![](http://content.invisioncic.com/d154966/set_resources_6/84c1e40ea0e759e3f1505eb1788ddf3c_pattern.png)
RicardodeMiranda
-
Posts
12 -
Joined
-
Last visited
Posts posted by RicardodeMiranda
-
-
On 25/03/2020 at 10:55, nukecad said:
The file that Riacrdo is talking about is not the CCleaner installer. (Sorry, I'd missed that).
It appears to be the 'Emergency Updater'?But that doesn't usually have the version number, just 'ccupdate.exe', and the pathname in the screenshot looks odd.
ccupdate.exe also shows as clean on VT:
https://www.virustotal.com/gui/file/6c997590da9a900e09fb0e0f469ed09c07199e461661d0346f9dd431f9534b26/detectionDoes the file "C:\Program Files\CCleaner\temp_ccupdate\ccupdate5.65.7632.exe" actually exist on your computer?
Does the folder "temp_ccupdate" even exist?
(or is it only in Kaspersky that you saw it?).Can you tell us where you downloaded CCleaner v5.65 from?
Thank you for your reply, nukecad.
It has been resolved.
No, this is just a temp folder, you know?
I just need to click on this link (attached file) in order to ask CCleaner to download and install the new software for me.
-
On 25/03/2020 at 10:10, hazelnut said:
When you click on the VirusTotal link in nukead's post above and get to the site, click on where it says Details.
Scroll down a bit and you will see that it mentions 5.65.7632.exe and ccsetup565.exe. They are one and the same.
The temp file ccupdate you have highlighted by Kaspersky on your machine is just where the setup file gets unpacked to a temp area for installing.
Please do not be concerned.
If it still is bothering your peace of mind contact Kaspersky who will give you some info about this.
On 25/03/2020 at 10:10, hazelnut said:When you click on the VirusTotal link in nukead's post above and get to the site, click on where it says Details.
Scroll down a bit and you will see that it mentions 5.65.7632.exe and ccsetup565.exe. They are one and the same.
The temp file ccupdate you have highlighted by Kaspersky on your machine is just where the setup file gets unpacked to a temp area for installing.
Please do not be concerned.
If it still is bothering your peace of mind contact Kaspersky who will give you some info about this.
Thank you so much for your answer, hazelnut!
-
2 hours ago, nukecad said:
The file that Riacrdo is talking about is not the CCleaner installer. (Sorry, I'd missed that).
It appears to be the 'Emergency Updater'?But that doesn't usually have the version number, just 'ccupdate.exe', and the pathname in the screenshot looks odd.
ccupdate.exe also shows as clean on VT:
https://www.virustotal.com/gui/file/6c997590da9a900e09fb0e0f469ed09c07199e461661d0346f9dd431f9534b26/detectionDoes the file "C:\Program Files\CCleaner\temp_ccupdate\ccupdate5.65.7632.exe" actually exist on your computer?
Does the folder "temp_ccupdate" even exist?
(or is it only in Kaspersky that you saw it?).Can you tell us where you downloaded CCleaner v5.65 from?
nukecad, thank you very much!
Because I bought CCleaner Professional I just need to click on right bottom corner where there is a link called Check for updates (please see the new screenshot I've taken and attached below).
And right after that a window appears and it downloads and installs the new version on my laptop. Could you get it?
But yesterday my anti-virus used to "cancel" that downloading process, you know? It used to show me a notification (a file deleted), because it used to identify a dangerous file, you know?
However in today morning I tried once more... and then... finally, my anti-virus allowed to download and install.
Thank you so much, guys!
Now everything is OK.
-
3 hours ago, Andavari said:
You can always wait a few days since that gives antivirus vendors time to update their detection (usually 48-72 hours) - and it also affords you a time-gap if a new version has other issues such as being buggy.
Andavari, thank you so much! It happened in this morning.
Thanks to everyone.
-
1 hour ago, nukecad said:
Every software that releases a new version gets one or two AV's not recognising the new version at first
It happens because they 'see' something different than they expect from that software and so are not sure if it's real or a fake.
Once the AV company gets it's finger out and updates their listing all is well again.I've submitted ccsetup565.exe to a VirusTotal check and all 67 AV engines that responded say that it's clean - including Kaspersky
https://www.virustotal.com/gui/file/810d4b0d8f4171b13f6d5a4c5c6c5e33209af7af6c378a2218007caae12dc2d6/detectionnukecad, thank you for your answer.
But I have been using CCleaner Professional for years. And it happened for the first time.
And also PAY CLOSE ATTENTION to the screenshot I took.
You've submitted a DIFFERENT FILE (ccsetup565.exe). That IS NOT the file Kaspersky Internet Security has detected.
There is a virus inside this file ccupdate5.65.7632.exe.
If you can submitted the correct file, I would be very thankful, because my anti-virus can't allow me to download it and even install it.
Thanks for your answer.
-
11 hours ago, TwistedMetal said:
It's a false positive. There is no actual virus. It happens with every new release.
TwistedMetal, thank you for your answer. But it happened for me for the first time. Maybe it may be a virus.
I really need a solution, because I won't disable my anti-virus in order to install a dangerous software.
Thanks
-
-
3 hours ago, Stephen Piriform said:
DNS8 got back to me. They have adjusted the URL's reputation:
Me too.
Thanks again.
-
44 minutes ago, Stephen Piriform said:
I don't think it's anything to be concerned by. This company analyses URLs and flags anything without a good reputation. It looks like they have a simple check that simply flags any URL that downloads an executable. It does not seem that it does any checks on the file itself to see if it is legitimate.
To compare, here is the VirusTotal results for the file itself (not the download URL):
The file also checks out with Kaspersky:
I have reported a false positive to DNS8 so they can investigate.
Thank you so much for your kind support and screenshots, Stephen Piriform.
Currently, my CCleaner Professional is 5.47.6716. And any preview installers this Kaspersky couldn't detect any trojan.
If they send to you any answer... could you just report to me what they said please?
Thank you so much again.
-
11 minutes ago, Stephen Piriform said:
Hi there,
Kaspersky is not flagging this file from what I can see: https://www.virustotal.com/#/url/dcbf986874e39ef14eaaea2c6d0e0960b7ef79d039dca17757cc77d87507c33f/detection
Can you confirm that the MD5 filehash for the ccupdate548_pro.exe file you have matches "3c4836f8f949c94bb651a74814617868" ?
Hi, Stephen Piriform.
After clicking on your link, you can see it on the screenshot I took. VirusTotal detected also.
-
Hello, everyone.
I'm Ricardo, and I would like to tell you that Kaspersky Internet Security detected a malware on a CCleaner installer. It's called UDS:Trojan.Win32.Droma. It is on this file ccupdate548_pro[1].exe. Please fix it ASAP. My Kaspersky can't allow me to install this new version. And I advise to anyone not to install for a while.
Thanks in advance. And I hope to find this solution.
Best regards.
Ricardo
There is a Trojan within the new version of CCleaner [false positive]
in CCleaner Help Requests
Posted
Thank you so much, nukecad!