Sophos AV and CCleaner

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Is Sophos AV 6.5.7 (with Threat Detection Data 4.19) erroneously
flagging ccleaner.exe (CCleaner v1.40) as Virus Mal/VB-K ?
Or am I really infected?


Re: Sophos AV and CCleaner


| Is Sophos AV 6.5.7 (with Threat Detection Data 4.19) erroneously
| flagging ccleaner.exe (CCleaner v1.40) as Virus Mal/VB-K ?
| Or am I really infected?

It could be a False Positive.

Please submit a sample to Virus Total --
http://www.virustotal.com/flash/index_en.html
The submission will then be tested against many different AV vendor's scanners.
That will give you an idea what it is and who recognizes it.  In addition,
unless told
otherwise, Virus Total will provide the sample to all participating vendors.

You can also submit a suspect, one at a time, via the following email URL...
mailto:scan@virustotal.com?subject=SCAN

When you get the report, please post back the exact results.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: Sophos AV and CCleaner

wrote:
Quoted text here. Click to load it

The Sophos AV automatic incremental update on 11 Jul 20-07 (19:35 GMT)
added the Virus Mal/VB-K detection.
http://www.sophos.com/downloads/ide /

The Sophos update on 12 Jul 2007 (12:16 GMT) does not flag
ccleaner.exe as a virus anymore.

FYI.


http://www.virustotal.com reports

File ccleaner.exe received on 07.12.2007 19:32:59 (CET)


Antivirus Version Last Update Result
AhnLab-V3 2007.7.13.0 2007.07.12 no virus found
AntiVir 7.4.0.39 2007.07.12 no virus found
Authentium 4.93.8 2007.07.12 no virus found
Avast 4.7.997.0 2007.07.12 no virus found
AVG 7.5.0.476 2007.07.12 no virus found
BitDefender 7.2 2007.07.12 no virus found
CAT-QuickHeal 9.00 2007.07.12 no virus found
ClamAV devel-20070416 2007.07.12 no virus found
DrWeb 4.33 2007.07.12 no virus found
eSafe 7.0.15.0 2007.07.10 no virus found
eTrust-Vet 30.8.3781 2007.07.12 no virus found
Ewido 4.0 2007.07.12 no virus found
FileAdvisor 1 2007.07.12 no virus found
Fortinet 2.91.0.0 2007.07.12 no virus found
F-Prot 4.3.2.48 2007.07.11 no virus found
Ikarus T3.1.1.8 2007.07.12 no virus found
Kaspersky 4.0.2.24 2007.07.12 no virus found
McAfee 5073 2007.07.12 no virus found
Microsoft 1.2704 2007.07.12 no virus found
NOD32v2 2395 2007.07.12 no virus found
Norman 5.80.02 2007.07.12 no virus found
Panda 9.0.0.4 2007.07.12 no virus found
Sophos 4.19.0 2007.07.06 no virus found
Sunbelt 2.2.907.0 2007.07.12 no virus found
Symantec 10 2007.07.12 no virus found
TheHacker 6.1.6.145 2007.07.12 no virus found
VBA32 3.12.0.2 2007.07.12 no virus found
VirusBuster 4.3.23:9 2007.07.12 no virus found
Webwasher-Gateway 6.0.1 2007.07.12 no virus found

Aditional information
File size: 598920 bytes
MD5: 02dc8f8fdc55ffe0a7ae6626bdd3f850
SHA1: 668c3de08d7b83aa32f5ae1dcc489be102593310


ATENTION: VirusTotal is a free service offered by Hispasec Sistemas.
There are no guarantees about the availability and continuity of this
service. Although the detection rate afforded by the use of multiple
antivirus engines is far superior to that offered by just one product,
these results DO NOT guarantee the harmlessness of a file. Currently,
there is not any solution that offers a 100% effectiveness rate for
detecting viruses and malware.




Re: Sophos AV and CCleaner


| wrote:
Quoted text here. Click to load it
|>> Is Sophos AV 6.5.7 (with Threat Detection Data 4.19) erroneously
|>> flagging ccleaner.exe (CCleaner v1.40) as Virus Mal/VB-K ?
|>> Or am I really infected?
Quoted text here. Click to load it
|
| The Sophos AV automatic incremental update on 11 Jul 20-07 (19:35 GMT)
| added the Virus Mal/VB-K detection.
| http://www.sophos.com/downloads/ide /
|
| The Sophos update on 12 Jul 2007 (12:16 GMT) does not flag
| ccleaner.exe as a virus anymore.
|
< snip >

False Positive.

That's why you use a Quarantine capability.

I'm glad this has been settled quickly.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Site Timeline