Jump to content
CCleaner Community Forums
Sign in to follow this  
cslcm

Speccy - malicious download?

Recommended Posts

Hello

 

Could an official Piriform staff member please confirm for 100% certainty that the Speccy download from the same Piriform server was not compromised during the breach?

 

I downloaded and installed Speccy during this period, and it seems weird to me that they would target one binary on the server and not the other.

Share this post


Link to post
Share on other sites
On 9/19/2017 at 09:27, Andavari said:

In the meantime you can upload the setup file you downloaded to VirusTotal to scan it with dozens of antiviruses:

https://www.virustotal.com/en/

Thanks for your advice Andavari.   

 

I did exactly what you typed us to do.

 

I downloaded Speccy today (from https://www.ccleaner.com/speccy/download/standard), and scanned it with the link you provided. 

Results are below:

5ceeb05b4b4f1_speccydownloadfromCCleanerlink.JPG.53aa3d3398b398abc663340476d89ebe.JPG

I Chose CCleaner.com to download from 

 

 

 

5ceeb09563171_speccytrojanvirusmay292019.thumb.JPG.8ba7fb40429c68056daeac554c620390.JPG

Virustotal.com (as you linked) : Result shows positive

 

 

5ceeb0cd85ff7_Speccyversioninformation.thumb.JPG.174b4ff22ef9b554e4c264db709bb290.JPG

File version

 

5ceeb0f291d0f_speccylatestcommentwasvirus.thumb.JPG.d130511a0c85831d3b319a2d000623da.JPG

Latest comment

 

 

Share this post


Link to post
Share on other sites

This is a false positive. VirusTotal results need to be interpreted with care - detection by a single AV engine out of the 71 (or by a couple that sublicence each other's pattern files) generally indicates that nothing is actually wrong, especially if a file has been around long enough for everyone else to "catch up" if there really is a problem. 

Notice that despite being released over a year ago, Speccy 1.32 is not detected as having any issues by any of the major AV vendors. The three that do are triggered by presence of the Google toolbar offer in the install file.  For reference, the hacked CCleaner product (Version 5.33) from 2017 has a report that looks like this: https://www.virustotal.com/#/file/1a4a5123d7b2c534cb3e3168f7032cf9ebf38b9a2a97226d0fdb7933cf6030ff/detection

image.png

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...