Gizmos Freeware Reviews  

Go Back   Gizmo's Freeware Forum > Debating Chamber > Security

Reply
 
Thread Tools Display Modes
Old 18. Sep 2017, 07:20 PM   #1 (permalink)
Site Manager
 
MidnightCowboy's Avatar
 
Join Date: Aug 2008
Location: South American Banana Republic, third bunch from the left
Posts: 14,960
Default CCleaner compromised

With many thanks to Rhiannon for this notice.

http://www.piriform.com/news/release...-windows-users
__________________
Buy a Hoover and prove technology sucks.
MidnightCowboy is online now   Reply With Quote
Old 19. Sep 2017, 05:46 AM   #2 (permalink)
Senior Member
 
Join Date: Dec 2014
Location: Perth, AU
Posts: 191
Default

that version v533 is probably their paid version.

so, if you are still using the freeware v51 then you are still safe enough.
- except that it nags you to 'upgrade' to the Paid version.
Pierre2 is offline   Reply With Quote
Old 19. Sep 2017, 06:55 AM   #3 (permalink)
Site Manager
 
MidnightCowboy's Avatar
 
Join Date: Aug 2008
Location: South American Banana Republic, third bunch from the left
Posts: 14,960
Default

Quote:
Originally Posted by Pierre2 View Post
that version v533 is probably their paid version.

so, if you are still using the freeware v51 then you are still safe enough.
- except that it nags you to 'upgrade' to the Paid version.
No, you are not safe with the free version.

http://www.techsupportalert.com/cont...-need-read.htm
__________________
Buy a Hoover and prove technology sucks.
MidnightCowboy is online now   Reply With Quote
Old 19. Sep 2017, 03:25 PM   #4 (permalink)
Super Moderator
 
Anupam's Avatar
 
Join Date: Jul 2008
Location: India
Posts: 15,044
Default

Before I read this news, day before yesterday, when I was about to shut down the PC for the night, I noticed that when I ran CCleaner, the exe won't run, saying it couldn't find the file. I found it quite strange. I checked the other programs to see if they were able to run, and they were. I checked Avast's virus chest to see if Avast detected something, and quarantined the file, but there too nothing. So, thinking it as some strange incident, I installed CCleaner 5.33 once again.

After reading the news on the internet though, about CCleaner being compromised, I then understood why it happened. But, I still didn't understand why the exe won't run... an update from CCleaner, or something from Avast?

Anyways, after reading about the news, I have uninstalled CCleaner for now, and have been waiting for the slim version of CCleaner, which I always install.

Reading the articles though, it isn't clear whether the infection remains even after uninstalling CCleaner. A link was shared on the main site here:

http://www.techsupportalert.com/cont...comment-130556

which says that the infection still remains.

So, how to clean it?

I ran quick scans with MBAM, and Avast yesterday, but both came clean.

But, if the server to which data was being sent has been located and shut down, the infection still matters? How to clean it?
__________________
Anupam
Anupam is online now   Reply With Quote
Old 19. Sep 2017, 07:54 PM   #5 (permalink)
Super Moderator
 
Anupam's Avatar
 
Join Date: Jul 2008
Location: India
Posts: 15,044
Default

In this article:

https://www.bleepingcomputer.com/new...lmost-a-month/

it says:

Quote:
In an email to Bleeping Computer, Avast CTO Ondrej Vlcek said that updating CCleaner to the most recent recent versions fixes any issues, as "the only malware to remove is the one embedded in the CCleaner binary itself."
So, it seems that just an update is required to the latest version. And I think uninstalling the infected version (5.33) works too?
__________________
Anupam
Anupam is online now   Reply With Quote
Old 19. Sep 2017, 10:54 PM   #6 (permalink)
Senior Member
 
deya's Avatar
 
Join Date: Oct 2009
Location: UK
Posts: 1,310
Default

Anupam; Dunno if you've come across this page at Bleeping Computer?

https://www.bleepingcomputer.com/how...how-to-remove/

... that may answer the questions you're asking.

Maybe there's more to come on this story, backdoors etc, who knows? I have a feeling the full story hasn't been told yet, maybe I'm wrong but I tend not to trust these companies. Damage limitation, for them, seems to be the name of the game where stuff like this is concerned, nothing is clear at first. Then when the dust has settled the real story trickles out. That's just my opinion.

If you think you've been infected, or you're mind is not at peace with the situation then you know as well as I do that the only way to be sure is to re-install the OS. At the moment, reading up on this I don't think that's necessary, but what do I know? If you have been infected however then sometimes it's the quickest way to resolve it - as opposed to doing endless scans and searching for answers, which is very time consuming.
deya is online now   Reply With Quote
Old 20. Sep 2017, 01:16 AM   #7 (permalink)
Senior Member
 
Melita-s's Avatar
 
Join Date: Dec 2012
Location: Canada
Posts: 560
Default

If System Restore is done to a point before Ccleaner installation wouldn't that solve the problem?
__________________
Melita
Melita-s is offline   Reply With Quote
Old 20. Sep 2017, 10:02 AM   #8 (permalink)
Super Moderator
 
Anupam's Avatar
 
Join Date: Jul 2008
Location: India
Posts: 15,044
Default

deya, thank you for the helpful link .

I checked the registry on my PC, and there was no registry entry for Piriform, so I guess I am good?

You are right, with the recent announcements about hacks from Yahoo and all, I too don't trust these companies much. Don't know how much information they are with-holding from us. CCleaner is used by millions of users around the world, so the impact of this malware will be high. Just imagine what would have happened if this was some serious malware like ransomware.

They should provide clear instructions on their blog itself, on how to check for malware and how to remove it. Users shouldn't have to read this information from some other sites. And we technical people can read and do the needful, but what about the inexperienced general users?

Melita-S, I think the system restore will work fine.
__________________
Anupam
Anupam is online now   Reply With Quote
Old 20. Sep 2017, 10:52 AM   #9 (permalink)
Senior Member
 
Join Date: Nov 2014
Location: Greece
Posts: 99
Default

Quote:
Originally Posted by Anupam View Post
waiting for the slim version of CCleaner, which I always install
Is this still available? I couldn't find it on the Piriform website. Or is it too early yet?
MaikL is offline   Reply With Quote
Old 20. Sep 2017, 11:21 AM   #10 (permalink)
Super Moderator
 
Anupam's Avatar
 
Join Date: Jul 2008
Location: India
Posts: 15,044
Default

Quote:
Originally Posted by MaikL View Post
Or is it too early yet?
Yep, too early. They release it atleast after a week. Used to be earlier before.
__________________
Anupam
Anupam is online now   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT +1. The time now is 02:32 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2018, vBulletin Solutions, Inc.