[font=Comic Sans Ms][font=Tahoma][size=6]
18Oct06
win32.trojandownloader.Zlob
I paid $20.00 paypal for donation and accepted the download. I started the install and my antivirus
quarantined the above malware. It nearly cratered my computer. A reset recovered and a rescan showed
no malware. I believe that I will cancel my paypal donation and wait for cctech support. I am pissed off
enough not to ask so feel free to post your comments here.
Full Version: win32.trojandownloader.Zlob
I'm confused... you made a paypal donation but what did you download? Donations don't require any downloads. If its ccleaner that you downloaded where did you download it from?
I think its more likely you have some adware/spyware that popped up a box and you installed something from that. I would be more then happy to help you clean up your pc. Just post a hijackthis log.
I promise you though its not ccleaner that gave you the virus. Not only is it certified as clean on all the major download sites.(although some say adware because of the yahoo toolbar.), but we have a virus support section on our forum, which wouldn't make much since if we were infecting people.
I think its more likely you have some adware/spyware that popped up a box and you installed something from that. I would be more then happy to help you clean up your pc. Just post a hijackthis log.
I promise you though its not ccleaner that gave you the virus. Not only is it certified as clean on all the major download sites.(although some say adware because of the yahoo toolbar.), but we have a virus support section on our forum, which wouldn't make much since if we were infecting people.
QUOTE(rridgely @ Oct 19 2006, 01:38 AM) [snapback]52497[/snapback]
I'm confused... you made a paypal donation but what did you download? Donations don't require any downloads. If its ccleaner that you downloaded where did you download it from?
I think its more likely you have some adware/spyware that popped up a box and you installed something from that. I would be more then happy to help you clean up your pc. Just post a hijackthis log. :)
I promise you though its not ccleaner that gave you the virus. Not only is it certified as clean on all the major download sites.(although some say adware because of the yahoo toolbar.), but we have a virus support section on our forum, which wouldn't make much since if we were infecting people. :lol:
www.cccleaner.com/download/
Download from filehippo.com .
Sorry but its not possible that the file from filehippo is infected. People download it every day and I just downloaded it now and scanned it with etrust antivirus and ewido.
There is a good chance that you have a trojan/backdoor infection on your computer. I can help you with that though.
Download and install this:
http://www.thespykiller.co.uk/files/HJTSetup.exe
Open it up and choose to scan and save log file. A text file will appear.
Copy and paste that text file onto the forum.
There is a good chance that you have a trojan/backdoor infection on your computer. I can help you with that though.
Download and install this:
http://www.thespykiller.co.uk/files/HJTSetup.exe
Open it up and choose to scan and save log file. A text file will appear.
Copy and paste that text file onto the forum.
QUOTE(rridgely @ Oct 19 2006, 02:13 AM) [snapback]52503[/snapback]
Sorry but its not possible that the file from filehippo is infected. People download it every day and I just downloaded it now and scanned it with etrust antivirus and ewido.
There is a good chance that you have a trojan/backdoor infection on your computer. I can help you with that though. :)
Download and install this:
http://www.thespykiller.co.uk/files/HJTSetup.exe
Open it up and choose to scan and save log file. A text file will appear.
Copy and paste that text file onto the forum. :D
" http//download.ccleaner.com/ccsetup133.exe "
regards
The ccleaner team
Piriform Ltd.
is the source of my second download, and that's right you guessed it.
The ccsetup.exe file is infected.
This is my second attempt to edit this post and it appears that a mod is editing as I write.
If you download from either of the sites that I have listed and install and open the exe file, then
you will see the malware that I have listed. My software quaratined it and when I deleted it the
first page of the setup installation was removed in otherwords the installation was aborted. There
is no doubt that the ccsetup133.exe is infected.
Believe me I'm not trying to come across rude in anyway.
We get all sorts of crazy claims that 99% of the time turn out to be false. Most of the time its from inexperienced users who honestly don't know what happened so we just try to help. Usually when someone thinks that they got a virus from ccleaner we can have them post a hijackthis log and see whats really happening and we then help them clean it up.
I got a 404 error when I clicked your link. Is this what you downloaded?
http://www.ccleaner.com/download/downloadpage.aspx?1
I just downloaded and scanned that file and it came up clean.
We get all sorts of crazy claims that 99% of the time turn out to be false. Most of the time its from inexperienced users who honestly don't know what happened so we just try to help. Usually when someone thinks that they got a virus from ccleaner we can have them post a hijackthis log and see whats really happening and we then help them clean it up.
I got a 404 error when I clicked your link. Is this what you downloaded?
http://www.ccleaner.com/download/downloadpage.aspx?1
I just downloaded and scanned that file and it came up clean.
QUOTE(rridgely @ Oct 19 2006, 03:31 AM) [snapback]52509[/snapback]
Believe me I'm not trying to come across rude in anyway.
We get all sorts of crazy claims that 99% of the time turn out to be false. Most of the time its from inexperienced users who honestly don't know what happened so we just try to help. Usually when someone thinks that they got a virus from ccleaner we can have them post a hijackthis log and see whats really happening and we then help them clean it up. :)
I got a 404 error when I clicked your link. Is this what you downloaded?
http://www.ccleaner.com/download/downloadpage.aspx?1
I just downloaded and scanned that file and it came up clean. :)
I scanned it and it came up clean. I double clicked it and ..... dirty, rude, ugly, and infected.
The url that I listed is not complete therefore it is not hot. I did that intentionally. Comprehende?
Sorry but its not possible. We have thousands of users who download and install this software every day.
May I ask what program is detecting ccleaner? Its possible its just a false detection. Also please post a hijackthis log.
May I ask what program is detecting ccleaner? Its possible its just a false detection. Also please post a hijackthis log.
You have to right click and save as to get the file ccsetup.exe which isn't even an .exe file it's an .html file stating no such page exists and here's exactly what it looks like.
It's contents aren't infected with anything. Your installed anti-malware software is just producing a false positive maybe because it's detecting a renamed file extension e.g.; it probably knows it's an .html document that's been renamed to .exe. Also none of the CCleaner downloads on CCleaner.com are simply named ccsetup.exe they have the version number included in them, e.g.; ccsetup133.exe, etc.
It's contents aren't infected with anything. Your installed anti-malware software is just producing a false positive maybe because it's detecting a renamed file extension e.g.; it probably knows it's an .html document that's been renamed to .exe. Also none of the CCleaner downloads on CCleaner.com are simply named ccsetup.exe they have the version number included in them, e.g.; ccsetup133.exe, etc.
QUOTE(rridgely @ Oct 19 2006, 03:31 AM) [snapback]52509[/snapback]
Believe me I'm not trying to come across rude in anyway.
We get all sorts of crazy claims that 99% of the time turn out to be false. Most of the time its from inexperienced users who honestly don't know what happened so we just try to help. Usually when someone thinks that they got a virus from ccleaner we can have them post a hijackthis log and see whats really happening and we then help them clean it up. :)
I got a 404 error when I clicked your link. Is this what you downloaded?
http://www.ccleaner.com/download/downloadpage.aspx?1
I just downloaded and scanned that file and it came up clean. :)
I do not believe you. You are not paying attention to what I am saying.
QUOTE(Andavari @ Oct 19 2006, 04:16 AM) [snapback]52514[/snapback]
You have to right click and save as to get the file ccsetup.exe which isn't even an .exe file it's an .html file stating no such page exists and here's exactly what it looks like.
It's contents aren't infected with anything. Your installed anti-malware software is just producing a false positive maybe because it's detecting a renamed file extension e.g.; it probably knows it's an .html document that's been renamed to .exe. Also none of the CCleaner downloads on CCleaner.com are simply named ccsetup.exe they have the version number included in them, e.g.; ccsetup133.exe, etc.
You do not have to right click anything.
QUOTE(rridgely @ Oct 19 2006, 03:40 AM) [snapback]52512[/snapback]
Sorry but its not possible. We have thousands of users who download and install this software every day.
May I ask what program is detecting ccleaner? Its possible its just a false detection. Also please post a hijackthis log. :)
No not until you figure out what I am saying or at least what the possibilities are. Why? Because I do not trust you.
QUOTE(rridgely @ Oct 19 2006, 03:40 AM) [snapback]52512[/snapback]
Sorry but its not possible. We have thousands of users who download and install this software every day.
May I ask what program is detecting ccleaner? Its possible its just a false detection. Also please post a hijackthis log. :)
Thousands a day? Ummmmm
I don't know if I'm seeing things or what. 
I'm not accussing you of anything but did you edit your post to have http//download.ccleaner.com/ccsetup133.exe in it or was it already like that?
I'm not accussing you of anything but did you edit your post to have http//download.ccleaner.com/ccsetup133.exe in it or was it already like that?
Well Dr.Web online scan, and Jotti's online malware scan didn't find any infection. The only thing Jotti ever mentions about CCleaner is the packer used, yet no antivirus detected any infection.
It's just a false positive you're getting plain and simple, nothing else.
You haven't stated what antimalware software (e.g.; anti-virus, anti-spyware, anti-trojan) you're using that states it's infected?
It would help the CCleaner development team to know so they can contact the vendor so that they can update their definition files to remove the false positive.
It's just a false positive you're getting plain and simple, nothing else.
You haven't stated what antimalware software (e.g.; anti-virus, anti-spyware, anti-trojan) you're using that states it's infected?
It would help the CCleaner development team to know so they can contact the vendor so that they can update their definition files to remove the false positive.
QUOTE(Andavari @ Oct 19 2006, 05:40 AM) [snapback]52522[/snapback]
I don't know if I'm seeing things or what.
I'm not accussing you of anything but did you edit your post to have http//download.ccleaner.com/ccsetup133.exe in it or was it already like that?
This is the second time that I have replied to your post. The first time I was kicked off when I entered "add
reply" . I will try again.
Yes I edited the post three times. My first statement did not include a hot url. It was mistaken for one. Someone edited it and did not get it right. I quoted the complete url later but again it was not hot. I do not feel that this is a confusing issue but someone is editing my posts as I type and it is beginning to appear
that the issue is confusing.
The point is. When I download the ccsetup133.exe file I put it in a new folder. When I double click on the file,
it is the only file downloaded, the setup begins with a english setup window. the next click innitiates a
quaratine and my software will not allow me to install without deleting the malware. When I delete the file
the installation window is closed and the installation is aborted.
QUOTE(yelloweye @ Oct 19 2006, 01:07 AM) [snapback]52525[/snapback]
This is the second time that I have replied to your post. The first time I was kicked off when I entered "add
reply" . I will try again.
Yes I edited the post three times. My first statement did not include a hot url. It was mistaken for one. Someone edited it and did not get it right. I quoted the complete url later but again it was not hot. I do not feel that this a confusing issue but someone is editing my posts as I type and it is beginning to appear
that the issue is confusing.
The forum sometimes get's unresponsive and has been for the last year or so.
Ahh that explains the editing: "hot linking." Oops I posted the direct download too.
QUOTE(Andavari @ Oct 19 2006, 06:05 AM) [snapback]52524[/snapback]
Well Dr.Web online scan, and Jotti's online malware scan didn't find any infection. The only thing Jotti ever mentions about CCleaner is the packer used, yet no antivirus detected any infection.
It's just a false positive you're getting plain and simple, nothing else.
You haven't stated what antimalware software (e.g.; anti-virus, anti-spyware, anti-trojan) you're using that states it's infected?
It would help the CCleaner development team to know so they can contact the vendor so that they can update their definition files to remove the false positive.
Try to execute the setup file with f secure loaded.
Same thing whit F-secure.
My laptop F-secure didnīt alert when I installed CCleaner 133 few days ago. Now I download CCleaner again to my desktop and now F-secure did that alert of trojan. I try to install that copy from my laptop and again desktop F-secure find trojan (same copy in laptop didn't done that).
I scan my laptop, but it was clean. I don't know is there win32.trojandownloader.Zlob in that setup file or is this F-secure false alert????????????????????
My laptop F-secure didnīt alert when I installed CCleaner 133 few days ago. Now I download CCleaner again to my desktop and now F-secure did that alert of trojan. I try to install that copy from my laptop and again desktop F-secure find trojan (same copy in laptop didn't done that).
I scan my laptop, but it was clean. I don't know is there win32.trojandownloader.Zlob in that setup file or is this F-secure false alert????????????????????
QUOTE(Finflash @ Oct 19 2006, 01:55 PM) [snapback]52541[/snapback]
Same thing whit F-secure.
My laptop F-secure didnīt alert when I installed CCleaner 133 few days ago. Now I download CCleaner again to my desktop and now F-secure did that alert of trojan. I try to install that copy from my laptop and again desktop F-secure find trojan (same copy in laptop didn't done that).
I scan my laptop, but it was clean. I don't know is there win32.trojandownloader.Zlob in that setup file or is this F-secure false alert????????????????????
Good question. For now let us drop this false alert, false positive bulls**t and call malware, malware because
f secure has. Next it would be reasonable to call in a "third party" to define and clear the issue, malware or
no malware. Previous posts here have been nonfactual. Sorting out the positive insights is difficult.
so... call malware malware and get it on...
Little more.
I scanned setup-file whit F-secure and report was clear, but when I execute that same setup-file, alert come's ??
I scanned setup-file whit F-secure and report was clear, but when I execute that same setup-file, alert come's ??
To try and sort this out I have e-mailed f-secure.
It may be of interest for people to read this thread particularly the Sept 13 entries near the bottom
http://portableapps.com/node/2939
It may be of interest for people to read this thread particularly the Sept 13 entries near the bottom
http://portableapps.com/node/2939
Hi there,
The virus or malware detection is false, we very carefully scan each release before it goes out.
There are known issues that occur from time-to-time with antivirus products where they detect CCleaner and many other products as viruses or as containing malware. If these detections affect a lot of people then I post a message on the homepage highlighting the known issue and hopefully calming users worries.
If your computer has been infected with a virus, then I can confidently say that it came from another source and not the CCleaner installer.
MrG
The virus or malware detection is false, we very carefully scan each release before it goes out.
There are known issues that occur from time-to-time with antivirus products where they detect CCleaner and many other products as viruses or as containing malware. If these detections affect a lot of people then I post a message on the homepage highlighting the known issue and hopefully calming users worries.
If your computer has been infected with a virus, then I can confidently say that it came from another source and not the CCleaner installer.
MrG
QUOTE(hazelnut @ Oct 19 2006, 04:02 PM) [snapback]52551[/snapback]
To try and sort this out I have e-mailed f-secure.
It may be of interest for people to read this thread particularly the Sept 13 entries near the bottom
http://portableapps.com/node/2939
Thank you for your response. It is interesting to me that several days ago I loaded AVG. It started to corrupt my OS. Once stopped it was easy to remove. I do not believe that this is coincedence. I have seen the same thing happen with freeware downloads spyware and hijacking claims. For some reason I always end up with spyware or hijacks after I uninstall these programs.
f secure positively identified the malware immediately after the keystroke to run ccleaner install from the ccleaner menu.
yelloweye
20oct06
error using reply.
error using reply.
It occurs to me to ask if the OP knows that the distribution file ccsetup133.exe is the one that contains Yahoo toolbar. He could check by downloading ccsetup133_slim.exe and trying that instead. It would be quaint if the issue were actually in that toolbar!
Yelloweye.
I have just had an email from the f-secure virus people. They have fully examined the setup.exe and opened the files and can find NO trace of any trojan or virus, and are using all the latest definitions.
They have asked if I would pass on their advice which is to make sure you have all the latest f-secure virus definitions installed. Also if you try again and anything happened to send them a screenshot of the alert or a scanning report
file FSAV_REP.HTM.
I think yelloweye we have done all we can to try and assure you that this problem is not one caused by ccleaner. I honestly think you would benefit from posting a Hijackthis Log on the relevant part of this forum as some of the problems you seem to have encountered ( such as AVG causing corruptions) can be caused by malware.
Instructions can be found here.
http://forum.ccleaner.com/index.php?showtopic=1720
I have just had an email from the f-secure virus people. They have fully examined the setup.exe and opened the files and can find NO trace of any trojan or virus, and are using all the latest definitions.
They have asked if I would pass on their advice which is to make sure you have all the latest f-secure virus definitions installed. Also if you try again and anything happened to send them a screenshot of the alert or a scanning report
file FSAV_REP.HTM.
I think yelloweye we have done all we can to try and assure you that this problem is not one caused by ccleaner. I honestly think you would benefit from posting a Hijackthis Log on the relevant part of this forum as some of the problems you seem to have encountered ( such as AVG causing corruptions) can be caused by malware.
Instructions can be found here.
http://forum.ccleaner.com/index.php?showtopic=1720
Greetings
I don't know what the hostility was about BUT, I have the same problem. I rcvd my notication from ccleaner regarding the update. Downloaded it as I have previous updates, and I received the same warning and that the Zlob is now quarantined. HOWEVER IT CAME DURING THE DOWNLOAD PROCEDURE. F-Secure jumped all over it. But to tell someone it didn't happen is no help at all.
So now that I got this crap, do I go back and download my upgrade again etc. This is not giving me a whole lot of confidence at this time.
Iamjumpinjeff
I don't know what the hostility was about BUT, I have the same problem. I rcvd my notication from ccleaner regarding the update. Downloaded it as I have previous updates, and I received the same warning and that the Zlob is now quarantined. HOWEVER IT CAME DURING THE DOWNLOAD PROCEDURE. F-Secure jumped all over it. But to tell someone it didn't happen is no help at all.
So now that I got this crap, do I go back and download my upgrade again etc. This is not giving me a whole lot of confidence at this time.
Iamjumpinjeff
yelloweye,
If you don't want to accept the advice that this is a false positive, you can:
Contact F-Secure yourself and get their advice.
- or -
Wait and try to install CCleaner next week. In the meantime F-Secure will probably fix their problem.
- or -
Go away.
If you don't want to accept the advice that this is a false positive, you can:
Contact F-Secure yourself and get their advice.
- or -
Wait and try to install CCleaner next week. In the meantime F-Secure will probably fix their problem.
- or -
Go away.
You should be able to contact F-Secure through this link:
http://www.f-secure.com/f-secure/contact_information.html
http://www.f-secure.com/f-secure/contact_information.html
I have been a user of ccleaner for many years, and now use it in a secure work environment where everything has to pass through many scanners, and an install watcher to check for any back doors.
I am happy to say that the slim package we use is 100% free of vermin, back doors, and animals that pose as horses.
Sample of the Scanner list
Nod32
F-secure
NAV (2000/2006)
AVG
Spybot
[edit]Typos/
I am happy to say that the slim package we use is 100% free of vermin, back doors, and animals that pose as horses.
Sample of the Scanner list
Nod32
F-secure
NAV (2000/2006)
AVG
Spybot
[edit]Typos/
Hi All
Well... I don't like "flames" when itīs about false/positives
Users in Sweden reported exactly the same.
The file involved is InstallOptions.dll, this file is created during setup in a
temporarily folder.
From F-Secures logfile:
Win32.Trojandownloader.Zlob (Malware)
FILE:C:\DOCUME~1\GRAN~1\LOKALA~1\Temp\nsh216.tmp\InstallOptions.dll
I have scanned this file yesterday evening with Virustotal and also today with F-Secures scanner
without any alarm.
This must be challenge for F-Secure to solve.
regards
plun
http://support.f-secure.com/enu/home/ols.shtml
Citat:
Scanning Report
Friday, October 20, 2006 12:01:44 - 12:02:22
Computer name:
Scanning type: Scan target for viruses
Target: C:\Documents and Settings\MrX\Lokala inställningar\Temp\nsb95.tmp
--------------------------------------------------------------------------------
Result: 0 malware found
--------------------------------------------------------------------------------
Statistics
Scanned:
Files: 6
System: 0
Not scanned: 0
Actions:
Disinfected: 0
Renamed: 0
Deleted: 0
None: 0
Submitted: 0
Files not scanned:
--------------------------------------------------------------------------------
Options
Scanning engines:
F-Secure AVP: 6.0.171, 2006-10-20
F-Secure Libra: 2.4.1, 2006-10-20
F-Secure Orion: 1.2.37, 2006-10-20
F-Secure Blacklight: 1.0.31, 0000-00-00
F-Secure Pegasus: 1.19.0, 2006-08-29
F-Secure Draco: 1.0.35, 2006-10-18
Scanning options:
Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML ZIP XXX
Use Advanced heuristics
Well... I don't like "flames" when itīs about false/positives
Users in Sweden reported exactly the same.
The file involved is InstallOptions.dll, this file is created during setup in a
temporarily folder.
From F-Secures logfile:
Win32.Trojandownloader.Zlob (Malware)
FILE:C:\DOCUME~1\GRAN~1\LOKALA~1\Temp\nsh216.tmp\InstallOptions.dll
I have scanned this file yesterday evening with Virustotal and also today with F-Secures scanner
without any alarm.
This must be challenge for F-Secure to solve.
regards
plun
QUOTE
Complete scanning result of "InstallOptions.dll", received in VirusTotal at 10.19.2006, 23:01:47 (CET).
Antivirus Version Update Result
AntiVir 7.2.0.31 10.19.2006 no virus found
Authentium 4.93.8 10.19.2006 no virus found
Avast 4.7.892.0 10.19.2006 no virus found
AVG 386 10.19.2006 no virus found
BitDefender 7.2 10.19.2006 no virus found
CAT-QuickHeal 8.00 10.19.2006 no virus found
ClamAV devel-20060426 10.19.2006 no virus found
eTrust-InoculateIT 23.73.29 10.19.2006 no virus found
eTrust-Vet 30.3.3143 10.19.2006 no virus found
DrWeb 4.33 10.19.2006 no virus found
Ewido 4.0 10.19.2006 no virus found
Fortinet 2.82.0.0 10.19.2006 no virus found
F-Prot 3.16f 10.19.2006 no virus found
F-Prot4 4.2.1.29 10.19.2006 no virus found
Ikarus 0.2.65.0 10.19.2006 no virus found
Kaspersky 4.0.2.24 10.19.2006 no virus found
McAfee 4877 10.19.2006 no virus found
Microsoft 1.1603 10.19.2006 no virus found
NOD32v2 1.1817 10.19.2006 no virus found
Norman 5.80.02 10.19.2006 no virus found
Panda 9.0.0.4 10.19.2006 no virus found
Sophos 4.10.0 10.15.2006 no virus found
TheHacker 6.0.1.101 10.19.2006 no virus found
UNA 1.83 10.19.2006 no virus found
VBA32 3.11.1 10.19.2006 no virus found
VirusBuster 4.3.7:9 10.19.2006 no virus found
Aditional Information
File size: 12800 bytes
MD5: 444e1109d960c307df0ca2b33a24731b
SHA1: 55e3b57d06128911ed4af44858d199d9b1945edc
Antivirus Version Update Result
AntiVir 7.2.0.31 10.19.2006 no virus found
Authentium 4.93.8 10.19.2006 no virus found
Avast 4.7.892.0 10.19.2006 no virus found
AVG 386 10.19.2006 no virus found
BitDefender 7.2 10.19.2006 no virus found
CAT-QuickHeal 8.00 10.19.2006 no virus found
ClamAV devel-20060426 10.19.2006 no virus found
eTrust-InoculateIT 23.73.29 10.19.2006 no virus found
eTrust-Vet 30.3.3143 10.19.2006 no virus found
DrWeb 4.33 10.19.2006 no virus found
Ewido 4.0 10.19.2006 no virus found
Fortinet 2.82.0.0 10.19.2006 no virus found
F-Prot 3.16f 10.19.2006 no virus found
F-Prot4 4.2.1.29 10.19.2006 no virus found
Ikarus 0.2.65.0 10.19.2006 no virus found
Kaspersky 4.0.2.24 10.19.2006 no virus found
McAfee 4877 10.19.2006 no virus found
Microsoft 1.1603 10.19.2006 no virus found
NOD32v2 1.1817 10.19.2006 no virus found
Norman 5.80.02 10.19.2006 no virus found
Panda 9.0.0.4 10.19.2006 no virus found
Sophos 4.10.0 10.15.2006 no virus found
TheHacker 6.0.1.101 10.19.2006 no virus found
UNA 1.83 10.19.2006 no virus found
VBA32 3.11.1 10.19.2006 no virus found
VirusBuster 4.3.7:9 10.19.2006 no virus found
Aditional Information
File size: 12800 bytes
MD5: 444e1109d960c307df0ca2b33a24731b
SHA1: 55e3b57d06128911ed4af44858d199d9b1945edc
http://support.f-secure.com/enu/home/ols.shtml
QUOTE
Citat:
Scanning Report
Friday, October 20, 2006 12:01:44 - 12:02:22
Computer name:
Scanning type: Scan target for viruses
Target: C:\Documents and Settings\MrX\Lokala inställningar\Temp\nsb95.tmp
--------------------------------------------------------------------------------
Result: 0 malware found
--------------------------------------------------------------------------------
Statistics
Scanned:
Files: 6
System: 0
Not scanned: 0
Actions:
Disinfected: 0
Renamed: 0
Deleted: 0
None: 0
Submitted: 0
Files not scanned:
--------------------------------------------------------------------------------
Options
Scanning engines:
F-Secure AVP: 6.0.171, 2006-10-20
F-Secure Libra: 2.4.1, 2006-10-20
F-Secure Orion: 1.2.37, 2006-10-20
F-Secure Blacklight: 1.0.31, 0000-00-00
F-Secure Pegasus: 1.19.0, 2006-08-29
F-Secure Draco: 1.0.35, 2006-10-18
Scanning options:
Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML ZIP XXX
Use Advanced heuristics
F-Secure behaviour confirmed; when I tried to install the latest CCleaner I got that warning. After a little wondering I disabled the anti-virus software first after having checked the installer package with no reaction. Then after CCleaner install I checked the system with no reaction, so it's the first time I got a false positive with F-Secure. But what have you changed to mislead F-Secure - or perhaps F-Secure definitions have changed to give that false positive. I have had CCleaner installed perhaps 2 years as well as F-Secure but it's the first time I got that warning. And I regard both softwares as highly recommended!
I have sent another email to f-secure with a link to this thread.
QUOTE(hazelnut @ Oct 20 2006, 07:01 PM) [snapback]52643[/snapback]
I have sent another email to f-secure with a link to this thread.
Hi hazelnut
This is probably a better entrance for a f/P trouble and also for all F-Secure users with this "challenge".
http://support.f-secure.com/enu/home/virusproblem/sample/
Undetected viruses
If you have a virus sample that is not detected or it causes a false alarm with F-Secure Virus Protection, please submit a sample of such file to F-Secure.
Direct:
http://support.f-secure.com/enu/home/virus...ex_sample.shtml
F-Secure operates one office in Helsinki and also one in Malaysia, Kuala Lumpur so someone
is for sure awake...
regards
plun
This has gotten out of hand. The level of respect that is usually kept on this forum is nowhere to be found in this topic. 
The bottom line is that the only problem is a false positive detection from fsecure. All that will have to be done is MrG will have to contact F-Secure and have them correct their detections.
This topic will be locked and an update will be posted in the future when this issue has been resolved.
The bottom line is that the only problem is a false positive detection from fsecure. All that will have to be done is MrG will have to contact F-Secure and have them correct their detections.
This topic will be locked and an update will be posted in the future when this issue has been resolved.
F-Secure have responded with the following email:
We have verified the claim and isolated the cause of the false alarm.
We are already fixing the problem and will release an update as soon as
possible.
Thank you for bringing this to our attention.
We have verified the claim and isolated the cause of the false alarm.
We are already fixing the problem and will release an update as soon as
possible.
Thank you for bringing this to our attention.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.