- Jul 3, 2015
Regardless of Ai, I think VS would have blocked it anyways, because even before the backdoor was discovered, the installer had a rating of 8 on VT. That's enough to trigger a block,right?Yeah, this would be pretty much impossible for Ai of any kind to detect, which turned out to be the case, since CCleaner is most likely part of the various Ai training data sets. Basically, there is going to be a super close match to the safe CCleaner, so there is not a chance this will be detected as unsafe. Now, if an attacker packed CCleaner or monkeyed with the file the usual way, that is a totally different story... it would almost certainly be detected by most or all Ai products.
I downloaded the file a few days ago, and checked it on VT, and that's how I remember it, anyways.
The real problem is the user. Because if Ai says it's okay, and the bads on VT are coming mostly from weak engines like Clam, then a user like me would probably go ahead and install, since it comes from a known and trusted company.