SUBSIM Radio Room Forums - Warning: CCleaner is malware-infested

SUBSIM Radio Room Forums (https://www.subsim.com/radioroom/index.php)

- PC Hardware/Software forum (https://www.subsim.com/radioroom/forumdisplay.php?f=235)

- - Warning: CCleaner is malware-infested (https://www.subsim.com/radioroom/showthread.php?t=233443)

I have dumped Ccleaner and just use the widows disk cleaner now. I have been thinking about dumping my Avast anti virus now, So any other good ones out there that don't dump Malware on you or sell your data like AVG.

What do you guys think of Avira?

Before Avast went down the chutes I used to use Avast & Avira as my emergency AV's to double check I was clean if I ever had any doubts.

If this keeps up I'm going to miss Ccleaner, a utility I have used since its icon was a yellow circle and it would just delete cookies.

I found a copy & key from Mar 2017: ccsetup528_pro in a backup folder.

https://www.av-test.org/en/antivirus/home-windows/

I used to use Avira's suite, until some years ago their scanner fell into a reliability crisis of some kind, I then left them two, three years ago, but since then they seem to be on a path of recovering.

Currently using G-Data.

Pop Alexandra!:Kaleun_Salute:

Quote:

Originally Posted by Skybird (Post 2513384)

http://blog.talosintelligence.com/20...s-malware.html

http://www.piriform.com/news/blog/20...-windows-users

My cold-hearted advise if you are affected: system reinstall. A system that got compromised, must still be considered to be compromised after any "cleanings", "repairs", or whatever. The only way to deal with a bug and be certain, is to nuke the whole system from orbit.

Note that Talos (first link) disagrees with Piri (second link) on the ammount of damage done. Talos says it potentially could be an immense number of users, Piri says the threat was tackled before it could do damage. Of cpourse, Piri has its own reputation to protect here, Talos is a neutral third party.

I believe I understood it like this: a completely infested version of CCleaner was spread via a manipulated servers of theirs, and so the malware must have reached millions and millionsn of users, see the link for affected version and date. The malware scanned the infested systems, extracted data and downloaded additional malware, which was probbaöly the intended "warhead" to detonate. But if Piri is right, then this malware never got activated, they switched off the rogue server fast. Which means that affected people have downloaded-for-sure, but non-activated malware on their machines now. Their systems probably got scanned and data was extracted. The additonal downloaded malware, the warhead, is still there.

Well, believing is not knowing. So expect the worst. Nuke it. From orbit. :yeah:

P.S. Note that the critical version of CCleaner was distributed for almost a full month. Thats damn many systems affected.

Is CCleaner still infected as earlier reported?

Don't know, don't care, I just use a very old version to easily delete temp files, and do no updates anymore.

Updates to Windows 10 and software runnign under Windows seem to be a bigger and bigger risk in temselves. I do not even use a dedicated security suite for my Windows 10 machine anymore, just the Windows 10 Defender onboard thing. But then, my W10 machine is exclusively a game console.

Compared to what the rules were 5 and 10 years ago, upsides have been turned down, and things were u-turned. Who would claim he saw it coming in this excessive level of distortion? Not before W8 was released I understood where things were heading.

Hi CTU
No, as soon as it became known they updated to a clean application.
Peter