It would probably be better to up load them together in a zip file, which will make it easier to download the collection.
I have just downloaded 1 and it is 2:32 a.m. here so I’m calling it a night. If you upload them together in a zip I can collect them later today and submit to avast.
Yeah, sorry, I should have done that. It’s done now. Could you let me know when you’ve done it please, so I can change the password.
OK, done now, probably best if you remove the user name and password from the previous post, so it isn’t hanging in the wind.
I will upload them shortly.
I’ve done that. Thanks very much again for your trouble.
Your welcome, lets hope there is a quick correction.
I had the same problem with these trojans using the latest version of CCleaner. I found that reverting back to an older version, CCleaner, 1.31, Avast no longer picked them up while cleaning. You may want to try an older version and see if they are still picked up on your system. False positives?
You can download older versions here.
Indeed it seems so.
What is strange is that the old versions of CCleaner seems to have the same procedure, cleaning temporary files the same way, but do not affect avast ???
It’s not a solution, going to old versions, but a workaround. I hope Alwil team could reproduce this in their lab… Maybe it will be good to ask CCleaner team to know if they have something to explain/correct.
My problems with these trojans began when I installed CCleaner V1.39.502. Below are the “Whats new” in that version.
v1.39.502 - [17th April 2007]
Note - Added AntiVir PE Classic and Premium cleaning.
So, does CCleaner now run an Anti Virus built in when cleaning? If so, I suspect it conflicts with Avast running and throws up the false positives?
This is the Avira AntiVir website (I assume this is the AntiVir PE Classic mentioned).
The only problem I have with that is that 1.39.502 was fine until the end of April. Updating to 1.40.520 made no difference, Avast still detected stuff. The fact that 1.39.502 was ok for quite a while tends to suggest that the problem is with Avast detecting things that CCleaner is disturbing, rather than a problem with the newer versions of CCleaner. Possibly, the older versions weren’t cleaning as deeply as the newer versions, I don’t know.
Yeah, it’s a bit like stopping using CCleaner, and using something else instead.
It’s also strange that not everyone (you included) is experiencing this problem when using the latest CCleaner ???
On a brighter note, I’ve had no alerts from Avast when using CCleaner since the one on 28th at 5.06pm which I detailed in an earlier post. Fingers crossed, I guess! Avast still sees Trojans in the stuff in the Chest though.
Unfortunately, this doesn’t explain why it ran successfully for a while. Coming out on 17th April, I installed it on 21st (I’d already downloaded it before reformatting on 21st, which is how I’m pretty sure of the date), and so it therefore ran for a week before problems arose.
That’s confusing to me too, though not everyone has the same software, drivers, etc installed beyond the avast!/CCleaner combination. Sometimes its the not-so-obvious things that cause the conflict.
Well that’s a good sign …
though I don’t get that at all.
Still, 3 days with no further alerts does indicate false positives.
Maybe something here…
I don’t think so… cleaning of their files I suppose (logs, temp files, etc.).
I did not update to 1.39.502 until the end of April so do not know what happened before then. First trojan picked up on 28th, Win32:agent-GKD. From then on they were not picked up everyday, until I did several scans on the 19th May, when 5 trojans were picked up. Avast picked up nothing in the browser cache prior to each clean either. Then I reverted back to the older version of CCleaner and nothing was picked up.
I’ve also used other cleaners and Avast picked up nothing when they were cleaning (perhaps they don’t clean as deeply as CCleaner?).
I’ve just re-installed CCleaner 1.40.520, ran it twice and all clear so far, so we will see what happens.
Ties in with my first find (and Gabriele08’s) on the 27th.
And Lavasoft. In reply #69 I posted details of Avast alerting during an Adaware scan. This has never happened again, but must surely prove that the problem doesn’t originate from CCleaner.
The whole thing is weird though. The other day, when I found that Tiscali were having problems, and DavidR kindly offered to upload some of my Chest contents to Avast, he said that I should add the files to the exclusion list before extracting them from the Chest, so that Avast wouldn’t alert on them when I was preparing to upload them to Rapidshare.com (which obviously, makes complete sense).
I didn’t do this, and yet Avast didn’t alert. I extracted 8 files from the Chest to a folder, zipped the folder and uploaded it. No alerts at all. I then dragged the zip file to the recycle bin, still nothing. Only when I emptied the recycle bin did Avast alert. Surely DavidR was right, and Avast should have alerted as soon as I started ‘playing’ with the files, especially when I zipped them, and if not then, when I uploaded them? Could zipping them have masked them? Well, I’d already uploaded them individually, unzipped, before DavidR suggested zipping the whole lot together.
Why has Avast suddenly stopped alerting? I’m going to exactly the same sites, doing the same things, and yet it’s suddenly stopped (I hope I’m not tempting fate here!). If it’s an Avast update, why are the files in the Chest still being alerted on?
It may be that because some of the files were from the firefox cache, they are extensionless file types and depending on your standard shield sensitivity it may not scan those files. Though the web shield should have scanned them on initial download as it doesn’t care about file type or extensions.
Though by CCleaner moving or opening them would cause avast to scan them, but it is certainly weird. They would be alerted on outside the chest if you used the ashQuick.exe scan as that is the most sensitive of scans.
Sorry, was that reply to my last post? If it was, sorry, I don’t use Firefox. Standard Shield is set to ‘High’, incidentally.
Yep! ;D
Yes it was, it was an assumption that the numeric file names without a file type was from the firefox browser cache as that is how they are stored. Even though the assumption about firefox was wrong, the bit about extensionless files may have been correct.
Though with the standard shield on high that really shouldn’t have been the case I would have though virtually everything would be scanned on activity, created, modified, etc.
So we’re back on:
;D
I am using Firefox, and that is where the trojans were found when running CCleaner, Firefox cache, documents and settings.
Ran CCLeaner this morning and Avast picked up Win32:agent-GVO, which is a new one. I visited 2 sites while on the internet, this one and a streaming radio site (have used it for a couple of years) which I would consider to be safe and is a green site according to MacAfee SiteAdvisor. I cleaned just 0.9mb from the cache and Avast picked this one up as soon as the cleaning started.
Yeah, you’re finding stuff in the same place as Gabriele08 I think.
It doesn’t seem to matter where you go. On one occasion, detailed in an earlier post, I connected to the internet and my homepage (Google) loaded. I then I logged off again without doing any searches or going anywhere else. Avast then alerted when I ran CCleaner.