Glenn Posted October 20, 2006 Share Posted October 20, 2006 yelloweye, If you don't want to accept the advice that this is a false positive, you can: Contact F-Secure yourself and get their advice. - or - Wait and try to install CCleaner next week. In the meantime F-Secure will probably fix their problem. - or - Go away. Link to comment Share on other sites More sharing options...
Moderators Andavari Posted October 20, 2006 Moderators Share Posted October 20, 2006 You should be able to contact F-Secure through this link: http://www.f-secure.com/f-secure/contact_information.html Link to comment Share on other sites More sharing options...
amckern Posted October 20, 2006 Share Posted October 20, 2006 I have been a user of ccleaner for many years, and now use it in a secure work environment where everything has to pass through many scanners, and an install watcher to check for any back doors. I am happy to say that the slim package we use is 100% free of vermin, back doors, and animals that pose as horses. Sample of the Scanner list Nod32 F-secure NAV (2000/2006) AVG Spybot [edit]Typos/ Link to comment Share on other sites More sharing options...
plun Posted October 20, 2006 Share Posted October 20, 2006 Hi All Well... I don't like "flames" when it?s about false/positives Users in Sweden reported exactly the same. The file involved is InstallOptions.dll, this file is created during setup in a temporarily folder. From F-Secures logfile: Win32.Trojandownloader.Zlob (Malware) FILE:C:\DOCUME~1\GRAN~1\LOKALA~1\Temp\nsh216.tmp\InstallOptions.dll I have scanned this file yesterday evening with Virustotal and also today with F-Secures scanner without any alarm. This must be challenge for F-Secure to solve. regards plun Complete scanning result of "InstallOptions.dll", received in VirusTotal at 10.19.2006, 23:01:47 (CET). Antivirus Version Update Result AntiVir 7.2.0.31 10.19.2006 no virus found Authentium 4.93.8 10.19.2006 no virus found Avast 4.7.892.0 10.19.2006 no virus found AVG 386 10.19.2006 no virus found BitDefender 7.2 10.19.2006 no virus found CAT-QuickHeal 8.00 10.19.2006 no virus found ClamAV devel-20060426 10.19.2006 no virus found eTrust-InoculateIT 23.73.29 10.19.2006 no virus found eTrust-Vet 30.3.3143 10.19.2006 no virus found DrWeb 4.33 10.19.2006 no virus found Ewido 4.0 10.19.2006 no virus found Fortinet 2.82.0.0 10.19.2006 no virus found F-Prot 3.16f 10.19.2006 no virus found F-Prot4 4.2.1.29 10.19.2006 no virus found Ikarus 0.2.65.0 10.19.2006 no virus found Kaspersky 4.0.2.24 10.19.2006 no virus found McAfee 4877 10.19.2006 no virus found Microsoft 1.1603 10.19.2006 no virus found NOD32v2 1.1817 10.19.2006 no virus found Norman 5.80.02 10.19.2006 no virus found Panda 9.0.0.4 10.19.2006 no virus found Sophos 4.10.0 10.15.2006 no virus found TheHacker 6.0.1.101 10.19.2006 no virus found UNA 1.83 10.19.2006 no virus found VBA32 3.11.1 10.19.2006 no virus found VirusBuster 4.3.7:9 10.19.2006 no virus found Aditional Information File size: 12800 bytes MD5: 444e1109d960c307df0ca2b33a24731b SHA1: 55e3b57d06128911ed4af44858d199d9b1945edc http://support.f-secure.com/enu/home/ols.shtml Citat: Scanning Report Friday, October 20, 2006 12:01:44 - 12:02:22 Computer name: Scanning type: Scan target for viruses Target: C:\Documents and Settings\MrX\Lokala inst?llningar\Temp\nsb95.tmp -------------------------------------------------------------------------------- Result: 0 malware found -------------------------------------------------------------------------------- Statistics Scanned: Files: 6 System: 0 Not scanned: 0 Actions: Disinfected: 0 Renamed: 0 Deleted: 0 None: 0 Submitted: 0 Files not scanned: -------------------------------------------------------------------------------- Options Scanning engines: F-Secure AVP: 6.0.171, 2006-10-20 F-Secure Libra: 2.4.1, 2006-10-20 F-Secure Orion: 1.2.37, 2006-10-20 F-Secure Blacklight: 1.0.31, 0000-00-00 F-Secure Pegasus: 1.19.0, 2006-08-29 F-Secure Draco: 1.0.35, 2006-10-18 Scanning options: Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML ZIP XXX Use Advanced heuristics Link to comment Share on other sites More sharing options...
zipper Posted October 20, 2006 Share Posted October 20, 2006 F-Secure behaviour confirmed; when I tried to install the latest CCleaner I got that warning. After a little wondering I disabled the anti-virus software first after having checked the installer package with no reaction. Then after CCleaner install I checked the system with no reaction, so it's the first time I got a false positive with F-Secure. But what have you changed to mislead F-Secure - or perhaps F-Secure definitions have changed to give that false positive. I have had CCleaner installed perhaps 2 years as well as F-Secure but it's the first time I got that warning. And I regard both softwares as highly recommended! Link to comment Share on other sites More sharing options...
Moderators hazelnut Posted October 20, 2006 Moderators Share Posted October 20, 2006 I have sent another email to f-secure with a link to this thread. Support contact https://support.ccleaner.com/s/contact-form?language=en_US&form=general or support@ccleaner.com Link to comment Share on other sites More sharing options...
plun Posted October 20, 2006 Share Posted October 20, 2006 I have sent another email to f-secure with a link to this thread. Hi hazelnut This is probably a better entrance for a f/P trouble and also for all F-Secure users with this "challenge". http://support.f-secure.com/enu/home/virusproblem/sample/ Undetected viruses If you have a virus sample that is not detected or it causes a false alarm with F-Secure Virus Protection, please submit a sample of such file to F-Secure. Direct: http://support.f-secure.com/enu/home/virus...ex_sample.shtml F-Secure operates one office in Helsinki and also one in Malaysia, Kuala Lumpur so someone is for sure awake... regards plun Link to comment Share on other sites More sharing options...
Moderators rridgely Posted October 20, 2006 Moderators Share Posted October 20, 2006 This has gotten out of hand. The level of respect that is usually kept on this forum is nowhere to be found in this topic. The bottom line is that the only problem is a false positive detection from fsecure. All that will have to be done is MrG will have to contact F-Secure and have them correct their detections. This topic will be locked and an update will be posted in the future when this issue has been resolved. Link to comment Share on other sites More sharing options...
Admin MrG Posted October 21, 2006 Admin Share Posted October 21, 2006 F-Secure have responded with the following email: We have verified the claim and isolated the cause of the false alarm. We are already fixing the problem and will release an update as soon as possible. Thank you for bringing this to our attention. Piriform.com - [CCleaner - Defraggler - Recuva - Speccy] Link to comment Share on other sites More sharing options...
Recommended Posts