Prockill-DF Trojan?

[hattrick808]

Everytime I try to download CCleaner, my McAfee Virus Scan pops up and says that the ccleaner125.exe [or whatever] is infected with a prockill-df trojan virus, and deletes it. Can anyone explain why I am getting this message? It happens when I download from the main site, from download.com, and from a few alternate sources. It is frustrating because I've used CCleaner in the past and have loved it, and would love to install it in my new computer. Thanks in advance!

[TwistedMetal]

Make sure you have the latest updates. I scanned online with McAfee and it found nothing.

[Tarun]

Confirmed.

 

Status:

POSSIBLY INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database) (Note: this file was only classified as malware by scanners known to generate more false positives than the average scanner. Do not consider these results definately accurate. Also, because of this, results of this scan will not be recorded in the database.)

MD5 3cface7756cdaf5a2fb4a0de67485b0b

Packers detected:

-

Scanner results

AntiVir

Found nothing

ArcaVir

Found nothing

Avast

Found nothing

AVG Antivirus

Found nothing

BitDefender

Found nothing

ClamAV

Found nothing

Dr.Web

Found nothing

F-Prot Antivirus

Found nothing

Fortinet

Found Prockill.DF-tr

Kaspersky Anti-Virus

Found nothing

NOD32

Found nothing

Norman Virus Control

Found nothing

UNA

Found nothing

VBA32

Found nothing

[hattrick808]

Fortinet 

Found Prockill.DF-tr

 

 

is there anyway to correct this?

[Tarun]

It's a false positive. I wouldn't worry about it.

[Andavari]

Although it's a false positive and ignoring it will allow you to install CCleaner, the only way to get it removed from being falsely detected is to contact your antivirus vendor, hence if nobody contacts them they won't know about it. They'll either want the actual setup file, or a link so that they can download it.

[coppertrail]

Although it's a false positive and ignoring it will allow you to install CCleaner, the only way to get it removed from being falsely detected is to contact your antivirus vendor, hence if nobody contacts them they won't know about it. They'll either want the actual setup file, or a link so that they can download it.

22334[/snapback]

I just read somewhere that this needs to be addressed by the manuafacturer of installer that CCLeaner uses to package their product. A false positive, will most likely be corrected during the next release.

[Andavari]

I just read somewhere that this needs to be addressed by the manuafacturer of installer that CCLeaner uses to package their product.  A false positive, will most likely be corrected during the next release.

22997[/snapback]

The usual problem I suspect is if a program uses any type of executable compressor program such as UPX. I'm not picking on UPX, but as an example allot of av scanners have flagged completely safe UPX compressed files (.exe, .dll, .sfx) as being infected or suspicious, hence the reason newer releases of WinRAR don't compress SFX created archives since the SFX module itself is no longer compressed by UPX.

[CJNY]

I just read somewhere that this needs to be addressed by the manuafacturer of installer that CCLeaner uses to package their product.  A false positive, will most likely be corrected during the next release.

 

22997[/snapback]

 

 

 

 

Coppertrail..

 

Unless I'm totally misunderstanding your post.. McAfee corrected the false positive through an update very shortly after it's release - within a day or two. (I had a problem with McAfee detecting 2 uninstallers, as a result of the f.p., but it's a non-issue at this point) If you'd like clarification, you should be able to find it at McAfee's forum.

 

CJ