I am running CCleaner v.2.01.507 in a Terminal Server enviroment. It runs evertime a user logs into the TS.
My eTrust ITM downloaded signatures at 7:45am... At 7:51am, when the next user logged in, the realtime scanner popped the following warnings:
The Win32/FakeAv.CX was detected in C:\PROGRAM FILES\CCleaner\UNINST.EXE. Machine: xxxxx, User: xxxxxx . Status: Infected
and
The Win32/FakeAv.CX was detected in C:\PROGRAM FILES\CCleaner\UNINST.EXE. Machine: xxxxx, User: xxxxxx. Status: File was cured; system cure performed.
Do you all think this is a false positive situation? During my googleing of this, i found some mention of false positives on the file a year or so ago.