Jump to content

ESET block PowerISO


Recommended Posts

ESET blocks it because it contains a possibly unsafe application (Win32/Open Candy).

hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN2629

You can enable or disable detection of these types of application.

hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN3204

Link to comment
Share on other sites

  • Administrators

The installer was replaced with a Dorkbot worm a couple of days ago. Now the download link points to a correct installer so we've removed the block.

Link to comment
Share on other sites

  • Most Valued Members

visiting the poweriso website after completion of the download I get these.

with latest definitions

17/2/2014 11:12:15 πμ	HTTP filter	file	hxxp://192.155.93.226/PowerISO5.exe	Win32/Toolbar.Conduit.R potentially unwanted application	connection terminated - quarantined	alexios-pc\alexios	Threat was detected upon access to web by the application: C:\Program Files\Internet Explorer\iexplore.exe.
17/2/2014 11:10:15 πμ	HTTP filter	file	hxxp://192.155.93.226/PowerISO5.exe	Blocked Object	connection terminated - quarantined	alexios-pc\alexios	Threat was detected upon access to web by the application: C:\Program Files\Internet Explorer\iexplore.exe.
Link to comment
Share on other sites

  • Administrators

 

visiting the poweriso website after completion of the download I get these.

with latest definitions



17/2/2014 11:12:15 πμ	HTTP filter	file	hxxp://192.155.93.226/PowerISO5.exe	Win32/Toolbar.Conduit.R potentially unwanted application	connection terminated - quarantined	alexios-pc\alexios	Threat was detected upon access to web by the application: C:\Program Files\Internet Explorer\iexplore.exe.
17/2/2014 11:10:15 πμ	HTTP filter	file	hxxp://192.155.93.226/PowerISO5.exe	Blocked Object	connection terminated - quarantined	alexios-pc\alexios	Threat was detected upon access to web by the application: C:\Program Files\Internet Explorer\iexplore.exe.

 

The log shows that you attempted to download the file twice - at 11:10 with an outdated sig. database and then at 11:12 with ESS fully up to date. I assume that you're using an older version of ESS (v5/v4), right?

Link to comment
Share on other sites

  • Most Valued Members

I (tried) downloaded twice just to check in case of false alarms.

I tried now with sign 9432.

I use the 7.0.302.26

17/2/2014 12:34:09 μμ	HTTP filter	file	hxxp://192.155.93.226/PowerISO5.exe	Win32/Toolbar.Conduit.R potentially unwanted application	connection terminated - quarantined	alexios-pc\alexios	Threat was detected upon access to web by the application: C:\Program Files\Internet Explorer\iexplore.exe.
Virus signature database: 9432 (20140217)
Rapid Response module: 3701 (20140217)
Update module: 1047 (20131023)
Antivirus and antispyware scanner module: 1419 (20140122)
Advanced heuristics module: 1147 (20140114)
Archive support module: 1190 (20140129)
Cleaner module: 1083 (20140212)
Anti-Stealth support module: 1057 (20131125)
Personal firewall module: 1168 (20131223)
Antispam module: 1027 (20131119)
ESET SysInspector module: 1240 (20131202)
Real-time file system protection module: 1006 (20110921)
Translation support module: 1145 (20131121)
HIPS support module: 1115 (20140206)
Internet protection module: 1102 (20140127)
Web content filter module: 1028 (20121113)
Advanced antispam module: 1620 (20140214)
Database module: 1046 (20131204)
Edited by pavilion_alex
Link to comment
Share on other sites

This detection is ok, the installer contains a potentially unwanted application.

And the "blocked object" detection in the OP post was blocked via/in the cloud was it not? Due to the more serious Dorkbot Worm I assume. :)

Link to comment
Share on other sites

  • Administrators

And the "blocked object" detection in the OP post was blocked via/in the cloud was it not? Due to the more serious Dorkbot Worm I assume. :)

 

Right.

Link to comment
Share on other sites

 

And the "blocked object" detection in the OP post was blocked via/in the cloud was it not? Due to the more serious Dorkbot Worm I assume. :)

 

Right.

 

Right. That's great  :)

Link to comment
Share on other sites

  • 1 year later...

Hey everyone. I just tried to d/l PowerISO again and it appears to have more malware associated with it again(Fusion.dll-potentially unwanted application)

I really love this software. Is there anyway to see what the implications are for this software?

Link to comment
Share on other sites

  • Administrators

Just for clarification, potentially unwanted applications do not carry out malicious operations, hence it's at users' discretion if they enable PUA detection or not.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...