Everytime I try to download CCleaner, my McAfee Virus Scan pops up and says that the ccleaner125.exe [or whatever] is infected with a prockill-df trojan virus, and deletes it. Can anyone explain why I am getting this message? It happens when I download from the main site, from download.com, and from a few alternate sources. It is frustrating because I've used CCleaner in the past and have loved it, and would love to install it in my new computer. Thanks in advance!
Make sure you have the latest updates. I scanned online with McAfee and it found nothing.
Confirmed.
Status:
POSSIBLY INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database) (Note: this file was only classified as malware by scanners known to generate more false positives than the average scanner. Do not consider these results definately accurate. Also, because of this, results of this scan will not be recorded in the database.)
MD5 3cface7756cdaf5a2fb4a0de67485b0b
Packers detected:
-
Scanner results
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
Fortinet
Found Prockill.DF-tr
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
UNA
Found nothing
VBA32
Found nothing
FortinetFound Prockill.DF-tr
is there anyway to correct this?
It's a false positive. I wouldn't worry about it.
Although it's a false positive and ignoring it will allow you to install CCleaner, the only way to get it removed from being falsely detected is to contact your antivirus vendor, hence if nobody contacts them they won't know about it. They'll either want the actual setup file, or a link so that they can download it.
Although it's a false positive and ignoring it will allow you to install CCleaner, the only way to get it removed from being falsely detected is to contact your antivirus vendor, hence if nobody contacts them they won't know about it. They'll either want the actual setup file, or a link so that they can download it.
I just read somewhere that this needs to be addressed by the manuafacturer of installer that CCLeaner uses to package their product. A false positive, will most likely be corrected during the next release.
The usual problem I suspect is if a program uses any type of executable compressor program such as UPX. I'm not picking on UPX, but as an example allot of av scanners have flagged completely safe UPX compressed files (.exe, .dll, .sfx) as being infected or suspicious, hence the reason newer releases of WinRAR don't compress SFX created archives since the SFX module itself is no longer compressed by UPX.
Coppertrail..
Unless I'm totally misunderstanding your post.. McAfee corrected the false positive through an update very shortly after it's release - within a day or two. (I had a problem with McAfee detecting 2 uninstallers, as a result of the f.p., but it's a non-issue at this point) If you'd like clarification, you should be able to find it at McAfee's forum.
CJ