nox06 0 Posted February 16, 2014 Share Posted February 16, 2014 (edited) I just downloaded powerISO from official site and eset block it think is somthing false. hxxp://postimg.org/image/eqbg0r3ut/ Edited February 16, 2014 by nox06 Link to comment Share on other sites More sharing options...
Nedim 9 Posted February 16, 2014 Share Posted February 16, 2014 ESET blocks it because it contains a possibly unsafe application (Win32/Open Candy). hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN2629 You can enable or disable detection of these types of application. hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN3204 Link to comment Share on other sites More sharing options...
Administrators Marcos 5,257 Posted February 16, 2014 Administrators Share Posted February 16, 2014 The installer was replaced with a Dorkbot worm a couple of days ago. Now the download link points to a correct installer so we've removed the block. Link to comment Share on other sites More sharing options...
Most Valued Members shocked 60 Posted February 17, 2014 Most Valued Members Share Posted February 17, 2014 visiting the poweriso website after completion of the download I get these. with latest definitions 17/2/2014 11:12:15 πμ HTTP filter file hxxp://192.155.93.226/PowerISO5.exe Win32/Toolbar.Conduit.R potentially unwanted application connection terminated - quarantined alexios-pc\alexios Threat was detected upon access to web by the application: C:\Program Files\Internet Explorer\iexplore.exe. 17/2/2014 11:10:15 πμ HTTP filter file hxxp://192.155.93.226/PowerISO5.exe Blocked Object connection terminated - quarantined alexios-pc\alexios Threat was detected upon access to web by the application: C:\Program Files\Internet Explorer\iexplore.exe. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,257 Posted February 17, 2014 Administrators Share Posted February 17, 2014 visiting the poweriso website after completion of the download I get these. with latest definitions 17/2/2014 11:12:15 πμ HTTP filter file hxxp://192.155.93.226/PowerISO5.exe Win32/Toolbar.Conduit.R potentially unwanted application connection terminated - quarantined alexios-pc\alexios Threat was detected upon access to web by the application: C:\Program Files\Internet Explorer\iexplore.exe. 17/2/2014 11:10:15 πμ HTTP filter file hxxp://192.155.93.226/PowerISO5.exe Blocked Object connection terminated - quarantined alexios-pc\alexios Threat was detected upon access to web by the application: C:\Program Files\Internet Explorer\iexplore.exe. The log shows that you attempted to download the file twice - at 11:10 with an outdated sig. database and then at 11:12 with ESS fully up to date. I assume that you're using an older version of ESS (v5/v4), right? Link to comment Share on other sites More sharing options...
Most Valued Members shocked 60 Posted February 17, 2014 Most Valued Members Share Posted February 17, 2014 (edited) I (tried) downloaded twice just to check in case of false alarms. I tried now with sign 9432. I use the 7.0.302.26 17/2/2014 12:34:09 μμ HTTP filter file hxxp://192.155.93.226/PowerISO5.exe Win32/Toolbar.Conduit.R potentially unwanted application connection terminated - quarantined alexios-pc\alexios Threat was detected upon access to web by the application: C:\Program Files\Internet Explorer\iexplore.exe. Virus signature database: 9432 (20140217) Rapid Response module: 3701 (20140217) Update module: 1047 (20131023) Antivirus and antispyware scanner module: 1419 (20140122) Advanced heuristics module: 1147 (20140114) Archive support module: 1190 (20140129) Cleaner module: 1083 (20140212) Anti-Stealth support module: 1057 (20131125) Personal firewall module: 1168 (20131223) Antispam module: 1027 (20131119) ESET SysInspector module: 1240 (20131202) Real-time file system protection module: 1006 (20110921) Translation support module: 1145 (20131121) HIPS support module: 1115 (20140206) Internet protection module: 1102 (20140127) Web content filter module: 1028 (20121113) Advanced antispam module: 1620 (20140214) Database module: 1046 (20131204) Edited February 17, 2014 by pavilion_alex Link to comment Share on other sites More sharing options...
Administrators Marcos 5,257 Posted February 17, 2014 Administrators Share Posted February 17, 2014 This detection is ok, the installer contains a potentially unwanted application. Link to comment Share on other sites More sharing options...
SweX 871 Posted February 17, 2014 Share Posted February 17, 2014 This detection is ok, the installer contains a potentially unwanted application. And the "blocked object" detection in the OP post was blocked via/in the cloud was it not? Due to the more serious Dorkbot Worm I assume. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,257 Posted February 17, 2014 Administrators Share Posted February 17, 2014 And the "blocked object" detection in the OP post was blocked via/in the cloud was it not? Due to the more serious Dorkbot Worm I assume. Right. Link to comment Share on other sites More sharing options...
SweX 871 Posted February 17, 2014 Share Posted February 17, 2014 And the "blocked object" detection in the OP post was blocked via/in the cloud was it not? Due to the more serious Dorkbot Worm I assume. Right. Right. That's great Link to comment Share on other sites More sharing options...
deawar 0 Posted September 23, 2015 Share Posted September 23, 2015 Hey everyone. I just tried to d/l PowerISO again and it appears to have more malware associated with it again(Fusion.dll-potentially unwanted application) I really love this software. Is there anyway to see what the implications are for this software? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,257 Posted September 23, 2015 Administrators Share Posted September 23, 2015 Just for clarification, potentially unwanted applications do not carry out malicious operations, hence it's at users' discretion if they enable PUA detection or not. Link to comment Share on other sites More sharing options...
Recommended Posts