hattrick808 Posted November 16, 2005 Share Posted November 16, 2005 Everytime I try to download CCleaner, my McAfee Virus Scan pops up and says that the ccleaner125.exe [or whatever] is infected with a prockill-df trojan virus, and deletes it. Can anyone explain why I am getting this message? It happens when I download from the main site, from download.com, and from a few alternate sources. It is frustrating because I've used CCleaner in the past and have loved it, and would love to install it in my new computer. Thanks in advance! Link to comment Share on other sites More sharing options...
Moderators TwistedMetal Posted November 16, 2005 Moderators Share Posted November 16, 2005 Make sure you have the latest updates. I scanned online with McAfee and it found nothing. Your Friendly Neighborhood Piriform Forum Moderator Quick Links: CCleaner Products | CCleaner Documentation | Knowledge Center | Downloads | Lost License Key Link to comment Share on other sites More sharing options...
Tarun Posted November 16, 2005 Share Posted November 16, 2005 Confirmed. Status: POSSIBLY INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database) (Note: this file was only classified as malware by scanners known to generate more false positives than the average scanner. Do not consider these results definately accurate. Also, because of this, results of this scan will not be recorded in the database.) MD5 3cface7756cdaf5a2fb4a0de67485b0b Packers detected: - Scanner results AntiVir Found nothing ArcaVir Found nothing Avast Found nothing AVG Antivirus Found nothing BitDefender Found nothing ClamAV Found nothing Dr.Web Found nothing F-Prot Antivirus Found nothing Fortinet Found Prockill.DF-tr Kaspersky Anti-Virus Found nothing NOD32 Found nothing Norman Virus Control Found nothing UNA Found nothing VBA32 Found nothing Link to comment Share on other sites More sharing options...
hattrick808 Posted November 16, 2005 Author Share Posted November 16, 2005 Fortinet Found Prockill.DF-tr is there anyway to correct this? Link to comment Share on other sites More sharing options...
Tarun Posted November 16, 2005 Share Posted November 16, 2005 It's a false positive. I wouldn't worry about it. Link to comment Share on other sites More sharing options...
Moderators Andavari Posted November 17, 2005 Moderators Share Posted November 17, 2005 Although it's a false positive and ignoring it will allow you to install CCleaner, the only way to get it removed from being falsely detected is to contact your antivirus vendor, hence if nobody contacts them they won't know about it. They'll either want the actual setup file, or a link so that they can download it. Link to comment Share on other sites More sharing options...
coppertrail Posted November 27, 2005 Share Posted November 27, 2005 Although it's a false positive and ignoring it will allow you to install CCleaner, the only way to get it removed from being falsely detected is to contact your antivirus vendor, hence if nobody contacts them they won't know about it. They'll either want the actual setup file, or a link so that they can download it. 22334[/snapback] I just read somewhere that this needs to be addressed by the manuafacturer of installer that CCLeaner uses to package their product. A false positive, will most likely be corrected during the next release. Link to comment Share on other sites More sharing options...
Moderators Andavari Posted November 27, 2005 Moderators Share Posted November 27, 2005 I just read somewhere that this needs to be addressed by the manuafacturer of installer that CCLeaner uses to package their product. A false positive, will most likely be corrected during the next release. 22997[/snapback] The usual problem I suspect is if a program uses any type of executable compressor program such as UPX. I'm not picking on UPX, but as an example allot of av scanners have flagged completely safe UPX compressed files (.exe, .dll, .sfx) as being infected or suspicious, hence the reason newer releases of WinRAR don't compress SFX created archives since the SFX module itself is no longer compressed by UPX. Link to comment Share on other sites More sharing options...
CJNY Posted November 27, 2005 Share Posted November 27, 2005 I just read somewhere that this needs to be addressed by the manuafacturer of installer that CCLeaner uses to package their product. A false positive, will most likely be corrected during the next release. 22997[/snapback] Coppertrail.. Unless I'm totally misunderstanding your post.. McAfee corrected the false positive through an update very shortly after it's release - within a day or two. (I had a problem with McAfee detecting 2 uninstallers, as a result of the f.p., but it's a non-issue at this point) If you'd like clarification, you should be able to find it at McAfee's forum. CJ Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now