Used Virus total to check ccleaner for win10 and then slim and both show virus

CCleaner for Windows
1

Hi, I looked in the files before asking and didn't see anything. When I ran the ccleaner download thru virus total mcafee hits it and says has artemus virus. Same occurs using the slim download. I don't feel safe to install on system. Is this going to be fixed? Thank you so much.

ccleaner on virus total.png

2

There is nothing to fix. These are false positives.

Does your own Anti- virus detect it?

3

Hi. Thank you for writing. I don't have any anti virus on my pc but I have never installed any programs that come back from virus total like that, If there is any issue on virus total with a program, I don't think it's a good idea to install it. In my experience with using Virus Total; sometimes programs will come back like this, and I report it and then the issue is gone. I would never feel safe as I don't understand software enough and every program I use on my computer has always been clean. If there is nothing to fix, then I guess I have to find another product. I've used ccleaner for a very long time and so will miss using it. I'm sure I just don't understand false positives, but have seen programs with this before and it is always fixed so that it doesn't happen on virus total like that and then I install it. I appreciate your response.

4
Quote 
<div class="ipsQuote_contents ipsClearfix" data-gramm="false">
	<p>
		In my experience with using Virus Total; sometimes programs will come back like this, and I report it and then the issue is gone.
	</p>
</div>

That's because they are false positives, the thing that needs to be fixed is the AV that is getting it wrong. 

Once reported they check and see that their AV is indeed giving a FP - so they change the AV definitions so that it stops reporting it wrongly.

With Virus Total you have to look at the results and make a judgement. 

All VT shows you is what a number of different AV engines think about a file or website, <em>at any particular time</em>.

In the case of your screenshot only one AV engine flagged it as suspicious, the other 64 said it was clean. 

So it's almost certainly a false positive by that one.

You find that the lesser known AVs throw up more FPs, but the big names are not immune to giving the occasional one.

Of course it is always just possibly that the one is right and the 64 are wrong, so if you are worried check again later.

5
4 hours ago, casey3512 said: 
<div class="ipsQuote_contents ipsClearfix" data-gramm="false">
	<p>
		I don't have any anti virus on my pc
	</p>
</div>

Your probably well aware that one day that decision could be rather disastrous, say for instance every scanner on VirusTotal misses something whereas an installed antivirus might detect a threat based upon what it's doing and block it. I'd recommend at least using Microsoft Windows Defender Antivirus that's built into the OS.

6
On 23/03/2022 at 19:03, casey3512 said: 
<div class="ipsQuote_contents ipsClearfix" data-gramm="false">
	<p>
		When I ran the ccleaner download thru virus total mcafee hits it and says has artemus virus
	</p>
</div>

When reading VirusTotal results it is important to know how to interpret them - especially as the different engines each have their own method of reporting their results. In the case of McAfee, for example, Artemis is not the name of any virus, but rather the name of their own threat detection engine. Any file flagged with "Artemis" by McAfee has not been identified as a threat, but rather as a binary that they have not yet properly analysed.

So the result of "Artemis!C49DC30B0BB7" - basically just means that McAfee (or at least what McAfee is sharing with VirusTotal) is running a bit behind at the moment and doesn't know what it is yet.

7

Just at this moment I uploaded ccsetup591.zip to Virus Total and VT reports:

https://download.ccleaner.com/portable/ccsetup591.zip

MaxSecure -> Trojan.Malware.141612664.susgen

I'd like to knows if may be safe or not since the AntiVirus on VT detects Trojan.Malware instead of generic malware. I know that for generic malware is often a false positive...

https://www.virustotal.com/gui/file/ed4855acc0239c7e1c5dd4554a6e360173f23458832420000445a20fa3fc6450

Thanks.

8
59 minutes ago, Alecos said: 
<div class="ipsQuote_contents ipsClearfix" data-gramm="false">
	<p>
		<span>MaxSecure</span><span> -&gt; Trojan.Malware.141612664.susgen</span>
	</p>
</div>

Aha! Good to see that McAfee has fixed its false positive (well, as per the above, strictly speak a "false neutral" might be fairer to them).

MaxSecure is not a well-known AV vendor, and google searches on them (eg: https://www.google.com/search?q=maxsecure+susgen) would suggest that their primary claim to fame would be the false positives they return on VirusTotal.

Of the dozens of engines called by VirusTotal, it would not be surprising that one or two might return a false positive. You would need to ask yourself if you believe that after a couple of weeks in active circulation, somehow this obscure AV company was still the only one to detect a "threat" that the major players with hundreds of millions of endpoint sensors around the globe somehow missed.

For reference, this is what a genuine malware detection profile looks like: VirusTotal - File - ea131cc5ccf6aa6544d6cb29cdb78130feed061d2097c6903215be1499464c2e (ie: red lights all over the place).

In short - all is fine, but you would be well advised to get some AV on your computer.

9

Hello again!

I use always Malwarebytes Antimalware and Avira Pro. Thank you for pointing me to discover the truth.

Have a nice day! ?

Kind regards.