Jump to content
CCleaner Community Forums
Sign in to follow this  

Speccy - malicious download?

Recommended Posts



Could an official Piriform staff member please confirm for 100% certainty that the Speccy download from the same Piriform server was not compromised during the breach?


I downloaded and installed Speccy during this period, and it seems weird to me that they would target one binary on the server and not the other.

Share this post

Link to post
Share on other sites
On 9/19/2017 at 09:27, Andavari said:

In the meantime you can upload the setup file you downloaded to VirusTotal to scan it with dozens of antiviruses:


Thanks for your advice Andavari.   


I did exactly what you typed us to do.


I downloaded Speccy today (from https://www.ccleaner.com/speccy/download/standard), and scanned it with the link you provided. 

Results are below:


I Chose CCleaner.com to download from 





Virustotal.com (as you linked) : Result shows positive




File version



Latest comment



Share this post

Link to post
Share on other sites

This is a false positive. VirusTotal results need to be interpreted with care - detection by a single AV engine out of the 71 (or by a couple that sublicence each other's pattern files) generally indicates that nothing is actually wrong, especially if a file has been around long enough for everyone else to "catch up" if there really is a problem. 

Notice that despite being released over a year ago, Speccy 1.32 is not detected as having any issues by any of the major AV vendors. The three that do are triggered by presence of the Google toolbar offer in the install file.  For reference, the hacked CCleaner product (Version 5.33) from 2017 has a report that looks like this: https://www.virustotal.com/#/file/1a4a5123d7b2c534cb3e3168f7032cf9ebf38b9a2a97226d0fdb7933cf6030ff/detection


Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Create New...