packed malware' isn't really the same thing as a bundled installer (which is likely what these Imgburn installers are). When you hear the term 'packer' or 'malicious packer' etc. in technical/threat research discussions, what they're referring to is actually a specific type of compression and encryption used for obfuscating code to prevent analysis (i.e. scanning etc.) of the file's contents.

In the case of these installers, it's probably just that they're using some off-the-shelf installer package technology which isn't typically scanned by most AV/AM vendors so the bad components aren't seen directly until the installer extracts them to a temporary location in preparation for installing them (something I've seen happen often, and in fact have had Malwarebytes detect/block/quarantine such components during the install of an otherwise good/safe program, leaving me with only the program I intended to install on my system in the end).

In this case, it sounds like some of these aren't just bundling stuff directly into the package, but may also be downloading additional components to try and install them (hence the web blocks from Malwarebytes).

With all of that said, nothing stops Malwarebytes or the AV vendors from detecting these installation packages directly. It's just a matter of the Research team acquiring samples and analyzing them then generating signatures to target them, assuming they are deemed to be PUP or malicious.

Ghost....my malwarebytes blocked the backdoors.....so that no additional software could be downloaded to the computer....what Kaspersky did was to stop the malware in its tracks while it was starting to make changes to my registry entries, etc., eliminated the malware and rolled back all of the changes....so they worked in Unison. Of course if I didn't have malwarebytes, perhaps kaspersky would have blocked the backdoors itself. But I am not willing to experiment and find out :-)

I have downloaded the windows 10 iso from MS media creation tool. During the image download I choose architecture type to be "Both" (so you can boot in x86 or x64). And then I realized I need to customize the wim file so it could fit on my 8.5GB DVD+R. So that's why i extracted the files inside that ISO

Maybe not. Someone recently tried getting a bootable image with the guide for Windows 10 with the contents of an installation disc and it wouldn't boot. But, that may have been a UEFI issue that was resolved when he chose the proper boot type. From my experience, I've NEVER gotten a bootable disc to boot by creating it with ImgBurn in the 15 years I've been using the application.

My flash drive installation files of 2004 are less than 4 GB. But, maybe the installation in question covers both 64 bit and non versions. The USB media may have been created specifically with the version of Windows installed on the system that ran the Media Creation Tool.

No they haven't L. Even a flash drive that contains both x86 and x64 setups doesn't even fill up an 8gb flash drive. A single layer iso is just over 4gb for me for 2004. I'd have to check the exact numbers

Sent from my Pixel 3 XL using Tapatalk

Is it a screen of flashing "_" and then the whole screen become flashing colorful? I'm asking so because i tried to create an iso exactly like the guide and use it in the VM and this is what it behaved like

The last time I tried creating a boot disc was like a decade ago. I tried creating Acronis True Image bootable media and a Windows installation bootable media. But, given how long ago it was, I remember little about the results except they wouldn't boot, but I do remember never seeing the flashing results you described. Just a failure to boot the disc.

I've just starting using ImgBurn and was wondering how do you use it to create bootup CD's. I have a Windows XP service pack 2 cd and I wanted to make a backup one and I'm hoping that I could get some help on all that I need and what I need to do to do it using ImgBurn. Thanks for your time.

Your guide is great and everything goes just as you said until I go to the calculate button and after it ask me if the folder is at the root of the image and I say Yes, its says "E 15:25:56 Directory depth exceeds ISO9660 limit of 8 levels!" because it says that it is 9 levels deep. Anything I can do about this?

After making two cds and trying them out they are both non-bootable cds, even after changing the BIOS settings so that the cd drive is the first boot device but other then that it works like a windows disk should. Anyone know where I might have gone wrong? Also could I take an image of a non bootable windows disk and make it bootable?

Well I used isobuster and it said that they cds were bootable so I tried using a different machine and was able to boot to the cd. Could any differences between the machines such as age have caused the problem?

Which seems to indicate I already have SP2 in the i386. I thought I did, but began to wonder with this message. You can understand why I am frustrated right now. It has nothing to do with the ImgBurn software. Great tool, but I am confused.

If you do that, ImgBurn asks you to change "Level 1" to "Level X" and "Standard" to "DOS". I did both and it seems like the bios can still read the bootable disc, so I think ImgBurn is right. Please consider updating your post (update: thanks!).

Burned 9 discs so far, non of them bootable. The operations ended successfully each time.
Used ver 2.5.0.0 and 2.5.8.0
Ran as Admin.
Used 2 different burners.
Used a known bootable disc files as source and still did not boot.
Tried the discs on 3 different PCs, didn't boot on any of them.
Extracted boot image info from a known bootable disc.
Changed dvd brand.
Burned under windows 7 compatible setting.

I've followed that guide step by step.
Program is running under Windows 10 x64, trying to make windows 8 installation disc to be used on laptop.
Yes, I made a shortcut and changed it to windows 7 compatibility.

I did copy the files on USB stick and worked fine, but still want to make disc to give it to my sister.
I made a bootable installation disc with Imgburn couple years ago, but maybe I was using Windows 8.1 then? Not sure.

You could try the Windows Media Creator Tool, if it supports Windows 8.1. It will download the necessary files and save them as an ISO, burn to them to a disc, or create a bootable flash drive. It's what I do whenever I want to create bootable Windows discs. Or, if I have one already, I just make an image file with ImgBurn of that existing disc. If I need to add any files or folders to it, I use UltraISO and inject files/folders into the image file.

c80f0f1006
Reply all
Reply to author
Forward
0 new messages