Imgburn Iso

0 views
Skip to first unread message

Latanya Hariri

unread,
Aug 3, 2024, 5:40:37 PM8/3/24
to waffcortiomint

Ok so i found out the function on how to set a destination folder for .iso's when creating them w/build mode. it won't stay fixed though. When I delete the file in the source window and drop another vts folder in Drop zone I have to manually hit delte to erase the name of the destination file/folder or else it'll put it in the same folder as b4, and imgburn pops up telling you that a .iso already exists there would yiu like to replace it. So is this destination setting a 1 time thing only? also if I delete the whole destination in the file box and hit build it'll put it inside the folder where the vts files are at. So basically having a destination folder set in tools settings isn't a fixed destination as in read mode. Afaik anyway. if I'm doing something wrong or need to do something else to have the .iso's keep going to the same destination folder in build mode please let me know. Thnx.

Build mode doesn't have an automatic destination thingy like Read mode does. Read mode updates the image file name based on the volume label of the disc. Build mode uses exactly what you've written in the Destination box.

I got you. It came to fruition when I realised that there isn't going to be a automatic file name option in build mode. What happened was exactly what you suggested in a different way. i just click the folder next to the destination box in the GUI and just write in the same name as the volume label which 99.9% of the time is the file name. Then just click save and the rest is history. It'll put that .iso in the predetermined folder I chose in settings.

If I may, is there a very particular reason you haven't included a option to just save the file w/the same name as the volume label? I mean if one wants to change the file name they can do that any time, and it'll more or less be the same amount of effort except at a later date. Granted Imgburn already does mostly everything for us anyway, but I would bet most keep the volume label as the file name most of the time anyway. Thnx.

P.S. I figured out the UAC thing, but not 4 individual apps. I still haven't come across that fix for 7 yet. I just turned the whole UAC off. I mean for Pete's sake I'm the only one using my stuff anyway and I'm really not frequenting any so called bad sites to be that concerned about having Administrator Rights for my apps. Also that drop zone is a must, so it was a no brainer for me. Without that drag n drop it would of taken me way longer to convert all these vts folders I have.

I downloaded imgburn which I heard is a great program for burning ISOs from disks, ran both Kaspersky and Malwarebytes scans of the installation file and both scans indicated clean. Then executed the installation. After being unpacked...Kaspersky flagged as malicious, deleted the program and rolled back due to the damage caused by the malware. Malwarebytes at the same time blocked several websites the malware was apparently attempting to open some backdoors.

I feel stupid...not having uploaded to virus total like I usually do a file before executing...which after the fact was flagged by something like 27 or so virus engines out of 60..with all kinds of nasty malware names.

The point is this...imgburn may be a good product, but many download sites pack it with all kinds of adware, trojans, malware and who knows what else. So be careful from where you download your programs.

Still, between Kaspersky and Malwarebytes working in unison...the malware was stopped dead in its tracks, other websites blocked, the malware deleted and damage to files and registry entries rolled back.

The moral...Malwarebytes is a great program but still better to utilize in combination with another top ranked anti-virus protection. And any beware suspect programs run through total virus...when they are packed...the viruses cannot be detected until executed.

To save attachments, please click the link as shown below. You can click and drag the files to this bar or you can click the choose files, then browse to where your files are located, select them and click the Open button.

You wouldn't happen to have a link to the exact copy you downloaded or at least a link to the VirusTotal scan results handy would you? I'd really like to pass it on to the Research team for analysis (and to inspect it myself as I'm also curious to see what nasties they've packed into it; which are most likely PUPs (adware etc.) as you suspect, as that's most often what we see with such modified/bundled installers).

Wow, that is quite a few detections and based on the vendor names being used by most of the AVs that hit it, it does indeed appear to be a typical bundled installer with PUPs onboard/a downloader/installer for PUPs (not actual malware, but most likely not stuff that you want on your computer; i.e. probably some kind of adware or junk/useless software that tries to convince you to purchase it etc.).

Just for what it is worth, these imgburn download websites are all over the place..and i noticed the downloads are sometimes larger..sometimes smaller, depending on the website offering the download...the larger ones containing more malware. I have read the cleanest down load is on majorgeeks...but there is some sort of malware even in its download.

I leave it to you guys to decide if the many sites with this program should be flagged or not.....but its pretty bad when you can download a packed program that malwarebytes and antiviruses do not detect until you start installing and unpacking....and then find yourself possibly infested with all sorts of malware. I didn't even know malware in packed files was impervious to detection until I read about it after my near death experience :-)

Well, true 'packed malware' isn't really the same thing as a bundled installer (which is likely what these Imgburn installers are). When you hear the term 'packer' or 'malicious packer' etc. in technical/threat research discussions, what they're referring to is actually a specific type of compression and encryption used for obfuscating code to prevent analysis (i.e. scanning etc.) of the file's contents.

In the case of these installers, it's probably just that they're using some off-the-shelf installer package technology which isn't typically scanned by most AV/AM vendors so the bad components aren't seen directly until the installer extracts them to a temporary location in preparation for installing them (something I've seen happen often, and in fact have had Malwarebytes detect/block/quarantine such components during the install of an otherwise good/safe program, leaving me with only the program I intended to install on my system in the end).

In this case, it sounds like some of these aren't just bundling stuff directly into the package, but may also be downloading additional components to try and install them (hence the web blocks from Malwarebytes).

With all of that said, nothing stops Malwarebytes or the AV vendors from detecting these installation packages directly. It's just a matter of the Research team acquiring samples and analyzing them then generating signatures to target them, assuming they are deemed to be PUP or malicious.

Ghost....my malwarebytes blocked the backdoors.....so that no additional software could be downloaded to the computer....what Kaspersky did was to stop the malware in its tracks while it was starting to make changes to my registry entries, etc., eliminated the malware and rolled back all of the changes....so they worked in Unison. Of course if I didn't have malwarebytes, perhaps kaspersky would have blocked the backdoors itself. But I am not willing to experiment and find out :-)

I have encountered "Verify errors" at times, and even posted here about them myself, and then they go away for dozens of burns at a time. So I assume the errors are glitches with the media, which for me have fortunately been rare, very rare indeed (and I use the "good" Verbatims most of the time i.e. not their Life Series discs).

You can try another tool e.g. Nero DiscSpeed to see if it reads your disc OK, and in this case it's a movie so you can play it and it's possibly (even likely) that it will play OK in which case you can just forget about the verify error.

Now we talk about miscompares, I want to comment something that has recently happened to me. I have not enclosed the logfile along with this message because my question is more related to other thing, although the miscompare message imgburn showed me made me realize about that problem.

However, when I tried to verify the ISO image with the original disc, I received a Miscompare error message as soon the process started. The thing is that I made a checksum analysis over the ISO file aftewards and it had a different CRC32 (I have previously copied the same disc in other computer using another drive, and there I obtained another CRC, although I was able to verify the original disc, with no problem at all)

Is the first time this happens to me. I cannot understand why, considering that everything went quite fine in the copy process (Sometimes to reading speed decreased almost reaching 0X, however, I never obtained any reading errors).

I searched through the forums before posting this, and found other people with the same problem, but no definite solution was found. I'm hoping we can find one here. I'm using DVD Flick to encode the video file, then imgburn is activated and begins to burn, and here is the output log:

It has been sitting on this for the past 2 hours and 30 minutes. I was hoping it was just taking a long time, but after no changes and still 0% complete, I decided to get some help. Any advice is welcome.

Yeah, I ran into a little speed bump there, so I was going to try to avoid it, but I guess I cant. My problem there is that when I download the firmware update and attempt to update it I receive an error message with the text:

After the usual unplug/power off/change disc routine, try burning a disc with Test Mode enabled: if it works OK then we know the media is the problem; if it hangs again then the problem is your USB enclosure.

c80f0f1006
Reply all
Reply to author
Forward
0 new messages