Hi! I downloaded from ccleaner.com. First I did slim and then the full free version and both have this (malicious) result on virus total shown below. I understand that it may not be anything at all, but I never install ccleaner unless virus total is clear. I am not technically able to understand this, but will not install with this result, even though as I said, someone may reply that this is not any issue. I looked in the forum for similar threads and didn't see any so posted this here.

Can someone let me know what this is about and if it will show clear on virus total in the future.

Thank you!

I would not worry at all.

Virus Total is like any other diagnostic tool in that you have to have some knowledge of what the results it gives actually mean.

VT can only give you information, you have to check that information and decide for yourself if it is relevent to you.

If you use VT regularly then you will know that False Positives often happen, and that 1 detection out of 68 is almost certainly a False Positive.

(In fact 4 or 5 out of that many results wouldn't bother me unduly).

Look at it the other way round - 67 out of 68 AVs have said that CCsetup614.exe is clean and is safe to use.

Minimal detections like that on VT usually come from little known and/or specialist AVs - and that is what is happening here.

In this case the one particular AV in your screenshot that flagged CCsetup614.exe is Deep Instinct.

Deep Instinct is intended for "endpoint" security, ie. business and large organisation networks that need extra checks for if an employee/user tries to install something that is not meant for use on a networked system.

https://www.deepinstinct.com/endpoint-security

CCleaner is meant for home (or small business) use, it is not designed for use on networked systems.

CCleaner Cloud is the edition for use with network endpoints, if a business chooses to use it.

So it is not surprising at all that an AV meant for network endpoints would flag up a home use cleaner app which can access system files to clear them, as well as access other user accounts in some circumstances - things which you may want to do at home, but should not be doing on a business network.

(We had a post here recently where a company's employee had tried to do just that, and their endpoint security rejected it and threw up multiple warning flags to their IT department, as it should on a business network).

So in the end it is your choice how to interpret the VT result and what to do with the information it gives you.

Mostly that comes from experience of using it and double checking what it says for yourself.

Additional:

I've just re-analyzed CCsetup614.exe on VT and it's now showing 0/67.

Scrolling down the list Deep Instinct is now also showing it as clean.

Hi. Thank you for your reply. When I saw that you had re-scanned and it came out clean, I downloaded another copy of ccleaner slim and ccleaner free (standard version) and ran them through and the slim had same result as my one from yesterday, I then ran the standard free build through and got the same result as yesterday, snip shown below. I was hoping it would come back clear as yours had, but it didn't. These were run 20 or so minutes ago.

Perhaps I used different download then you. Both I had were on ccleaner.com

I appreciate you saying that it is truly nothing, but I never put anything on my pc that has any results on virus total and I don't update ccleaner very often, and last time I recall I had a similar issue, and posted here and then days later, it was clear.

Thank you for your help.

That scan of mine was a freshly downloaded installer from the builds page.

I assume that as you are also downloading the Slim then the builds page is also where you are downloading from. Is that correct?

Just looking on VT now it is still showing 0/69 for me, with a last scan time of 3 hours ago

Hi! I was downloading it from builds, and just did again and scanned and all is clear! Thank you for your time and help. So appreciated.

I think that it just goes to point up what I was saying about VT and False Positives.

Nothing changed in the ccsetup614.exe file itself, the only thing that changed was how one particular AV (out of 68) was classifying it at different times.

AVs do update their definitions all the time, often multiple times a day, and it is not unusual for some of them to be too cautious. Like an over-protective nanny.

Plus the particular AV that was the issues here is a specialist one for network endpoints, you can expect it to sometimes give different, over cautious,  results to ones meant for home use.

In the end it's your choice, but if you get a similar situation again then you can just keep trying VT until it does give a green.

(Or do as most of us do - go with the majority on VT and ignore a couple of FPs)