Jump to content
Piriform Community Forums
markmark

latest version freeware detected as virus by Zemana and 3 times on virus total

Recommended Posts

Latest version ccleaner freeware detected by my Zemana anti virus as virus, and also 3 separate antivirus software manufacturers on Virus Total incl ESET today. Tried downloading again--same result. Last version OK and i re-installed that.

Share this post


Link to post
Share on other sites

My original download was from the link generated by ccleaner software to piriform website. Then i repeated it by downloading from FileHippo--both 'infected' on Virus Total.

Have just downloaded from your link- also shows 3 companies on VT as 'virus'. Last version number downloaded from FileHippo was clean and i installed it. It did not trigger Zemana unlike the current version. Suggest you download 552 and test on VT.

Share this post


Link to post
Share on other sites

Shouldn't you take this a bit more seriously? Have you downloaded the std download--as i did --freeware- and tested it with Virus Total? After all there has been a major problem with ccleaner malware downloading not all that long ago (2017)? The std freeware download does nt offer a 'slim' version and i have never heard of such a thing! Where is it on your downloads page?

Regards mark

Share this post


Link to post
Share on other sites

It's because of the included 3rd party Google Software. Most antivirus' will just ignore it, while others such as ESET, etc., will likely always detect it.

Share this post


Link to post
Share on other sites
8 hours ago, hazelnut said:

I am taking it seriously.

99.99% of the Virus Total listings are false positives because of the addons in the CCleaner full version.

Please try the slim build from here, it's what a lot of people (myself included) use

https://www.ccleaner.com/ccleaner/builds

 

Yes thanks the 'slim' version doesn't trigger either zemana or virus total--so i presume virus free. May i ask what it is that's triggering the problem in the full version? I haven't noticed any toolbars.

Share this post


Link to post
Share on other sites
57 minutes ago, markmark said:

Yes thanks the 'slim' version doesn't trigger either zemana or virus total--so i presume virus free. May i ask what it is that's triggering the problem in the full version? I haven't noticed any toolbars.

Google toolbar or chrome or avast antivirus are the three possible offers given by the full installer.  Some AVs will flag this bundle and thus the false positives

Share this post


Link to post
Share on other sites
On 1/24/2019 at 22:48, markmark said:

Yes thanks the 'slim' version doesn't trigger either zemana or virus total--so i presume virus free. May i ask what it is that's triggering the problem in the full version? I haven't noticed any toolbars.

Just curious, did you extract the slim version installer with 7zip before scanning the folder with Zemana?

Share this post


Link to post
Share on other sites

No, i tested with virus total first ,then thinking it was ok just installed it. Zemana did not issue any warning--unlike the same procedure with the std download which did trigger zemana without me starting a scan manually. I also run webroot, and this did not object to either installation.

Share this post


Link to post
Share on other sites
22 minutes ago, markmark said:

No, i tested with virus total first ,then thinking it was ok just installed it. Zemana did not issue any warning--unlike the same procedure with the std download which did trigger zemana without me starting a scan manually. I also run webroot, and this did not object to either installation.

Zemana does not detect anything after you extract the installer and scan ccleaner.exe?

I got Zemana alert even on slim version "after" i extract the installer. I deleted the ccleaner.exe and use ccleaner64.exe instead just in case!

Share this post


Link to post
Share on other sites

As regards to CCleaner.exe v5.52.6967:

Hashes:
MD5: F0F196FD71B9C7D65929861DD1BCFDCF
SHA-1: C31E7A531F0CF1406DE79966A821E9D349A14D2B
SHA-256: 00564FBE89D79BA9AA80A8C2A11C0F721E5FFDA0CA0549273A22CF270E52664F

Jotti states it's clean, scan results:
https://virusscan.jotti.org/en-US/filescanjob/svxxd6tsmv

VirusTotal states it's clean, scan results:
https://www.virustotal.com/en/file/00564fbe89d79ba9aa80a8c2a11c0f721e5ffda0ca0549273a22cf270e52664f/analysis/1548574791/

Edit:
On my own scanning it's been stated as clean by ClamWin, Dr.Web, Kaspersky, Malwarebytes, and Panda. If Zemana Anti-Malware has a feature to submit a false positive or suspicious file perhaps go that route so they can remedy it, that is if they can since they use online scanning, and only have a small definition file installed locally.

Share this post


Link to post
Share on other sites

Yes they can sort out false detections --I have told them of one or two in the past and received very prompt email acknowledgement. I am perfectly satisfied that this was a 'false' detection and have emailed them. I should emphasise Zemana is only promoted as a second line of defense.

Share this post


Link to post
Share on other sites
7 hours ago, markmark said:

Yes they can sort out false detections --I have told them of one or two in the past and received very prompt email acknowledgement. I am perfectly satisfied that this was a 'false' detection and have emailed them. I should emphasise Zemana is only promoted as a second line of defense.

Yes ofc. I use several different scanners to be sure. JRT, Malwarebytes, Kaspersky, HitmanPro, and Zemana.

Even if said to be f/p i don't like to see anything detecting anything. So that is why i delete ccleaner.exe and use ccleaner64.exe  instead.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×