Jump to content

Recommended Posts

My first Malwarebytes Premium scan detected the file C:\USERS\XXXXX\APPDATA\ROAMING\POWERISO\UPGRADE\POWERISO7-X64.EXE as Generic.Malware/Suspicious.  I believe this file is part of the PowerISO software that I have purchased and installed on my computer.  This program is all about working with ISO files (creating them, burning them to DVD, USB Flash Drive, etc.  How do I tell if this file is truly infected or ai false-positive? 

-Emile

Share this post


Link to post
Share on other sites

Can you follow instructions here to collect more detailed logs and attach the detected file? Thanks.

Share this post


Link to post
Share on other sites

Cli,

I have ran the Support Tool and sent the resulting zip file via reply email.  The email asked that I 'attach the detected file'.  However, the detected file is an EXE file which means I cannot attach it to an email nor can I upload in this forum.  How do I send you the detected EXE file?

-Emile

Share this post


Link to post
Share on other sites

Thanks for that, I've sent this for review by the PUP team.

Share this post


Link to post
Share on other sites

Hello,

This installer contains a monetization feature called FusionCore that we detect. It will be labeled appropriately. Please feel free to add it to your exclusions list if you would like to continue using it.

All best,

Share this post


Link to post
Share on other sites

Hello @EVictory

The paid version of the software used to have a special download that did not contain this FusionCore installer but often users have installed or downloaded the shareware version. I don't know the current state of the program as I own it too and it was difficult to obtain the clean installer from the vendor. They may no longer provide a clean installer as they used to.

As you can see, from years ago the shareware version has been an issue.

https://forums.malwarebytes.com/topic/241045-powerisoexe-from-powerisocom/

https://blog.malwarebytes.com/detections/adware-fusioncore/

As you can see even ESET blocks this installer
https://forum.eset.com/topic/22499-poweriso-new-version-released/

 

If possible you can send an email to PowerISO and ask them for a clean installer as you're a licensed customer of their program. Let them know that 30 out of 68 antivirus engines detect this file and why you want a CLEAN installer.

https://www.virustotal.com/gui/file/0ee9fd966273f29f230e5d6bda0f1ee2714b5dd842033e7b823d1499cca353d6/detection

Thanks and good luck

 

Share this post


Link to post
Share on other sites

All,

After searching the Internet regarding this software, I found multiple reports of the installer being reported as infected from other anti-virus vendors.  The reports seem to indicate that this company's free installers contained infections but that the paid software, once installed, was clean. 

I have been using this software for about a year now.  Before purchasing it, I tried the free version.  The infected file is the installer for the trial version as the paid installer has a different filename.  There was another EXE installer in the same folder that appeared to be the 32-bit version.  This second EXE was not infected.  I deleted both of these installer files.  

I have a local repository where I store the installation files of software I purchase.  I have booth the 'free' version and the 'paid' version installers of PowerISO stored there.  It turns out that the free version installers on my NAS are infected.  I deleted them.  My finding is consistent with the Internet search results above.  

Thanks for all the help. -Emile

Share this post


Link to post
Share on other sites

Thanks @EVictory

Yes, I confirmed the same above as I own a license as well. The paid version does have 2 detections on VirusTotal but they're from smaller companies and it's more than likely a false positive report from them.

Glad you were able to find and resolve your issue.

Have a great week

Cheers

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.