Next to the fix of the cleanup of the Windows Component Store in v220.127.116.111 of Cleanmgr+, i have decided not to compile this version with Resource Hacker anymore.
Resource Hacker is a reliable program that allows you to view, modify, rename, delete, and export resources embedded into an executable file.
I usually had no problem with it until the last versions did not trigger more and more false positives. I always modifed my Application resources with it and also the Cleanmgr+.exe (Versioning information etc.) and finally compiled the .EXE with it. After adding just one resource file, numerous antivirus software tagged it with a red flag here an false positive.
Maybe someone has an explanation for it, unfortunately I do not :(
Cleanmgr+ does not even go so deep into the system. It uses numeorus simple Windows command prompt instructions, command-line utilities and other simple Windows API. These are not the trigger. I am absolutely certain.
A "false positive" or "false alarm" is when antivirus software identifies a non-malicious file as malware. When this happens, it can cause serious problems. For example, if an antivirus program is configured to immediately delete or quarantine infected files, as is common on Microsoft Windows antivirus applications, a false positive in an essential file can render the Windows operating system or some applications unusable. Recovering from such damage to critical software infrastructure incurs technical support costs and businesses can be forced to close whilst remedial action is undertaken. (Wikipedia)
Here are some Examples of serious false-positives:
- May 2007: a faulty virus signature issued by Symantec mistakenly removed essential operating system files, leaving thousands of PCs unable to boot.
- May 2007: the executable file required by Pegasus Mail on Windows was falsely detected by Norton AntiVirus as being a Trojan and it was automatically removed, preventing Pegasus Mail from running. Norton AntiVirus had falsely identified three releases of Pegasus Mail as malware, and would delete the Pegasus Mail installer file when that happened. In response to this Pegasus Mail stated: On the basis that Norton/Symantec has done this for every one of the last three releases of Pegasus Mail, we can only condemn this product as too flawed to use, and recommend in the strongest terms that our users cease using it in favour of alternative, less buggy anti-virus packages
- April 2010: McAfee VirusScan detected svchost.exe, a normal Windows binary, as a virus on machines running Windows XP with Service Pack 3, causing a reboot loop and loss of all network access.
- December 2010: a faulty update on the AVG anti-virus suite damaged 64-bit versions of Windows 7, rendering it unable to boot, due to an endless boot loop created.
- October 2011: Microsoft Security Essentials (MSE) removed the Google Chrome web browser, rival to Microsoft's own Internet Explorer. MSE flagged Chrome as a Zbot banking trojan.
- September 2012: Sophos' anti-virus suite identified various update-mechanisms, including its own, as malware. If it was configured to automatically delete detected files, Sophos Antivirus could render itself unable to update, required manual intervention to fix the problem.
Most of the time 58 of 71 virus scanners found no problems in Cleanmgr+. But these 20 % were enough!
Sometimes the vendors are not responsive (especially because when a non-customer contacts them). So every new update of Cleanmgr+ has to be submitted to the AV vendor, checked and approved (with new signatures) again. E.g. the Bitdefender signatures were used by 5,6,7 (I have not counted them) other antivirus products. So everyone is tagging it with the same "infection and risk".
In conclusion, I believe the red flags are merely false positives, which happens with antivirus software. This is common and sometimes they creates a false sense of security. I don't think it has anything to do with Resource Hacker either, but this is the only current solution for me.
So finaly, here are the results of the new build 18.104.22.1681 of Cleanmgr+
AV Detection Ratio on VirusTotal: 0 / 71
More Infos about Cleanmgr+
- Cleanmgr+ 1.1.1 released
- Microsoft is retiring the legacy Disk Cleanup tool "cleanmgr.exe", Mirinsoft is replacing it with Cleanmgr+
- Goodbye Cleanmgr, welcome Cleanmgr+ A replacement for the classic Windows Disk Clean-up
- Introducing the Cleanmgr+ First Program