| ID | 3116523 |
| Released | Sep 14, 2011 |
| Description Updated | Dec 09, 2013 |
Detection Availability
| FortiGate |
|
|---|---|
| FortiClient |
|
| FortiAPS |
|
| FortiAPU |
|
| FortiMail |
|
| FortiSandbox |
|
| FortiWeb |
|
| Web Application Firewall |
|
| FortiIsolator |
|
| FortiDeceptor |
|
| FortiEDR |
|
Threat Profile
Aliases:- Win32/InstallCore.W
- W32/InstallCore.EB
- Win32/InstallCore.EB potentially unwanted application
Riskware is a term for potentially unwanted or dangerous software programs that do not fall under Adware. They could be legitimate software applications that may be misused and pose possible security risks to users.
Update History
| Date | Version | Detail |
|---|---|---|
| 2023-09-30 | 91.07445 | |
| 2023-09-30 | 91.07444 | |
| 2023-09-30 | 91.07443 | |
| 2023-09-30 | 91.07442 | |
| 2023-09-30 | 91.07440 | |
| 2023-09-30 | 91.07437 | |
| 2023-09-30 | 91.07436 | |
| 2023-09-30 | 91.07435 | |
| 2023-09-30 | 91.07434 | |
| 2023-09-30 | 91.07432 |
Refine Search
Threat Encyclopedia
Riskware/InstallCore
Analysis
This detection is for installers of applications that bundle themselves with toolbars or Browser Helper Objects (BHOs) that usually display some form of adverstisement. The detection does not indicate the presence of malware, but is used to classify software with possibly unwanted behavior that may be a potential risk to users.
Riskware applications usually affect productivity and are thus not useful in a corporate environment.
Below are screenshots of some of the installation packages:
- Figure 1: Installation prompt example 1.
- Figure 2: Installation prompt example 2.
- Figure 3: Installation prompt example 3.
- Figure 4: Installation prompt example 4.
|
|
|
|
Recommended Action
FortiGate Systems
- Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option.
FortiClient Systems
- Quarantine/delete files that are detected and replace infected files with clean backup copies.
