Jump to content
fpefpe

malware/bloatware?

Recommended Posts

Hello -- Is there a reason why everytime I download the imgburn setup file  Norton Security (NS) keep deleting it? 

Share this post


Link to post
Share on other sites

Probably, Norton is flagging it as a PUP (Potentially Unwanted Program) vector.

Share this post


Link to post
Share on other sites

Hello --  Thanks for the info ...  NS  marks it as high   risk --- here is the info from NS  -- 

 

 

Filename:  setupimgburn_2.5.8.0.exe Threat name:  Trojan.Gen.2Full Path:
c:\users\frank\appdata\local\temp\setupimgburn_2.5.8.0.exe
 
On computers as ofá 2/11/2018 at 10:09:04 AM
 
Last Usedá 2/11/2018 at 10:22:41 AM
 
Startup Itemá No
 
Launchedá No
 
Threat type:  Virus.  Programs that infect other programs, files, or areas of a
computer by inserting themselves or attaching themselves to that medium.
 
 
setupimgburn_2.5.8.0.exe Threat name:  Trojan.Gen.2 Locate
 
Many Users Tens of thousands of users in the Norton Community have used this
file.
 
Mature This file was released 8 months ago.
 
High This file risk is high.
 
Source:  External Media
 
File Created:  setupimgburn_2.5.8.0.exe
 
____________________________
 
File Actions
 
Infected file:  c:\users\frank\appdata\local\temp\ setupimgburn_2.5.8.0.exe
Removed ____________________________
 
 
File Thumbprint - SHA:
d7dea2819edc77bc44db637cd324e61942b54930cb3034f8f1a417b7dd27b514 File Thumbprint
- MD5:  0b4c94f8480f8cd13e160bceaaaa8b29

Share this post


Link to post
Share on other sites

Where are you downloading it from?  Try one of the mirrors here: http://imgburn.com/index.php?act=download They all can't be corrupt.  If NS still flags each one from all 7 mirrors, it's probably a false positive.  It's not like Norton AV has NEVER had a false positive.  I know that from experience.

Share this post


Link to post
Share on other sites

Hello -- Thanks for the reply .... I did the download from  from the last  mirror, the imgburn mirror -- in addition  I check the sha1  digest with no issue 

I have kaspersky IS  on another computer and that  a/v has no issue with it 

Share this post


Link to post
Share on other sites

Hello -- I just did a download from the  first mirror and got this  file 

 

Setup_ImgBurn_2.5.8.0_dlm.exe
 
the sha1 digests DONT match from  the posted value on the download page  -- 6FC013ED5944B13EFC54648699EA80F304E37AD0

Share this post


Link to post
Share on other sites

LUK fielded another post similar to that about mismatching hashes.  He said they actually were matching.  I never do hash comparisons so it's beyond my expertise to comment any further.

Share this post


Link to post
Share on other sites

Yeah, in other words, the author of the software, LUK, will have to address that as I have no knowledge of the hashes.  Sorry.

Share this post


Link to post
Share on other sites

To me, dlm means download manager.

 

That's *not* the ImgBurn setup file.

 

Perhaps you clicked on an advert by mistake? The do often look like a legitimate download button.

Share this post


Link to post
Share on other sites

Yes, that sound like a wraparound.  In fact, if you click the first mirror, like the OP apparently did, you get a page with a Download button that says Download Manager Enabled.

 

 

Try the last mirror, the "official" ImgBurn download mirror, and compare hash info.  The file it distributes is SetupImgBurn_2.5.8.0.exe.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×