Results 1 to 6 of 6
  1. #1

    Temp Fles Cleaner (tfc.exe) infected

    I run Temp Fles Cleaner (tfc.exe) from time to time on my Windows 7 64-bit laptop computer. It has never caused problems until today, when Avast! detected an infection and prevented the program from running. Then, it deleted the file and when I tried to download the file again from www.bleepingcomputer.com / http://www.geekstogo.com/forum/files...r-by-oldtimer/, Avast! blocked the download.

    I don't know whether this is a false positive.

  2. #2

  3. #3
    Amazonnnlyo
    Guest
    Let me explain why....certain embedded files that are part of legitimate programs and specialized fix tools (like TFC), may at times be detected by some anti-virus and anti-malware scanners as suspicious, a Risk Tool, Hacking Tool, Potentially Unwanted Program, a possible threat or even Malware (virus/trojan) when that is not the case. This occurs for a variety of reasons to include the tool's compiler, the files it uses, whether files are compressed or packed, what behavior (routines, scripts, etc) it performs, any registry strings it may contain and the type of security engine that was used during the scan. Other legitimate files which may be obfuscated, encrypted or password protected in order to conceal itself so they do not allow access for scanning but often trigger alerts by anti-virus software.

    When flagged by an anti-virus or security scanner, it's because the program includes features, behavior or files that appear suspicious or which can potentially be used for malicious purposes. Compressed and packed files in particular are often flagged as suspicious by security software because they have difficulty reading what is inside them. These detections do not necessarily mean the file is malicious or a bad program. It means it has the potential for being misused by others or that it was simply detected as suspicious or a threat due to the security program's heuristic analysis engine which provides the ability to detect possible new variants of malware. Anti-virus scanners cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert you or even automatically remove them. In these cases the detection is a "false positive" and can be ignored.

    Most of the well known specialized tools we use against malware are written by experts/Security Colleagues at various security forums like Bleeping Computer, TechSupport, GeeksToGo, SypwareInfo and other similar sites so they can be trusted...this includes any program hosted by BC for download. Unfortunately, many of these tools are repeatedly falsely detected by various anti-virus programs from time to time for the reasons noted above.

  4. #4
    AmarricMed
    Guest
    You're welcome on behalf of the Bleeping Computer community.

    BTW...According to avast forums, FileRepMalware means the file has a low reputation score so it isn't a specific file detection but one more related to avast's reputation services option. For example...Chrome, Macromedia Flash and League of Legends .exe's all have been detected as FileRepMalware. They typically advise users to upload the detected file to virustotal for a second opinion.

  5. #5
    Amazonnndnb
    Guest
    FC by Old Timer was last updated as per below (if you need to alter your directions). Not sure if it was due to the "false positive" or just an upgrade ..
    Submitted: May 28 2009 11:25 AM .. Last Updated: Mar 22 2015 12:15 PM - - Not 6/23/12 as mentioned.

    I would think that BleepingComputer should have the current upgrade listed ..

  6. #6
    The download site for TFC.exe is http://www.geekstogo.com/forum/files...er-by-oldtimer. Consequently, all attempts to download the file from BleepingComputer divert to www.geekstogo.com.

    I submitted the file to Avast as a suspected false positive. However, Avast still blocks the file as FileRepMalware.

    The latest version of TFC.exe, available from geekstogo.com, is 3.1.9.0. I don't know the creation date, because the File Properties menu on my Windows 7 computer reports the creation date as 06 ‎December ‎2015, ‏‎08:22:55 (i.e. the date and time that I downloaded the file).

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •