Page 3 of 14 FirstFirst 1234513 ... LastLast
  1.    18 Sep 2017 #21
    Join Date : Apr 2017
    Mountains of Western NC
    Posts : 295
    Win 10 Pro x64 17040 Skippy

    I submitted the detection to Piraform and to Malwarebytes. Just hoping it's a false positive but too many circumstances lead me to believe this may just be an another attack on CCleaner. Had that program many, many years, now I am wondering about keeping it.

    Turns out that was Ransomware. Deep Scanning that machine with WD now. 32 bit machine scanned and found nothing devious.

    I don't know what triggers ransomware, but I have not cold started the machine in several days and use hibernate at night. It is also Bit Lockered if that mattered.
    Last edited by Fisher Mann; 18 Sep 2017 at 10:10.
      My ComputersSystem Spec
  2.    18 Sep 2017 #22
    Join Date : Dec 2016
    Posts : 157
    Win 10 rs1 - build 14393.1794

    From Talos; people that had ver. 5.33 installed ask this:

    Click image for larger version. 

Name:	Magical Snap - 2017.09.18 17.08 - 001.png 
Views:	157 
Size:	23.8 KB 
ID:	153954

    Click image for larger version. 

Name:	Magical Snap - 2017.09.18 17.09 - 002.png 
Views:	158 
Size:	18.8 KB 
ID:	153956

    http://blog.talosintelligence.com/20...s-malware.html
      My ComputerSystem Spec
  3.    18 Sep 2017 #23

    Holy cruft! All copies of the ccsetup533 on all of my PCs were infected. I just blogged about this here with some specific remediation advice. Ouch! CCleaner 5.33 32-bit Carries Malicious Payload - Windows Enterprise Desktop
    Thanks again for passing this along, Swarfega/Tweakhound/Talos.
    --Ed--
      My ComputersSystem Spec
  4.    18 Sep 2017 #24
    Join Date : Oct 2013
    Standish, Lancashire
    Posts : 6,016
    Windows 10 Pro x64

    Quote Originally Posted by EdTittel View Post
    Holy cruft! All copies of the ccsetup533 on all of my PCs were infected. I just blogged about this here with some specific remediation advice. Ouch! CCleaner 5.33 32-bit Carries Malicious Payload - Windows Enterprise Desktop
    Thanks again for passing this along, Swarfega/Tweakhound/Talos.
    --Ed--
    Unlucky Ed
      My ComputersSystem Spec
  5.    18 Sep 2017 #25
    Join Date : Jun 2015
    Posts : 68
    Windows 7

    Seems even Ccleaner 64-bit may have had Trojan.Nyetya in the pile.

    Malwarebytes did find and quarantine, doing scans as I type.

    It's a good day for paranoia, K9 attempted to eat iPhone todayCCleaner: A Vast Number of Machines at Risk.
      My ComputerSystem Spec
  6.    18 Sep 2017 #26
    Join Date : Apr 2017
    Mountains of Western NC
    Posts : 295
    Win 10 Pro x64 17040 Skippy

    Quote Originally Posted by Frozenoem1 View Post
    Seems even Ccleaner 64-bit may have had Trojan.Nyetya in the pile.

    Malwarebytes did find and quarantine, doing scans as I type.

    It's a good day for paranoia, K9 attempted to eat iPhone todayCCleaner: A Vast Number of Machines at Risk.
    That's what I had. Malwarebytes picked it up. It's Ransomware!!! Sent to Piraform.
      My ComputersSystem Spec
  7.    18 Sep 2017 #27
    Join Date : Apr 2017
    Mountains of Western NC
    Posts : 295
    Win 10 Pro x64 17040 Skippy

    After Malwarebytes quarantined the Trojan ran another scan with it and then deep full scan with WD no further threats found.
    Feel lucky...so far.
      My ComputersSystem Spec
  8.    18 Sep 2017 #28
    Join Date : Jun 2014
    USA
    Posts : 1,575
    Windows 10 Pro x64

    This is disturbing as this could happen to any common third party app that's free and widely distributed. Guess we need to be extra cautious when downloading such apps now. This is why I also do a manual scan before opening anything. Still...
      My ComputersSystem Spec
  9.    18 Sep 2017 #29
    Join Date : Apr 2017
    Mountains of Western NC
    Posts : 295
    Win 10 Pro x64 17040 Skippy

    Quote Originally Posted by sygnus21 View Post
    This is disturbing as this could happen to any common third party app that's free and widely distributed. Guess we need to be extra cautious when downloading such apps now. This is why I also do a manual scan before opening anything. Still...
    My CC was the paid Pro version which I've had for years. So who knows anymore, It's getting to be a minefield out there.
      My ComputersSystem Spec
  10.    18 Sep 2017 #30
    Join Date : Feb 2017
    Home
    Posts : 479
    Windows 10 Home x64, V1709 (16299.64)

    Quote Originally Posted by Frozenoem1 View Post
    ...It's a good day for paranoia...CCleaner: A Vast Number of Machines at Risk.
    Ran a Defender full scan, MBAM & AdwCleaner all came up clean. Even did the Registry search as mentioned above with no hits. This is making me paranoid for sure.

    Edit:

    2 hours later and I've scanned this thing with everything but a cat and it still comes up clean. This usually isn't the way my luck runs, but I'll take it.
    Last edited by CWGilley; 18 Sep 2017 at 13:59.
      My ComputersSystem Spec

 
Page 3 of 14 FirstFirst 1234513 ... LastLast


Similar Threads
Thread Forum
Router flaws put AT&T customers at hacking risk
Router flaws put ATT customers at hacking risk | ZDNet
Windows 10 News
Your Device Is At Risk Because It’s Out Of Date Message In Windows 10
Just an FYI.. I received this on two machines yesterday evening. MS should word it better, or something. In a nutshell it just means Windows hasn't auto checked/installed the latest updates yet. I manually checked, and everything went well, and...
Windows Updates and Activation
RISK will not play after last XBOB ONE update.
After the last XBOX ONE update my RISK game will not play. It gets as far as connecting to the UBISOFT server, locks up, and kicks me back out to the Home screen. I went through the whole XBOX ONE Game Won't Start trouble shooter, ...
Gaming
Is upgrading to Win 10 to much of a risk?
I WAS planing to do the in-place upgrade to Windows 10, and then do a clean install after that. But I got a message that a friend of mine tried the in place upgrade and it fried her CPU! Now she has no computer, and can't afford to do anything...
Installation and Upgrade
Draconian OS W10 putting kids at added risk?
MS REQUIRES you to use their privacy obliterating online account in order to be able to set up family filters in W10. Does anyone else find this to be completely and absolutely unacceptable? The content filter was a fairly helpful tool. Now MS...
User Accounts and Family Safety
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 23:23.
Find Us
Twitter Facebook Google+ Ten Forums iOS App Ten Forums Android App



Windows 10 Forums