RicardodeMiranda Posted October 25, 2018 Share Posted October 25, 2018 Hello, everyone. I'm Ricardo, and I would like to tell you that Kaspersky Internet Security detected a malware on a CCleaner installer. It's called UDS:Trojan.Win32.Droma. It is on this file ccupdate548_pro[1].exe. Please fix it ASAP. My Kaspersky can't allow me to install this new version. And I advise to anyone not to install for a while. Thanks in advance. And I hope to find this solution. Best regards. Ricardo Link to comment Share on other sites More sharing options...
Guest Stephen CCleaner Posted October 25, 2018 Share Posted October 25, 2018 Hi there, Kaspersky is not flagging this file from what I can see: https://www.virustotal.com/#/url/dcbf986874e39ef14eaaea2c6d0e0960b7ef79d039dca17757cc77d87507c33f/detection Can you confirm that the MD5 filehash for the ccupdate548_pro.exe file you have matches "3c4836f8f949c94bb651a74814617868" ? Link to comment Share on other sites More sharing options...
RicardodeMiranda Posted October 25, 2018 Author Share Posted October 25, 2018 11 minutes ago, Stephen Piriform said: Hi there, Kaspersky is not flagging this file from what I can see: https://www.virustotal.com/#/url/dcbf986874e39ef14eaaea2c6d0e0960b7ef79d039dca17757cc77d87507c33f/detection Can you confirm that the MD5 filehash for the ccupdate548_pro.exe file you have matches "3c4836f8f949c94bb651a74814617868" ? Hi, Stephen Piriform. After clicking on your link, you can see it on the screenshot I took. VirusTotal detected also. Link to comment Share on other sites More sharing options...
Guest Stephen CCleaner Posted October 25, 2018 Share Posted October 25, 2018 I don't think it's anything to be concerned by. This company analyses URLs and flags anything without a good reputation. It looks like they have a simple check that simply flags any URL that downloads an executable. It does not seem that it does any checks on the file itself to see if it is legitimate. To compare, here is the VirusTotal results for the file itself (not the download URL): https://www.virustotal.com/#/file/079609c8d786cab5d29b43d315af1d7276805f0f7cc48f180106d38d4c5b2e97/detection The file also checks out with Kaspersky: I have reported a false positive to DNS8 so they can investigate. Link to comment Share on other sites More sharing options...
RicardodeMiranda Posted October 25, 2018 Author Share Posted October 25, 2018 44 minutes ago, Stephen Piriform said: I don't think it's anything to be concerned by. This company analyses URLs and flags anything without a good reputation. It looks like they have a simple check that simply flags any URL that downloads an executable. It does not seem that it does any checks on the file itself to see if it is legitimate. To compare, here is the VirusTotal results for the file itself (not the download URL): https://www.virustotal.com/#/file/079609c8d786cab5d29b43d315af1d7276805f0f7cc48f180106d38d4c5b2e97/detection The file also checks out with Kaspersky: I have reported a false positive to DNS8 so they can investigate. Thank you so much for your kind support and screenshots, Stephen Piriform. Currently, my CCleaner Professional is 5.47.6716. And any preview installers this Kaspersky couldn't detect any trojan. If they send to you any answer... could you just report to me what they said please? Thank you so much again. Link to comment Share on other sites More sharing options...
Guest Stephen CCleaner Posted October 25, 2018 Share Posted October 25, 2018 DNS8 got back to me. They have adjusted the URL's reputation: https://www.virustotal.com/#/url/dcbf986874e39ef14eaaea2c6d0e0960b7ef79d039dca17757cc77d87507c33f/detection Link to comment Share on other sites More sharing options...
RicardodeMiranda Posted October 25, 2018 Author Share Posted October 25, 2018 3 hours ago, Stephen Piriform said: DNS8 got back to me. They have adjusted the URL's reputation: https://www.virustotal.com/#/url/dcbf986874e39ef14eaaea2c6d0e0960b7ef79d039dca17757cc77d87507c33f/detection Me too. Thanks again. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now