Hello,
Due to issues to boot from an old outdated Windows XP, where maybe some of my older photo album books resides, and the very restricted recovery console under XP x64, I was curious on other options to boot into that computer to recover the system from the BSOD eventually. Therefore I stumbled besides linux and bartPE alternative options to Windows RE on MDOP, DaRT, ERD and a MDRT from Microsoft. I saw a Trial Download on a german computer magazine, called CHIP. They offering the MDRT ISO on therir web portal as a download. They decided to put every download into a kind of drive-by-adware installer, that offers a installation of kaspersky antivirus and an Icon, maybe a desktop link to a web portal. Here is the Link: https://www.chip.de/downloads/Microsoft-Diagnostics-and-Recovery-Toolset_35181963.html
The CHIP-Installer was blocked by Cisco Immunet 7, cloud based on access AntiVirus software with integrated ClamAV open--source scanner. ClamAV detected it as "Clam.Win.Dropper.Miner-7086571-0". So I uploaded it to Virus-Total, and it was detected by 32 out of 69 antivirus software.
I then tried for the first time sandboxie, but it doesn't starts the CHIP-Installer at all. A flashing Splash came up, and it wasn't easy at all to capture it by a screenshot. It was an information about UAC. Then every process in that sandbox was killed.
Is there a way to screen recording the session, or keep informational Splash screen as long on screen as one need to read them? Also can one configure sandboxie to run that CHIP-Installer?
TIA Iarsin