I got the above error message when trying to download the free CCleaner 5.47.6716. I've been using CCleaner from many years and never ran into this problem. Please resolve so that I can upgrade from 5.46
I got the above error message when trying to download the free CCleaner 5.47.6716. I've been using CCleaner from many years and never ran into this problem. Please resolve so that I can upgrade from 5.46
where are you trying to download it from?
use this; https://www.piriform.com/ccleaner/builds
or FileHippo is the other official mirror site.
I tried from the link you showed
Using the Slim build installer: ccsetup547_slim.exe
MD5: EF79B5B018A451CC9B149078186FBFC4
SHA-1: 3EA279FCD3F93C18F912C785E43D074921FC4AB6
SHA-256: F281CEBE66E0E792FB4D1E62CCA6D4A734CA4BD63B09C262DE49FED5D8496C89
VirusTotal results (no detections):
Jotti results (1 detection by ClamWin):
I'm using NOD32 anti-virus & Malwarebytes Pro. I tried disabling each of them and that didn't change anything. I also didn't see anything in their individual log files that indicated that they stopped the download.
I then took a closer look at the error and noticed that it says "firewall gateway anti-virus service" and I realized that this is probably coming from the Sonicwall TZ300 that also does anti-virus & firewall protection. You can take a look at the following datasheet for more info. The TZ300 sits between my Comcast broadband connection and my internal office network.
https://www.sonicwall.com/SonicWall.com/files/2f/2fa6b2bd-edd9-4cc6-abe8-cebff2f90ed1.pdf
Again, I've been using CCleaner for many years and never run into this type of problem. Of course I didn't have the TZ300 until the beginning of 2017, although I had the TZ100 for many years.
I logged into the TZ300 and found that error when trying to download CCleaner again. It also showed it coming from: 13.33.231.93, 443, X1
I hope you can find a way to get rid of this "problem". It might be a false alert. Otherwise I will probably just wait for the next release.
Looks an ok address to me
The problem isn't the IP. The problem is that the firewall in the TZ300 is currently finding a problem.
I had a situation within the last few years where my antivirus was flagging a new version of a program I used all the time. When I ran it thru one of the online programs that verified against many different antivirus programs, a few of them found the same problem. Unfortunately, the vendor wasn't interested in finding a resolution.
I hope the CCleaner developers are interested in resolving this problem with the current release, else I will wait for the next release and try again. They already know that Jotti wasn't happy.
I feel the problem is with sonicwall and not Piriform in this instance. The current release is NOT infected. (otherwisw we would have scores of posts about it)
https://www.sonicwall.com/en-us/support/knowledge-base/170505785916977
It's not the first time sonic has had this false positive
https://forum.piriform.com/topic/48491-firewall-blocking-download/
While VirusTotal finds nothing wrong with the Slim build installer, it's a different story if you individually submit CCleaner.exe and CCleaner64.exe to it, then it finds something but only with 1 or 2 scanners and it states Trojan.
As for Jotti finding something, well I typically pay no attention to the ClamWin scanner they have on there and I haven't for years, it's the Linux version and is very prone to giving false positives on allot of installers made for Windows -- I don't know how they have it configured but perhaps it's set to something akin to a paranoid mode (if such a mode exists, it's just speculation). However, when scanning the same files with ClamWin installed on my Windows system it has never produced a detection.
2 hours ago, Parkarjohn said:<div class="ipsQuote_contents"> <p> This is a remarkable news for the CCleaner users as this is very important for the presence of the Trojan in the software. CCleaner is a very well developed software which helps in the cleaning if the device. Epson Support has suggested me to use this software. But this is a matter of disappointment that this version is affected by the virus. </p> </div>
There is no infection (other than far gone past version). This topic refers to a false positive