Jump to content

Recommended Posts

My first Malwarebytes Premium scan detected the file C:\USERS\XXXXX\APPDATA\ROAMING\POWERISO\UPGRADE\POWERISO7-X64.EXE as Generic.Malware/Suspicious.  I believe this file is part of the PowerISO software that I have purchased and installed on my computer.  This program is all about working with ISO files (creating them, burning them to DVD, USB Flash Drive, etc.  How do I tell if this file is truly infected or ai false-positive? 

-Emile

Link to post
Share on other sites

Cli,

I have ran the Support Tool and sent the resulting zip file via reply email.  The email asked that I 'attach the detected file'.  However, the detected file is an EXE file which means I cannot attach it to an email nor can I upload in this forum.  How do I send you the detected EXE file?

-Emile

Link to post
Share on other sites

  • Root Admin

Hello @EVictory

The paid version of the software used to have a special download that did not contain this FusionCore installer but often users have installed or downloaded the shareware version. I don't know the current state of the program as I own it too and it was difficult to obtain the clean installer from the vendor. They may no longer provide a clean installer as they used to.

As you can see, from years ago the shareware version has been an issue.

https://forums.malwarebytes.com/topic/241045-powerisoexe-from-powerisocom/

https://blog.malwarebytes.com/detections/adware-fusioncore/

As you can see even ESET blocks this installer
https://forum.eset.com/topic/22499-poweriso-new-version-released/

 

If possible you can send an email to PowerISO and ask them for a clean installer as you're a licensed customer of their program. Let them know that 30 out of 68 antivirus engines detect this file and why you want a CLEAN installer.

https://www.virustotal.com/gui/file/0ee9fd966273f29f230e5d6bda0f1ee2714b5dd842033e7b823d1499cca353d6/detection

Thanks and good luck

 

Link to post
Share on other sites

All,

After searching the Internet regarding this software, I found multiple reports of the installer being reported as infected from other anti-virus vendors.  The reports seem to indicate that this company's free installers contained infections but that the paid software, once installed, was clean. 

I have been using this software for about a year now.  Before purchasing it, I tried the free version.  The infected file is the installer for the trial version as the paid installer has a different filename.  There was another EXE installer in the same folder that appeared to be the 32-bit version.  This second EXE was not infected.  I deleted both of these installer files.  

I have a local repository where I store the installation files of software I purchase.  I have booth the 'free' version and the 'paid' version installers of PowerISO stored there.  It turns out that the free version installers on my NAS are infected.  I deleted them.  My finding is consistent with the Internet search results above.  

Thanks for all the help. -Emile

Link to post
Share on other sites

  • Root Admin

Thanks @EVictory

Yes, I confirmed the same above as I own a license as well. The paid version does have 2 detections on VirusTotal but they're from smaller companies and it's more than likely a false positive report from them.

Glad you were able to find and resolve your issue.

Have a great week

Cheers

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.