CCleaner: A Vast Number of Machines at Risk

Page 7 of 14 FirstFirst ... 56789 ... LastLast
  1.    19 Sep 2017 #60

    Karizma said: View Post
    I'm on Win10 64 bit and CCleaner 64 bit, However I was on the hacked version and updated to the "Safe" version before any of the hacked news came out.

    So I checked HKLM\SOFTWARE\Piriform\ and the only subfolder is ccleaner no Agomo of any type, and scanned with Malwarebytes and WinDefender and nothing came up. Does this mean I'm in the clear or should I be looking at anything else?
    You were clear from the start since you used the 64-bit version of ccleaner, it was only the 32-bit that was affected.
      My ComputersSystem Spec

  2.    19 Sep 2017 #61

    Zardoc said: View Post
    I agree.

    My two cents, I don't like Avast security software, I'm more of a NOD guy but that's my choice. Wouldn't be surprised that anti virus software gets hacked.

    Still gonna use CCleaner until it probably gets bloated like PGP, Acronis and others that got taken over. Hope not...
    I moved away from Avast recently, I felt it was too bloated and intrusive.
      My ComputersSystem Spec

  3.    19 Sep 2017 #62

    lehnerus2000 said: View Post
    Old games (like the ones I have) don't require 24/7 Internet access either. :)

    It seems the installer I downloaded is clean.
    Regedit can't find "Agomo" on any of my PCs or VMs (XP, W7 & W10 - 32 bit or 64 bit).

    It looks like the Registry Key is irrelevant!

    MBAM just detected something on my main PC ("funnily enough" Avast detected nothing).
    MBAM found and removed the same "Trojan.Floxif" object on my laptop. Further scans found nothing else. Registry seems to be in good shape.
    Edit: I had to manually search the .exe so MBAM could find it.
      My ComputerSystem Spec

  4.    19 Sep 2017 #63

    props to Talos Intelligence Group for coming up with a suitably clever headline for their blog post.

    I use the portable versions of piriform softs, and actually delete the 32 bit executables because I never use them. I don't think I was ever in any danger from this, but I scanned with MBAM anyhow - nothing bad was found.
      My ComputerSystem Spec

  5. Posts : 237
    Microsoft Windows 10 x64
       19 Sep 2017 #64

    I did some experiment on a virtual machine with v5.33
    At least, it is now detected by Windows Defender Antivirus & MalwareBytes

    Category: Backdoor
    Description: This program provides remote access to the computer it is installed on.
    Recommended action: Remove this software immediately.
    file:C:\Program Files\CCleaner\CCleaner.exe
    regkey:HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53F0D184-E624-492B-9E46-099A892E7B7B}
    regkey:HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC
    Get more information about this item online.

    This confirm that the malware is only detected in the 32bits version (in CCleaner.exe only but not CCleaner64.exe)
    Last edited by D4ni3l; 19 Sep 2017 at 08:52.
      My ComputerSystem Spec

  6.    19 Sep 2017 #65

    Ccleaner has been compromised- says Gizmo - update now

    IMPORTANT: If You're A CCleaner User You Need To Read This. | Gizmo's Freeware

    Well, make of it what you will. Nothing to lose by updating.. I guess!
      My ComputersSystem Spec

  7. Fisher Mann's Avatar
    Posts : 321
    Win 10 Pro x64 18277 Fast
       19 Sep 2017 #66

    Last night I went to update my wife's really old free version of CC and the website gave her computer an AVAST scan which I wasn't that pleased about. Later her AV indicated that when it did so it dropped two adware type infections on the machine. Think I'll be leaving ex- Piriform/AVAST products permanently.
      My ComputersSystem Spec

  8. DavidE's Avatar
    Posts : 357
    Multi-Boot W7_Pro_x64 W8.1_Pro_x64 W10_Pro_x64
       19 Sep 2017 #67
      My ComputerSystem Spec

  9. Josey Wales's Avatar
    Posts : 17,365
    Win 10 RS5 64 Bit
       19 Sep 2017 #68

    As an extra measure, the entire Piriform staff will be moved onto Avast's internal IT system -- something which has already been done for the Piriform build environment.
    Interesting. Seems there is more going on that we know about...
      My ComputerSystem Spec

  10. JohnBurns's Avatar
    Posts : 392
    Windows 10 1803 Build 17134.319
       19 Sep 2017 #69

    In another forum I use, most users seem to be jumping ship of CC. Does anyone in here think this is really necessary at this point if you are using 64bit? I have used CC for so long, I guess i am to complacent in my thinking of it, maybe, but right now I think I will continue to use it. Using Windows Defender, MBAM (with rootkit scans, regular HitmanPro and regular EEK scans will hopefully keep me aware if a problem presents itself. Fingers crossed.
      My ComputerSystem Spec

Page 7 of 14 FirstFirst ... 56789 ... LastLast

Related Threads
Router flaws put ATT customers at hacking risk | ZDNet
Just an FYI.. I received this on two machines yesterday evening. MS should word it better, or something. In a nutshell it just means Windows hasn't auto checked/installed the latest updates yet. I manually checked, and everything went well, and...
After the last XBOX ONE update my RISK game will not play. It gets as far as connecting to the UBISOFT server, locks up, and kicks me back out to the Home screen. I went through the whole XBOX ONE Game Won't Start trouble shooter, ...
Is upgrading to Win 10 to much of a risk? in Installation and Upgrade
I WAS planing to do the in-place upgrade to Windows 10, and then do a clean install after that. But I got a message that a friend of mine tried the in place upgrade and it fried her CPU! Now she has no computer, and can't afford to do anything...
Draconian OS W10 putting kids at added risk? in User Accounts and Family Safety
MS REQUIRES you to use their privacy obliterating online account in order to be able to set up family filters in W10. Does anyone else find this to be completely and absolutely unacceptable? The content filter was a fairly helpful tool. Now MS...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 01:10.
Find Us