nox06 0 Posted February 16, 2014 Posted February 16, 2014 (edited) I just downloaded powerISO from official site and eset block it think is somthing false. hxxp://postimg.org/image/eqbg0r3ut/ Edited February 16, 2014 by nox06
Nedim 9 Posted February 16, 2014 Posted February 16, 2014 ESET blocks it because it contains a possibly unsafe application (Win32/Open Candy). hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN2629 You can enable or disable detection of these types of application. hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN3204
Administrators Marcos 5,468 Posted February 16, 2014 Administrators Posted February 16, 2014 The installer was replaced with a Dorkbot worm a couple of days ago. Now the download link points to a correct installer so we've removed the block.
Most Valued Members shocked 60 Posted February 17, 2014 Most Valued Members Posted February 17, 2014 visiting the poweriso website after completion of the download I get these. with latest definitions 17/2/2014 11:12:15 πμ HTTP filter file hxxp://192.155.93.226/PowerISO5.exe Win32/Toolbar.Conduit.R potentially unwanted application connection terminated - quarantined alexios-pc\alexios Threat was detected upon access to web by the application: C:\Program Files\Internet Explorer\iexplore.exe. 17/2/2014 11:10:15 πμ HTTP filter file hxxp://192.155.93.226/PowerISO5.exe Blocked Object connection terminated - quarantined alexios-pc\alexios Threat was detected upon access to web by the application: C:\Program Files\Internet Explorer\iexplore.exe.
Administrators Marcos 5,468 Posted February 17, 2014 Administrators Posted February 17, 2014 visiting the poweriso website after completion of the download I get these. with latest definitions 17/2/2014 11:12:15 πμ HTTP filter file hxxp://192.155.93.226/PowerISO5.exe Win32/Toolbar.Conduit.R potentially unwanted application connection terminated - quarantined alexios-pc\alexios Threat was detected upon access to web by the application: C:\Program Files\Internet Explorer\iexplore.exe. 17/2/2014 11:10:15 πμ HTTP filter file hxxp://192.155.93.226/PowerISO5.exe Blocked Object connection terminated - quarantined alexios-pc\alexios Threat was detected upon access to web by the application: C:\Program Files\Internet Explorer\iexplore.exe. The log shows that you attempted to download the file twice - at 11:10 with an outdated sig. database and then at 11:12 with ESS fully up to date. I assume that you're using an older version of ESS (v5/v4), right?
Most Valued Members shocked 60 Posted February 17, 2014 Most Valued Members Posted February 17, 2014 (edited) I (tried) downloaded twice just to check in case of false alarms. I tried now with sign 9432. I use the 7.0.302.26 17/2/2014 12:34:09 μμ HTTP filter file hxxp://192.155.93.226/PowerISO5.exe Win32/Toolbar.Conduit.R potentially unwanted application connection terminated - quarantined alexios-pc\alexios Threat was detected upon access to web by the application: C:\Program Files\Internet Explorer\iexplore.exe. Virus signature database: 9432 (20140217) Rapid Response module: 3701 (20140217) Update module: 1047 (20131023) Antivirus and antispyware scanner module: 1419 (20140122) Advanced heuristics module: 1147 (20140114) Archive support module: 1190 (20140129) Cleaner module: 1083 (20140212) Anti-Stealth support module: 1057 (20131125) Personal firewall module: 1168 (20131223) Antispam module: 1027 (20131119) ESET SysInspector module: 1240 (20131202) Real-time file system protection module: 1006 (20110921) Translation support module: 1145 (20131121) HIPS support module: 1115 (20140206) Internet protection module: 1102 (20140127) Web content filter module: 1028 (20121113) Advanced antispam module: 1620 (20140214) Database module: 1046 (20131204) Edited February 17, 2014 by pavilion_alex
Administrators Marcos 5,468 Posted February 17, 2014 Administrators Posted February 17, 2014 This detection is ok, the installer contains a potentially unwanted application.
SweX 871 Posted February 17, 2014 Posted February 17, 2014 This detection is ok, the installer contains a potentially unwanted application. And the "blocked object" detection in the OP post was blocked via/in the cloud was it not? Due to the more serious Dorkbot Worm I assume.
Administrators Marcos 5,468 Posted February 17, 2014 Administrators Posted February 17, 2014 And the "blocked object" detection in the OP post was blocked via/in the cloud was it not? Due to the more serious Dorkbot Worm I assume. Right.
SweX 871 Posted February 17, 2014 Posted February 17, 2014 And the "blocked object" detection in the OP post was blocked via/in the cloud was it not? Due to the more serious Dorkbot Worm I assume. Right. Right. That's great
deawar 0 Posted September 23, 2015 Posted September 23, 2015 Hey everyone. I just tried to d/l PowerISO again and it appears to have more malware associated with it again(Fusion.dll-potentially unwanted application) I really love this software. Is there anyway to see what the implications are for this software?
Administrators Marcos 5,468 Posted September 23, 2015 Administrators Posted September 23, 2015 Just for clarification, potentially unwanted applications do not carry out malicious operations, hence it's at users' discretion if they enable PUA detection or not.
Recommended Posts