Jump to content

Speccy - malicious download?


cslcm

Recommended Posts

Hello

 

Could an official Piriform staff member please confirm for 100% certainty that the Speccy download from the same Piriform server was not compromised during the breach?

 

I downloaded and installed Speccy during this period, and it seems weird to me that they would target one binary on the server and not the other.

Link to comment
Share on other sites

  • 1 year later...
On 9/19/2017 at 09:27, Andavari said:

In the meantime you can upload the setup file you downloaded to VirusTotal to scan it with dozens of antiviruses:

https://www.virustotal.com/en/

Thanks for your advice Andavari.   

 

I did exactly what you typed us to do.

 

I downloaded Speccy today (from https://www.ccleaner.com/speccy/download/standard), and scanned it with the link you provided. 

Results are below:

5ceeb05b4b4f1_speccydownloadfromCCleanerlink.JPG.53aa3d3398b398abc663340476d89ebe.JPG

I Chose CCleaner.com to download from 

 

 

 

5ceeb09563171_speccytrojanvirusmay292019.thumb.JPG.8ba7fb40429c68056daeac554c620390.JPG

Virustotal.com (as you linked) : Result shows positive

 

 

5ceeb0cd85ff7_Speccyversioninformation.thumb.JPG.174b4ff22ef9b554e4c264db709bb290.JPG

File version

 

5ceeb0f291d0f_speccylatestcommentwasvirus.thumb.JPG.d130511a0c85831d3b319a2d000623da.JPG

Latest comment

 

 

Link to comment
Share on other sites

  • Admin

This is a false positive. VirusTotal results need to be interpreted with care - detection by a single AV engine out of the 71 (or by a couple that sublicence each other's pattern files) generally indicates that nothing is actually wrong, especially if a file has been around long enough for everyone else to "catch up" if there really is a problem. 

Notice that despite being released over a year ago, Speccy 1.32 is not detected as having any issues by any of the major AV vendors. The three that do are triggered by presence of the Google toolbar offer in the install file.  For reference, the hacked CCleaner product (Version 5.33) from 2017 has a report that looks like this: https://www.virustotal.com/#/file/1a4a5123d7b2c534cb3e3168f7032cf9ebf38b9a2a97226d0fdb7933cf6030ff/detection

image.png

Piriform Homepage - [CCleaner - CCleaner Mac - CCleaner Android - CCleaner Browser - Recuva - Speccy - Kamo] - Product Support

Looking for your licence key, expiry date or download link? Check here first: https://www.ccleaner.com/support/license-lookup
To find out how we protect your privacy - read CCleaner's Data Factsheet.
What's new? Check the latest CCleaner for Windows release notes

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.