I downloaded the current Speccy installer spsetup131.exe from ccleaner.com today (19 Feb 2018) and immediately got a notification from AVG antivirus that it was infected with malware (Rootkit-gen). I reported it to AVG as a false positive but you guys may wish to double-check and maybe liaise with AVG.
i can not confirm it with my avg... but i have the download from 11.07.2017
and since AVG was taken over by Avast who in turn bought out Piriform, that should be a straight forward liaison.
the Admin team do read these threads, eventually, but as to a follow-up or investigation, who can say.
Same thing with Avast. Avast moved that setup file to chest. Says that its infected with virus Win32:Rootkit-gen
If you're downloading the free version make sure the checksums/hashes match (even though they don't publish them on the download site), and also right-click the file and make sure the Digital Signature is valid and signed.
File Name: spsetup131.exe
MD5: 0F3457989D9F5CF05A8EA435CB26A704
SHA-1: 7BAF469001833D3A7B1D2E377426B439C7F981AE
SHA-256: F52EC93F4EA0B4D7CCE5C4B495B8B2DA2657FF2073A1745993D972AE8D8389F2
One of the detections is by ESET/NOD which will always detect the included 3rd party Google software. Also since the installer was compiled with NSIS that may cause some scanners to produce a false positive every now and then. VirusTotal did have 4 detections earlier (from 2 hours ago), and now with the link provided below it has 2 detections.
Scan results from online scanners:
Jotti
https://virusscan.jotti.org/en-US/filescanjob/7odx8py36t
VirusTotal
1 hour ago, jm77 said:<div class="ipsQuote_contents"> <p> Same thing with Avast. Avast moved that setup file to chest. Says that its infected with virus Win32:Rootkit-gen </p> </div>
after windows update the same installer is okey. Rescanned and everything seems ok. Not flagging anymore.
I tried again, using a different PC, one running Sophos antivirus, and attempted to download Speccy 1.31 from the Piriform website (not FileHippo) and immediately got a Sophos pop-up to say "High Risk Website Blocked - Access to this page is blocked as the threat Mal/HTMLGen-A has been found on this website. "
I think Piriform have some questions to answer, irrespective of the compiler used.
Speccy version 1.29 seems safe to use.
Andavari? Comments please?
No questions to answer as far as I can see. I get no problems with the website or the download.
Virus total shows no detections for the URL
As you can see if you scroll down the link, Sophos hasn't rated it yet.
ps: after download yesterday the latest version of speccy my avg dont tell me something
Downloaded spsetup131 from filehippo also from Piriform, scanned with Avast AV, submitted to virustotal, got same hashes,same result as Andavari.