Windows 10: CCleaner: A Vast Number of Machines at Risk

Page 3 of 14 FirstFirst 1234513 ... LastLast

  1. Posts : 306
    Win 10 Pro x64 17046 Skippy
       18 Sep 2017 #21

    I submitted the detection to Piraform and to Malwarebytes. Just hoping it's a false positive but too many circumstances lead me to believe this may just be an another attack on CCleaner. Had that program many, many years, now I am wondering about keeping it.

    Turns out that was Ransomware. Deep Scanning that machine with WD now. 32 bit machine scanned and found nothing devious.

    I don't know what triggers ransomware, but I have not cold started the machine in several days and use hibernate at night. It is also Bit Lockered if that mattered.
    Last edited by Fisher Mann; 18 Sep 2017 at 10:10.
      My ComputersSystem Spec


  2. Posts : 175
    Win 10 rs1 - build 14393.1944
       18 Sep 2017 #22

    From Talos; people that had ver. 5.33 installed ask this:

    Click image for larger version. 

Name:	Magical Snap - 2017.09.18 17.08 - 001.png 
Views:	157 
Size:	23.8 KB 
ID:	153954

    Click image for larger version. 

Name:	Magical Snap - 2017.09.18 17.09 - 002.png 
Views:	158 
Size:	18.8 KB 
ID:	153956

    http://blog.talosintelligence.com/20...s-malware.html
      My ComputerSystem Spec

  3.    18 Sep 2017 #23

    Holy cruft! All copies of the ccsetup533 on all of my PCs were infected. I just blogged about this here with some specific remediation advice. Ouch! CCleaner 5.33 32-bit Carries Malicious Payload - Windows Enterprise Desktop
    Thanks again for passing this along, Swarfega/Tweakhound/Talos.
    --Ed--
      My ComputersSystem Spec


  4. Posts : 6,330
    Windows 10 Pro x64
       18 Sep 2017 #24

    EdTittel said: View Post
    Holy cruft! All copies of the ccsetup533 on all of my PCs were infected. I just blogged about this here with some specific remediation advice. Ouch! CCleaner 5.33 32-bit Carries Malicious Payload - Windows Enterprise Desktop
    Thanks again for passing this along, Swarfega/Tweakhound/Talos.
    --Ed--
    Unlucky Ed
      My ComputersSystem Spec

  5.    18 Sep 2017 #25

    Seems even Ccleaner 64-bit may have had Trojan.Nyetya in the pile.

    Malwarebytes did find and quarantine, doing scans as I type.

    It's a good day for paranoia, K9 attempted to eat iPhone todayCCleaner: A Vast Number of Machines at Risk.
      My ComputerSystem Spec


  6. Posts : 306
    Win 10 Pro x64 17046 Skippy
       18 Sep 2017 #26

    Frozenoem1 said: View Post
    Seems even Ccleaner 64-bit may have had Trojan.Nyetya in the pile.

    Malwarebytes did find and quarantine, doing scans as I type.

    It's a good day for paranoia, K9 attempted to eat iPhone todayCCleaner: A Vast Number of Machines at Risk.
    That's what I had. Malwarebytes picked it up. It's Ransomware!!! Sent to Piraform.
      My ComputersSystem Spec


  7. Posts : 306
    Win 10 Pro x64 17046 Skippy
       18 Sep 2017 #27

    After Malwarebytes quarantined the Trojan ran another scan with it and then deep full scan with WD no further threats found.
    Feel lucky...so far.
      My ComputersSystem Spec

  8.    18 Sep 2017 #28

    This is disturbing as this could happen to any common third party app that's free and widely distributed. Guess we need to be extra cautious when downloading such apps now. This is why I also do a manual scan before opening anything. Still...
      My ComputerSystem Spec


  9. Posts : 306
    Win 10 Pro x64 17046 Skippy
       18 Sep 2017 #29

    sygnus21 said: View Post
    This is disturbing as this could happen to any common third party app that's free and widely distributed. Guess we need to be extra cautious when downloading such apps now. This is why I also do a manual scan before opening anything. Still...
    My CC was the paid Pro version which I've had for years. So who knows anymore, It's getting to be a minefield out there.
      My ComputersSystem Spec


  10. Posts : 540
    Windows 10 Home x64, V1709 (16299.248)
       18 Sep 2017 #30

    Frozenoem1 said: View Post
    ...It's a good day for paranoia...CCleaner: A Vast Number of Machines at Risk.
    Ran a Defender full scan, MBAM & AdwCleaner all came up clean. Even did the Registry search as mentioned above with no hits. This is making me paranoid for sure.

    Edit:

    2 hours later and I've scanned this thing with everything but a cat and it still comes up clean. This usually isn't the way my luck runs, but I'll take it.
    Last edited by CWGilley; 18 Sep 2017 at 13:59.
      My ComputersSystem Spec


 
Page 3 of 14 FirstFirst 1234513 ... LastLast

Related Threads
Router flaws put ATT customers at hacking risk | ZDNet
Just an FYI.. I received this on two machines yesterday evening. MS should word it better, or something. In a nutshell it just means Windows hasn't auto checked/installed the latest updates yet. I manually checked, and everything went well, and...
After the last XBOX ONE update my RISK game will not play. It gets as far as connecting to the UBISOFT server, locks up, and kicks me back out to the Home screen. I went through the whole XBOX ONE Game Won't Start trouble shooter, ...
Is upgrading to Win 10 to much of a risk? in Installation and Upgrade
I WAS planing to do the in-place upgrade to Windows 10, and then do a clean install after that. But I got a message that a friend of mine tried the in place upgrade and it fried her CPU! Now she has no computer, and can't afford to do anything...
Draconian OS W10 putting kids at added risk? in User Accounts and Family Safety
MS REQUIRES you to use their privacy obliterating online account in order to be able to set up family filters in W10. Does anyone else find this to be completely and absolutely unacceptable? The content filter was a fairly helpful tool. Now MS...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 14:06.
Find Us