Re: Malware Hits PC Cleanup Tool CCleaner
[Re: Donald]
#1125420
09/18/17 10:48 PM
09/18/17 10:48 PM
|
Joined: Oct 2000
Posts: 40,644 southeast USA
Jenny100
GB Reviewer Glitches Moderator
|
GB Reviewer Glitches Moderator
Sonic Boomer
Joined: Oct 2000
Posts: 40,644
southeast USA
|
Or from ***Reuters***A version of CCleaner downloaded in August and September included remote administration tools that tried to connect to several unregistered web pages, presumably to download additional unauthorized programs, security researchers at Cisco’s Talos unit said. In a blog post, Piriform confirmed that two programs released in August were compromised. It advised users of CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 to download new versions. So if you have version 5.33.6162 of CCleaner, uninstall it and run antivirus or an antimalware program like Malware Bytes. You'd only have gotten it if you downloaded in August or early September. Piriform has a new version up for download now. Piriform said that Avast, its new parent company, had uncovered the attacks on Sept. 12. A new, uncompromised version of CCleaner was released the same day and a clean version of CCleaner Cloud was released on Sept. 15, it said. CCleaner does not update automatically, so those who installed the problematic version will need to delete it and install a fresh version, he said.
He also recommended running an antivirus scan.
Williams said that Talos detected the issue at an early stage, when the hackers appeared to be collecting information from infected machines, rather than forcing them to install new programs.
|
|
|
Re: Malware Hits PC Cleanup Tool CCleaner
[Re: Jenny100]
#1125431
09/19/17 12:24 AM
09/19/17 12:24 AM
|
Joined: Jul 2005
Posts: 790 Virginia Beach, VA
Uncle Reg
Settled Boomer
|
Settled Boomer
Joined: Jul 2005
Posts: 790
Virginia Beach, VA
|
According to How-To Geek it was only the 32 bit version of 5.33.6162 that was affected. Read about it here. If you have 64 bit Windows, CCleaner installs its 64 bit version. Right-click on the CCleaner shortcut and select Properties. If it says "C:\Program Files\CCleaner\CCleaner64.exe", then you have the 64 bit version.
|
|
|
Re: Malware Hits PC Cleanup Tool CCleaner
[Re: Donald]
#1125432
09/19/17 01:18 AM
09/19/17 01:18 AM
|
Joined: Jun 2005
Posts: 20,115 Near St. Louis, MO
Draclvr
Reviews Editor - Hints/Glitches Mod - Site Support
|
Reviews Editor - Hints/Glitches Mod - Site Support
True Blue Boomer
Joined: Jun 2005
Posts: 20,115
Near St. Louis, MO
|
When I tried to update to V5.34, my AV said it caught a trojan. Will check into this more tomorrow.
Once again, weeds are my life!
|
|
|
Re: Malware Hits PC Cleanup Tool CCleaner
[Re: Draclvr]
#1125440
09/19/17 05:32 AM
09/19/17 05:32 AM
|
Joined: Nov 2000
Posts: 34,383 United Kingdom
Mad
Sonic Boomer
|
Sonic Boomer
Joined: Nov 2000
Posts: 34,383
United Kingdom
|
I already have version 5.34 and there's been no sign of any malware or virus.
[I run Win7 Enterprise 64-bit.]
Time : The Most Precious Commodity
|
|
|
Re: Malware Hits PC Cleanup Tool CCleaner
[Re: Donald]
#1125472
09/19/17 05:59 PM
09/19/17 05:59 PM
|
Joined: Apr 2006
Posts: 7,727 The Country
Winfrey
BAAG Specialist
|
BAAG Specialist
Joined: Apr 2006
Posts: 7,727
The Country
|
I'm not updating till this is figured out...
Would that I could be the peacemaker in your soul that I might turn the discord and the rivalry of your elements into oneness and melody Gibran
|
|
|
Re: Malware Hits PC Cleanup Tool CCleaner
[Re: Winfrey]
#1125480
09/19/17 06:49 PM
09/19/17 06:49 PM
|
Joined: Oct 2000
Posts: 40,644 southeast USA
Jenny100
GB Reviewer Glitches Moderator
|
GB Reviewer Glitches Moderator
Sonic Boomer
Joined: Oct 2000
Posts: 40,644
southeast USA
|
I'm not updating till this is figured out... What version do you have? If you have an earlier version than version 5.33 you are fine. If you have version 5.33 you should get rid of it.
|
|
|
Re: Malware Hits PC Cleanup Tool CCleaner
[Re: Donald]
#1125481
09/19/17 06:57 PM
09/19/17 06:57 PM
|
Joined: Jun 2005
Posts: 20,115 Near St. Louis, MO
Draclvr
Reviews Editor - Hints/Glitches Mod - Site Support
|
Reviews Editor - Hints/Glitches Mod - Site Support
True Blue Boomer
Joined: Jun 2005
Posts: 20,115
Near St. Louis, MO
|
Yes... what Jenny said. Get v.5.34 ASAP. The problem is NOT getting it. I kept being sent to File Hippo when I tried to update through the application. So I went to the Piriform website and downloaded 5.34 from there with no problems. No alerts from Defender about the trojan.
Once again, weeds are my life!
|
|
|
Re: Malware Hits PC Cleanup Tool CCleaner
[Re: JKEerie]
#1125724
09/21/17 03:09 PM
09/21/17 03:09 PM
|
Joined: Nov 2000
Posts: 34,383 United Kingdom
Mad
Sonic Boomer
|
Sonic Boomer
Joined: Nov 2000
Posts: 34,383
United Kingdom
|
How odd that you got it, JKEerie !! I have Win7 64-bit and have used every CCleaner update without any problems whatsoever .... EDIT : Just received an "auto" download for CCleaner to version 5.35 !! So maybe 5.34 had a problem
Last edited by Mad; 09/21/17 04:20 PM. Reason: Another Version !!
Time : The Most Precious Commodity
|
|
|
Re: Malware Hits PC Cleanup Tool CCleaner
[Re: Donald]
#1125733
09/21/17 05:02 PM
09/21/17 05:02 PM
|
Joined: Jun 2005
Posts: 20,115 Near St. Louis, MO
Draclvr
Reviews Editor - Hints/Glitches Mod - Site Support
|
Reviews Editor - Hints/Glitches Mod - Site Support
True Blue Boomer
Joined: Jun 2005
Posts: 20,115
Near St. Louis, MO
|
My Windows Defender picked it up right away too. Mad, if you used a version before 5.34 to clean your computer and your anti-virus didn't pick it up, you were mostly likely a victim and wouldn't know it.
Once again, weeds are my life!
|
|
|
Re: Malware Hits PC Cleanup Tool CCleaner
[Re: Donald]
#1125740
09/21/17 07:09 PM
09/21/17 07:09 PM
|
Joined: Apr 2006
Posts: 7,727 The Country
Winfrey
BAAG Specialist
|
BAAG Specialist
Joined: Apr 2006
Posts: 7,727
The Country
|
Even if your version was like 5.28
Would that I could be the peacemaker in your soul that I might turn the discord and the rivalry of your elements into oneness and melody Gibran
|
|
|
Re: Malware Hits PC Cleanup Tool CCleaner
[Re: Donald]
#1125775
09/22/17 12:56 AM
09/22/17 12:56 AM
|
Joined: Sep 2004
Posts: 965 WNY
JKEerie
Settled Boomer
|
Settled Boomer
Joined: Sep 2004
Posts: 965
WNY
|
Hi Mad! Apparently, some 64 bit systems were potentially impacted via a secondary payload. Fortunately, that How to Geek article showed a way to look into your registry to see if you were potentially infected. I did so and don't have the key indicator. Between this and the Equifax debacle, I'm feeling less and less secure these days!
Last edited by JKEerie; 09/22/17 01:06 AM.
|
|
|
Re: Malware Hits PC Cleanup Tool CCleaner
[Re: JKEerie]
#1125780
09/22/17 02:31 AM
09/22/17 02:31 AM
|
Joined: Nov 2000
Posts: 34,383 United Kingdom
Mad
Sonic Boomer
|
Sonic Boomer
Joined: Nov 2000
Posts: 34,383
United Kingdom
|
Well I run Norton scans on a regular basis and throw in a Malwarebytes quite often also and neither have sounded any alarms. I'll get my Son in Law to do a registry check for anything offensive but I'm pretty sure my machine is clean
Time : The Most Precious Commodity
|
|
|
Re: Malware Hits PC Cleanup Tool CCleaner
[Re: Donald]
#1125815
09/22/17 10:26 AM
09/22/17 10:26 AM
|
Joined: Jun 2005
Posts: 20,115 Near St. Louis, MO
Draclvr
Reviews Editor - Hints/Glitches Mod - Site Support
|
Reviews Editor - Hints/Glitches Mod - Site Support
True Blue Boomer
Joined: Jun 2005
Posts: 20,115
Near St. Louis, MO
|
This particular malware didn't install any malicious programs or spyware on your computer - it collected information and then got out. The registry check is a good idea. I did it and was relieve to find I didn't have it either because I'm pretty sure I ran the previous version about a month ago. Info about the registry entry to look for. https://www.ghacks.net/2017/09/21/ccleaner-malware-second-payload-discovered/JK, the Equifax debacle is bad enough, but how they handled it just makes me furious.
Once again, weeds are my life!
|
|
|
Re: Malware Hits PC Cleanup Tool CCleaner
[Re: Winfrey]
#1125816
09/22/17 11:16 AM
09/22/17 11:16 AM
|
Joined: Oct 2000
Posts: 40,644 southeast USA
Jenny100
GB Reviewer Glitches Moderator
|
GB Reviewer Glitches Moderator
Sonic Boomer
Joined: Oct 2000
Posts: 40,644
southeast USA
|
Even if your version was like 5.28 No, only version 5.33 was infected.
|
|
|
Re: Malware Hits PC Cleanup Tool CCleaner
[Re: Donald]
#1125824
09/22/17 12:27 PM
09/22/17 12:27 PM
|
Joined: Jun 2005
Posts: 20,115 Near St. Louis, MO
Draclvr
Reviews Editor - Hints/Glitches Mod - Site Support
|
Reviews Editor - Hints/Glitches Mod - Site Support
True Blue Boomer
Joined: Jun 2005
Posts: 20,115
Near St. Louis, MO
|
Yes, only 5.33 as Jenny said. Sorry, I missed that post.
Once again, weeds are my life!
|
|
|
Re: Malware Hits PC Cleanup Tool CCleaner
[Re: Donald]
#1125848
09/22/17 02:08 PM
09/22/17 02:08 PM
|
Joined: Jun 2005
Posts: 20,115 Near St. Louis, MO
Draclvr
Reviews Editor - Hints/Glitches Mod - Site Support
|
Reviews Editor - Hints/Glitches Mod - Site Support
True Blue Boomer
Joined: Jun 2005
Posts: 20,115
Near St. Louis, MO
|
Yup... Reading through the timeline of this breach is just mind-boggling. The hackers were wandering around in their system for months before they found it.
Once again, weeds are my life!
|
|
|
Re: Malware Hits PC Cleanup Tool CCleaner
[Re: Draclvr]
#1125884
09/22/17 09:50 PM
09/22/17 09:50 PM
|
Joined: Nov 2011
Posts: 314
Creeping_Doom
Settled Boomer
|
Settled Boomer
Joined: Nov 2011
Posts: 314
|
This particular malware didn't install any malicious programs or spyware on your computer - it collected information and then got out. The registry check is a good idea. I did it and was relieve to find I didn't have it either because I'm pretty sure I ran the previous version about a month ago. Info about the registry entry to look for. https://www.ghacks.net/2017/09/21/ccleaner-malware-second-payload-discovered/JK, the Equifax debacle is bad enough, but how they handled it just makes me furious. Wouldn't be at all surprised if Equifax is basically history after this mess . By the way Drac , just in case you had not known , Avast purchased Piriform some time ago , so , Ccleaner is an Avast tool now .
|
|
|
Re: Malware Hits PC Cleanup Tool CCleaner
[Re: Donald]
#1125890
09/22/17 11:01 PM
09/22/17 11:01 PM
|
Joined: Jun 2005
Posts: 20,115 Near St. Louis, MO
Draclvr
Reviews Editor - Hints/Glitches Mod - Site Support
|
Reviews Editor - Hints/Glitches Mod - Site Support
True Blue Boomer
Joined: Jun 2005
Posts: 20,115
Near St. Louis, MO
|
Yes, I know about Piriform being purchased by Avast - was very disappointed to hear it.
Once again, weeds are my life!
|
|
|
Re: Malware Hits PC Cleanup Tool CCleaner
[Re: Donald]
#1125948
09/23/17 12:10 PM
09/23/17 12:10 PM
|
Joined: Oct 2000
Posts: 40,644 southeast USA
Jenny100
GB Reviewer Glitches Moderator
|
GB Reviewer Glitches Moderator
Sonic Boomer
Joined: Oct 2000
Posts: 40,644
southeast USA
|
There are now reports that the CCleaner breach was part of a targeted attack. https://www.wired.com/story/ccleaner-malware-targeted-tech-firms/Some people believe that reformatting and restoring from a backup is the only way to be sure there isn't a lingering infection. Here's what Cisco's Talos Intelligence posted about it. http://blog.talosintelligence.com/2017/09/ccleaner-c2-concern.htmlThese new findings raise our level of concern about these events, as elements of our research point towards a possible unknown, sophisticated actor. These findings also support and reinforce our previous recommendation that those impacted by this supply chain attack should not simply remove the affected version of CCleaner or update to the latest version, but should restore from backups or reimage systems to ensure that they completely remove not only the backdoored version of CCleaner but also any other malware that may be resident on the system. and discussions at slashdot, including why 32-bit computers were targeted (more apt to be old business machines). https://it.slashdot.org/story/17/09/21/1...ific-tech-firmsI don't plan on recommending CCleaner anymore, unless they already have an old version they downloaded months ago and none of the improvements listed in the version history apply to them. https://www.piriform.com/ccleaner/version-historyI didn't realize Avast had bought Piriform (on July 2017 according to Wikipedia), though that alone wouldn't make me avoid CCleaner. I can't find any info on how CCleaner v5.33 was infected. If it was an inside job by an employee, it could happen again. +_+_+_+_+_+_+_+_+ Equifax hired a music major as chief security officer http://www.marketwatch.com/story/equifax...icer-2017-09-15Equifax set up a website that was supposed to tell you if you were "potentially" affected at https://www.equifaxsecurity2017.comHowever people have reported getting conflicting results -- sometimes it says yes, sometimes no for the same individual. It's been suggested this site is just a way to get people to enroll in their credit monitoring service, which may be "free" at the moment but will start charging later, attempting to profit after the breach.
|
|
|
Re: Malware Hits PC Cleanup Tool CCleaner
[Re: Donald]
#1125970
09/23/17 02:40 PM
09/23/17 02:40 PM
|
Joined: Jun 2005
Posts: 20,115 Near St. Louis, MO
Draclvr
Reviews Editor - Hints/Glitches Mod - Site Support
|
Reviews Editor - Hints/Glitches Mod - Site Support
True Blue Boomer
Joined: Jun 2005
Posts: 20,115
Near St. Louis, MO
|
Very troubling news about CCleaner...
Signing up for the Equifax free credit monitoring also includes signing away your rights to joining a class action lawsuit in the future. They are REALLY getting slammed for that.
Once again, weeds are my life!
|
|
|
Re: Malware Hits PC Cleanup Tool CCleaner
[Re: Draclvr]
#1126054
09/24/17 11:38 AM
09/24/17 11:38 AM
|
Joined: Nov 2000
Posts: 34,383 United Kingdom
Mad
Sonic Boomer
|
Sonic Boomer
Joined: Nov 2000
Posts: 34,383
United Kingdom
|
My Windows Defender picked it up right away too. Mad, if you used a version before 5.34 to clean your computer and your anti-virus didn't pick it up, you were mostly likely a victim and wouldn't know it. Being an ignoramus, Draclvr Is Windows Defender used on other Windows versions than Win10 ??
Time : The Most Precious Commodity
|
|
|
|
|