jjos Posted May 7, 2010 Share Posted May 7, 2010 I tried to download RECUVA today and got this message from my system: 5/7/2010 11:06:58 AM Deleted C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\xxxx\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QDX4SDZ0\rcsetup137[1].exe Artemis!75B387B88580 (Trojan) Is there really a trojan in this sfotware? If so I certainly won't be using this site again. Link to comment Share on other sites More sharing options...
Aethec Posted May 7, 2010 Share Posted May 7, 2010 I assume you are using McAfee with its "in-the-cloud" protection named Artemis ? It is known to have a lot of false positives (the latest AV-Comparatives.org test says "The McAfee detection with cloud sensitivity would have "very many" false alarms" i.e. more than a hundred on their known clean set - 20x more than the majority of other AVs). Here's a VirusTotal scan : http://www.virustotal.com/fr/analisis/99c2c04a0364039d796a5f026a6e6f83c0282eed33d384d082ee4f4803b7353b-1273249904 As you can see, no AV detects it as a virus. Piriform French translator Link to comment Share on other sites More sharing options...
Moderators Nergal Posted May 7, 2010 Moderators Share Posted May 7, 2010 To Clarify: If you downloaded Recuva from either this website or File Hippo, then what you recieved was a false postive. Please report it to the maker of your Antivirus and they shall fix it in the next definition file. If you downloaded it from anywhere else (besides Piriform or File Hippo) it may well be infected. Please let us know from where you downloaded Recuva. ADVICE FOR USING CCleaner'S REGISTRY INTEGRITY SECTION DON'T JUST CLEAN EVERYTHING THAT'S CHECKED OFF. Do your Registry Cleaning in small bits (at the very least Check-mark by Check-mark) ALWAYS BACKUP THE ENTRY, YOU NEVER KNOW WHAT YOU'LL BREAK IF YOU DON'T. Support at https://support.ccleaner.com/s/?language=en_US Pro users file a PRIORITY SUPPORT via email support@ccleaner.com Link to comment Share on other sites More sharing options...
Ridge Runner Posted May 16, 2010 Share Posted May 16, 2010 I, too, experienced a problem with rcsetup137[1].exe. I downloaded it from File Hipo on 4/26/10. My Norton Internet Security reported it found in my temporary IE casch and labeled it as a virus. NIS then quarantined it. I guess that there may be a coding problem in the executible, but am concerned that it may have delivered some sort of malware elsewhere in my system. So far NIS has not detected anything else. So, is it really a false positive? Usuly, NIS is fairly accurate. Link to comment Share on other sites More sharing options...
kroozer Posted May 16, 2010 Share Posted May 16, 2010 So, is it really a false positive? Usuly, NIS is fairly accurate. I have 136. But because of your alert I just now d/l'd 137 from Hippo and scanned it with Mbam and Avast. No malware found. Link to comment Share on other sites More sharing options...
Moderators hazelnut Posted May 16, 2010 Moderators Share Posted May 16, 2010 Just report the False Positive to Norton and they will update their definitions. Support contact https://support.ccleaner.com/s/contact-form?language=en_US&form=general or support@ccleaner.com Link to comment Share on other sites More sharing options...
Ridge Runner Posted May 17, 2010 Share Posted May 17, 2010 Thanks kroozer and hazelnut. I ran a few av apps on it too. No alerts from them either. Guess I will notify Norton for what ever good it will do. Link to comment Share on other sites More sharing options...
Moderators Nergal Posted May 17, 2010 Moderators Share Posted May 17, 2010 Thanks kroozer and hazelnut. I ran a few av apps on it too. No alerts from them either. Guess I will notify Norton for what ever good it will do. It'll do a lot of good, Norton and ALL Antivirus providers want/need/have-to-have customer feedback on false postives, I submit mine to Symantec (the business arm of Norton) all the time and they immediatly fix it for their next release. Remember many/most antivirus products (especially Norton/Symantec) use Heuristics to identify viruses they may not know. Ccleaner has code in it that tell the registry to delete entries, to uninstall programs and other such behavior that on a code end looks much like the action of viruses/trojans thus the installer gets red flaged often. . . you'll notice that rarely (if ever) the Portable version (already unpacked from intaller and placed in a zip file) gets False postived, nor does the program itself . ADVICE FOR USING CCleaner'S REGISTRY INTEGRITY SECTION DON'T JUST CLEAN EVERYTHING THAT'S CHECKED OFF. Do your Registry Cleaning in small bits (at the very least Check-mark by Check-mark) ALWAYS BACKUP THE ENTRY, YOU NEVER KNOW WHAT YOU'LL BREAK IF YOU DON'T. Support at https://support.ccleaner.com/s/?language=en_US Pro users file a PRIORITY SUPPORT via email support@ccleaner.com Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now