Windows 10: CCleaner: A Vast Number of Machines at Risk

Page 12 of 14 FirstFirst ... 21011121314 LastLast
  1.    22 Sep 2017 #110

    What I don't understand is that the second play load checks for 32bit or 64bit and gets either a 32bit or 64bit dll. But on a 64bit system, the 64bit ccleaner isn't infected just the ccleaner.exe. (32bit version).

    I'm also wondering if the virus is active only when ccleaner is running in the system tray and if the first and second payload is even able to drop if ccleaner on a 32bit machine isn't running in the system tray and that feature is turned off. As this is the first feature of ccleaner I turn off upon installation.

    I'm also wondering if it even goes through with the 2nd payload if the IP address it collects from the user in stage 1 doesn't match a large tech company.
      My ComputerSystem Spec

  2.    22 Sep 2017 #111

    For anyone using ccleaner, make sure to remove this after you make it upgrade.

    Click image for larger version. 

Name:	2017-09-22.png 
Views:	44 
Size:	307.8 KB 
ID:	154595

    And this is using the 64 bit version only btw.

    Click image for larger version. 

Name:	2017-09-22 (1).png 
Views:	15 
Size:	83.2 KB 
ID:	154596
      My ComputerSystem Spec

  3.    23 Sep 2017 #112

    vgchat said: View Post
    For anyone using ccleaner, make sure to remove this after you make it upgrade.

    Click image for larger version. 

Name:	2017-09-22.png 
Views:	44 
Size:	307.8 KB 
ID:	154595

    And this is using the 64 bit version only btw.

    Click image for larger version. 

Name:	2017-09-22 (1).png 
Views:	15 
Size:	83.2 KB 
ID:	154596
    That's because the 32bit and 64bit are packaged in the same installer. It unpacked the installer and flagged ccleaner (32bit). it's also just in your temporary internet folder from downloading ccleaner. Probably wouldn't do any harm just sitting there. Only if you run it.
      My ComputerSystem Spec

  4.    24 Sep 2017 #113

    I've read all of the posts and the only the CCleaner 32-bit v5.33 is supposed to be affected.
    I picked up a 64-bit desktop last week and turned it on yesterday and it has CCleaner 64-bit v5.35 with Floxif on it.
    When I booted up the computer, Windows Defender notified me and I let WD remove it after taking the following screenshots.
    In post #113, it's mentioned ""That's because the 32bit and 64bit are packaged in the same installer. It unpacked the installer and flagged ccleaner (32bit). I suspect that's possible, but that just proves a 64bit can be affected.
    I don't recall which posts it has been mentioned, but it seems v5.35 is supposed to remove whichever infection from v5.33 is included.
    That didn't happen on the computer I picked up.
    Anyway I immediately had Windows Defender remove Floxif but didn't read all of the posts until the computer was cleaned out.
    Click image for larger version. 

Name:	64-bit CCleaner v5_35 with Floxif Sep 23.PNG 
Views:	123 
Size:	31.4 KB 
ID:	154792
      My ComputersSystem Spec

  5.    24 Sep 2017 #114

    JohnBurns said: View Post
    I agree, with CC and recently Kaspersky AntiVirus I have made decisions for myself, which many users in these forums disagree with. It's all personal judgment and none of us seem to be perfect in that lol. None of the apps are perfect either, I guess.
    Kaspersky AV is OK to use. The story about them is BS.
      My ComputerSystem Spec


  6. Posts : 34,701
    Triple boot - Win 10 Pro, Win 10 Pro Insider (2) - (and a sprinkling of VMs)
       24 Sep 2017 #115

    MeAndMyComputer said: View Post
    I've read all of the posts and the only the CCleaner 32-bit v5.33 is supposed to be affected.
    I picked up a 64-bit desktop last week and turned it on yesterday and it has CCleaner 64-bit v5.35 with Floxif on it.
    When I booted up the computer, Windows Defender notified me and I let WD remove it after taking the following screenshots.
    In post #113, it's mentioned ""That's because the 32bit and 64bit are packaged in the same installer. It unpacked the installer and flagged ccleaner (32bit). I suspect that's possible, but that just proves a 64bit can be affected.
    I don't recall which posts it has been mentioned, but it seems v5.35 is supposed to remove whichever infection from v5.33 is included.
    That didn't happen on the computer I picked up.
    Anyway I immediately had Windows Defender remove Floxif but didn't read all of the posts until the computer was cleaned out.
    Click image for larger version. 

Name:	64-bit CCleaner v5_35 with Floxif Sep 23.PNG 
Views:	123 
Size:	31.4 KB 
ID:	154792
    You're fine now. 5.35 was issued only because the package was re-certified with a new signed certificate. The one from previous versions had the old certification signature from Symantec.
      My ComputersSystem Spec

  7.    24 Sep 2017 #116

    The portable version of CCleaner is safe. I don't see why anyone would use the install version... and that goes for lots of other software.
      My ComputerSystem Spec


  8. Posts : 806
    7 and 10 on various machines
       24 Sep 2017 #117

    Josey Wales said: View Post
    Kaspersky AV is OK to use. The story about them is BS.
    Agreed I have used Kaspersky for the last seven years and apart for a little dummy spit once with the trial version of MBAM not a hint of anything crap. I have yet to try out the free version but from what I can make of it it lacks only a few features of the paid for and some of those I don't use anyway.
      My ComputerSystem Spec


  9. Posts : 47
    W10 Pro 64, version 1709
       24 Sep 2017 #118

    ICIT2LOL said: View Post
    Agreed I have used Kaspersky for the last seven years and apart for a little dummy spit once with the trial version of MBAM not a hint of anything crap. I have yet to try out the free version but from what I can make of it it lacks only a few features of the paid for and some of those I don't use anyway.
    ICIT, I've had Kaspersky for a few years now and my experience has been very good just like yours.
      My ComputerSystem Spec


  10. Posts : 806
    7 and 10 on various machines
       25 Sep 2017 #119

    DC10 said: View Post
    ICIT, I've had Kaspersky for a few years now and my experience has been very good just like yours.
    Yes mate I have had no issues with it really and it is so cheap and I keep thinking I should try the free version because looking at it there are very few features it doesn't have that are in the paid for and rankly I don't use.
      My ComputerSystem Spec


 
Page 12 of 14 FirstFirst ... 21011121314 LastLast

Related Threads
Router flaws put ATT customers at hacking risk | ZDNet
Just an FYI.. I received this on two machines yesterday evening. MS should word it better, or something. In a nutshell it just means Windows hasn't auto checked/installed the latest updates yet. I manually checked, and everything went well, and...
After the last XBOX ONE update my RISK game will not play. It gets as far as connecting to the UBISOFT server, locks up, and kicks me back out to the Home screen. I went through the whole XBOX ONE Game Won't Start trouble shooter, ...
Is upgrading to Win 10 to much of a risk? in Installation and Upgrade
I WAS planing to do the in-place upgrade to Windows 10, and then do a clean install after that. But I got a message that a friend of mine tried the in place upgrade and it fried her CPU! Now she has no computer, and can't afford to do anything...
Draconian OS W10 putting kids at added risk? in User Accounts and Family Safety
MS REQUIRES you to use their privacy obliterating online account in order to be able to set up family filters in W10. Does anyone else find this to be completely and absolutely unacceptable? The content filter was a fairly helpful tool. Now MS...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 08:45.
Find Us