Page 8 of 14 FirstFirst ... 678910 ... LastLast
  1.    19 Sep 2017 #71
    Join Date : Mar 2016
    Little Biggest City
    Posts : 5
    Windows 10

    Sounds like Avast is initiating damage control and now in conflict with Cisco Talos in regards to who was first to identify and analyze the behavior of the malicious code. It was Cisco Talos to registry the suspected domains.

    Always thought Avast used shady business tactics in promoting their products.
      My ComputerSystem Spec
  2.    19 Sep 2017 #72
    Join Date : Aug 2015
    Maine
    Posts : 38,460
    Windows10Pro 64Bit

    Quote Originally Posted by JohnBurns View Post
    In another forum I use, most users seem to be jumping ship of CC. Does anyone in here think this is really necessary at this point if you are using 64bit? I have used CC for so long, I guess i am to complacent in my thinking of it, maybe, but right now I think I will continue to use it. Using Windows Defender, MBAM (with rootkit scans, regular HitmanPro and regular EEK scans will hopefully keep me aware if a problem presents itself. Fingers crossed.
    1st off let me say this, its entirely up to the user if they want to remove CCleaner. That is there choice.
    I have been running CCleaner for years the Pro version. I had no infections, no issues. I have no intention of removing my registered version.
    On another note, I've also read that installing the latest update for CCleaner 5.34 and CCleaner Cloud 1.07.3214 that it removes the Floxif malware, which I didn't know till recently. So even if a user didn't use a program like MB to remove the malware, latest CCleaner update does this automatically.

    Again its up to every individual user to decide what they feel is best for them.
      My ComputersSystem Spec
  3.    19 Sep 2017 #73
    Join Date : Aug 2015
    Posts : 369
    Windows 10 Pro

    For people who use such software as CCleaner, or any other "cleaners" or "optimizers", on their Windows machines this particular issue should not be an issue at all: one virus more, one virus less - it makes no difference. Who cares?
      My ComputerSystem Spec
  4.    19 Sep 2017 #74
    Join Date : Jun 2015
    Posts : 12,858
    Windows 10 Pro

    One virus more or less makes one hell of a difference.
      My ComputersSystem Spec
  5.    19 Sep 2017 #75
    Join Date : Nov 2014
    The Netherlands
    Posts : 628
    Win 10 Pro x64 1607 (Build 14393.953)

    The title of this thread "A VAST..." is on par! CCleaner: A Vast Number of Machines at Risk
      My ComputerSystem Spec
  6.    19 Sep 2017 #76

    Quote Originally Posted by JohnBurns View Post
    In another forum I use, most users seem to be jumping ship of CC. Does anyone in here think this is really necessary at this point if you are using 64bit? I have used CC for so long, I guess i am to complacent in my thinking of it, maybe, but right now I think I will continue to use it. Using Windows Defender, MBAM (with rootkit scans, regular HitmanPro and regular EEK scans will hopefully keep me aware if a problem presents itself. Fingers crossed.
    No, its utterly not necessary to jump ship. Only time I'd consider doing so would be if they ruined ccleaner in other ways such as unwanted ware and ui changes.
      My ComputersSystem Spec
  7.    19 Sep 2017 #77
    Join Date : Aug 2015
    Maine
    Posts : 38,460
    Windows10Pro 64Bit

    Quote Originally Posted by swarfega View Post
    No, its utterly not necessary to jump ship. Only time I'd consider doing so would be if they ruined ccleaner in other ways such as unwanted ware and ui changes.
    I agree with you, good post
      My ComputersSystem Spec
  8.    19 Sep 2017 #78
    Join Date : Aug 2014
    Australia, Adelaide
    Posts : 1,558
    W7 Ultimate SP1 (64 bit), LM 18.2 MATE (64 bit), W10 Home (64 bit)

    Poor Phrasing


    Quote Originally Posted by axe0 View Post
    The registry keys are relevant, Mbam detected the malicious code that begin everything.
    The first stage of the payloader loads a dll into memory and executes the dll that contains all important functionality including the registry part.
    Poor phrasing on my part.
    I should have written, "don't rely on finding the Registry Key, check the installer directly".

    There must be more to it than just running the infected installer.
    I installed CC v5.33 on multiple systems including my XP install & XP VM (both 32 bit).
    I can't find that Registry Key.

    Something must have stopped the malware from installing/running.
    It wasn't my AV, as I didn't get any AV alerts during installation.

    I'm using Avast on my physical installs and AVG on my VMs.
    Avast is set to run a Quick Scan every day and a Full Scan on Sundays.
    This means that several Full Scans found nothing.

    I run MBAM Quick Scans every week (roughly).

    Quote Originally Posted by swarfega View Post
    Did you do a full or quick scan with MBM?
    I selected the CC installer and ran MBAM on it directly (using the Context Menu option).

    I'm not sure what type of scan MBAM performed.
    I always set all MBAM AV scan options to "On".

    Quote Originally Posted by DerDonc View Post
    MBAM found and removed the same "Trojan.Floxif" object on my laptop. Further scans found nothing else. Registry seems to be in good shape.
    Edit: I had to manually search the .exe so MBAM could find it.
    I also checked the installed exe files, but they are apparently clean.
      My ComputerSystem Spec
  9.    20 Sep 2017 #79
    Join Date : Nov 2014
    Posts : 3
    Windows 10 x64

    Here is my contribution to the info here. I am running Windows 10 Pro x64. No problems on my system at all for two years. Wandered over to Piriform on August 15th to download CCleaner because I had not had it on my system in a while. Just my luck that I got the version with the malware attached, although I did not know of the problem at the time, of course. I installed CCleaner and used it once or twice in the ensuing month. I also rebooted and shut down/restarted several times in that time frame.

    I see the news about the malware the afternoon the problem was reported, and I immediately begin attempting to check out my machine. Well, for the first time ever, I am unable to show hidden files and folders to look inside my Users/UserName folders. Hmmmm. I could do it before I installed CCleaner. I do it regularly since I am a power user and check things over often. Despite having "show hidden files and folders" selected and overriding the "hide protected operating system files" settings, I get nothing...nada. Just my regular folders and files only. When I go under the "view" tab and check the "hidden files" checkbox, it immediately UNchecks itself right in front of my eyes. That is NOT normal. Needless to say, I spent several hours last night resetting passwords for all my banking and important logins via my iPad, and I will be formatting my laptop HD and reinstalling Windows today (sigh). I will also be changing my network wireless password. I also noticed about five days ago, before I got wind of this malware issue, that I got a BSOD in Windows 10 for the first time ever with a message about a .sys file. Hmmm again.

    So, if anyone got this malware riding on the CCleaner executable, 32 bit or 64 bit, I would highly recommend being safe now rather than very sorry later. Change your passwords from a clean device ASAP. Understand that many security suites will not flag a program or even a threat these days if the program or threat is thought of as a low risk and trusted program. Yes, that can happen. It just depends on the right set of circumstances. Windows Defender did not pick this up on my machine on download or at all. Bitdefender only picked it up after a forced direct file scan. Kaspersky did not pick this up on our secondary machine until after the announcement came out and a definition update showed up. If the malware was downloaded to your machine, and you installed the CCleaner version in question, and IF you value your data and computing environment, then a reformat and reinstall is in order. Running processes can be hidden, registry keys can be hidden, programs deemed "safe" as part of a group in order to reduce scanning overhead for security suites can be unsafe. Those of us who think of ourselves as PC experts can be caught with our pants down despite our best efforts and smarts. It would be foolish and arrogant to assume that because you have been computing since the early 90s (me) or earlier that you will never have a virus or malware problem. Remember, it is not paranoia if they really are out to get you.
      My ComputerSystem Spec
  10.    20 Sep 2017 #80
    Join Date : Oct 2016
    Posts : 134
    Microsoft Windows 10 x64



    Quote Originally Posted by https://docs.microsoft.com/en-us/windows/threat-protection/windows-defender-antivirus/windows-defender-offline
    Windows Defender Offline is an antimalware scanning tool that lets you boot and run a scan from a trusted environment. The scan runs from outside the normal Windows kernel so it can target malware that attempts to bypass the Windows shell, such as viruses and rootkits that infect or overwrite the master boot record (MBR). You can use Windows Defender Offline if you suspect a malware infection, or you want to confirm a thorough clean of the endpoint after a malware outbreak.
    In Windows 10, Windows Defender Offline can be run with one click directly from the Windows Defender Security Center app. In previous versions of Windows, a user had to install Windows Defender Offline to bootable media, restart the endpoint, and load the bootable media.
    As Windows defender Antivirus detect it, we can check there is no rootkit in a PC
      My ComputerSystem Spec

 
Page 8 of 14 FirstFirst ... 678910 ... LastLast


Similar Threads
Thread Forum
Router flaws put AT&T customers at hacking risk
Router flaws put ATT customers at hacking risk | ZDNet
Windows 10 News
Your Device Is At Risk Because It’s Out Of Date Message In Windows 10
Just an FYI.. I received this on two machines yesterday evening. MS should word it better, or something. In a nutshell it just means Windows hasn't auto checked/installed the latest updates yet. I manually checked, and everything went well, and...
Windows Updates and Activation
RISK will not play after last XBOB ONE update.
After the last XBOX ONE update my RISK game will not play. It gets as far as connecting to the UBISOFT server, locks up, and kicks me back out to the Home screen. I went through the whole XBOX ONE Game Won't Start trouble shooter, ...
Gaming
Is upgrading to Win 10 to much of a risk?
I WAS planing to do the in-place upgrade to Windows 10, and then do a clean install after that. But I got a message that a friend of mine tried the in place upgrade and it fried her CPU! Now she has no computer, and can't afford to do anything...
Installation and Upgrade
Draconian OS W10 putting kids at added risk?
MS REQUIRES you to use their privacy obliterating online account in order to be able to set up family filters in W10. Does anyone else find this to be completely and absolutely unacceptable? The content filter was a fairly helpful tool. Now MS...
User Accounts and Family Safety
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 23:24.
Find Us
Twitter Facebook Google+ Ten Forums iOS App Ten Forums Android App



Windows 10 Forums