HazySaiyan
Banned
Have to check at home but my work PC is still on 5.30 thankfully. Never updating pays off 
-
Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.
CCleaner infected with malware
- Thread starter Rootbeer
- Start date
MikeHattsu
Member
Kwansu Dudes
Member
Good riddance, Avast.
I didn't install the infected version, but im gonna uninstall CCleaner regardless.
I didn't install the infected version, but im gonna uninstall CCleaner regardless.
sixteen-bit
Member
Wow. Luckily for me I don't have it installed.
close to the edge
Member
To everyone saying "this is why you don't turn on automatic updates": This is dangerous advice. 99/100 times an update will be helpful (just speaking in terms of security). This sort of thing should never happen because it strongly indicates that Avast's servers were compromised, which should NEVER EVER happen, especially not to a company developing security software.
PeterLegend
Member
Just checked, looks like im on version 5.24 64-bit but im getting rid of it anyways
I stopped trusting those kinds of programs years ago. Registry cleaning hasn't been necessary on Windows since 8, I think, and it can be actually harmful if the program mistakenly deletes a registry key it shouldn't have (what is even the methodology they use to determine which keys are leftovers and which ones aren't, BTW?).
Anything CCleaner does you can do yourself using tools like Autoruns.exe, msconfig and even the task manager itself (on Windows 10, not the useless Windows 7 one).
When any program pops up the UAC prompt and you click "yes", you are giving it carte blanche to do whatever it wants on your PC. I basically stopped using these so-called "free" closed source tools years ago because they often devolve into malware/nagware/adware delivery machines.
Anything CCleaner does you can do yourself using tools like Autoruns.exe, msconfig and even the task manager itself (on Windows 10, not the useless Windows 7 one).
When any program pops up the UAC prompt and you click "yes", you are giving it carte blanche to do whatever it wants on your PC. I basically stopped using these so-called "free" closed source tools years ago because they often devolve into malware/nagware/adware delivery machines.
Netherscourge
Banned
Millions of people still use XP and Vista around the world.
And it sounds like the 32-bit versions of Win 7+ are vulnerable too.
throwawayname
Member
I have a 64bit system but I'm not 100% sure I had the 64bit version installed, I uninstalled the program hastly without checking.
IIRC I got the installer from the piriform site that doesn't give you the option to choose the which bit version you will download, does it automatically choose the right version when you download the free version?
No. Google is trying to stop people from downloading "virus scanners" for Android.
All apps in the play store have to be approved. For a malicious app to enter your phone either something wrong has to happen with the play store verification (in which case they will remove it once detected) or you've enabled the setting to allow installing apps from unknown sources. Just make sure that last one is turned off and keep your phone updated and you should be safe.
What does having an SSD have to do with CCleaner's functionality?
Registry cleaning is (and arguably has always been) useless and the storage recovery just empties temp/cache directories and the recycle bin, but CCleaner's uninstall list and startup manager are far better than the built-in Windows features.
This happens routinely and often isn't caught for millions of downloads over several months. Google really needs to step up its game with the Play Store approval process. (But I wouldn't recommend running antivirus software on Android, either.)
Alright, I'm just going to continue to not worry about viruses/malware on android.
The CCleaner uninstall is "better" because it's brute forcing it's way into uninstalling programs that have badly coded uninstallers, by looking into places where an installed program would usually have left traces on and working it's way from there.
Anything it does you can do yourself using the SysInternals Autoruns.exe tool, which is distributed by Microsoft themselves these days. It gives you a complete look into everything that is installed and registered in your system: the various flavors of start up programs, drivers, services, codecs, explorer hooks and even rootkits. If you want to remove rogue software off a PC, Autoruns.exe and ProcExp.exe are all you need 99.9% of the cases.
Good thing I don't update it often. I used to use it as my quick clean all solution. Well really I shouldn't be too lazy anymore with that. I guess i just stick to Windirstat for cleaning now.
???😂
Same. I rarely use it though so I probably should uninstall it.
GreenMonkey
Member
This
Wasn't needed in Win7 either.
It's like the black viper registry tweaks from the XP era. When tested they turned out to actually either do nothing or maybe slow the PC down.
Turns out Microsoft understands their registry and OS better than some internet dude. Imagine that.
What Google needs to is step up Android's actual security model. For example, Android apps can literally download and execute unsigned executable code (actual ARM binaries and JAR files) from random internet locations with zero need for special permissions. That's how RetroArch downloaded and updated its cores on Android.
Google began banning apps from the store that do this (RetroArch included) because (of course) some app SDKs/middleware were compromised into downloading entire apps and even rooting utilities without the users knowledge. But the fact the very OS itself allows it to happen is alarming. They need to figure out a better way to keep Android's openness without such blatant security oversights.
Twice already I had to clean up my aunt's phone because it was popping up ads on top of the fucking UI and it turned out to be a random Antivirus/cleaner/optimizer application my uncle installed.
RadioactiveLobster
Member
According to Windows I installed 5.34 on 9/15/17
Honestly can't remember what version I had before that and can't think of a way to check either.
Malwarebytes says my system is clean.
Honestly can't remember what version I had before that and can't think of a way to check either.
Malwarebytes says my system is clean.
Deaf Spacker
Memb
Bollocks, I vaguely remember updating last week.
Does anyone know if it chooses to install 32 or 64 bit versions?
Does anyone know if it chooses to install 32 or 64 bit versions?
If you use Vista or older Windows versions on a computer connected to the Internet malware in CCleaner should be the least of your worries.
DaBargainHunta
Member
I'm wondering this too. I have no idea which version I have and I don't want to open to check.
Luckily, I'm still on 5.20 from well over a year ago.
I should probably uninstall anyway.
Thanks for this.
We heard you don't like malware, so we put malware into your anti-malware software, so you can get malware, while trying to remove malvare
CCleaner isn't anti-malware, just a file/system cleaning program.
throwawayname
Member
"Registry
You might also check your registry for indicators of compromise (type regedit.exe in the start menu, and try to navigate to):
HKLM\SOFTWARE\Piriform\Agomo:TCID
HKLM\SOFTWARE\Piriform\Agomo:MUID
HKLM\SOFTWARE\Piriform\Agomo:NID"
Do these go away when you uninstall CCCleaner before checking? I don't even have a \Piriform path in the registery anymore.
You might also check your registry for indicators of compromise (type regedit.exe in the start menu, and try to navigate to):
HKLM\SOFTWARE\Piriform\Agomo:TCID
HKLM\SOFTWARE\Piriform\Agomo:MUID
HKLM\SOFTWARE\Piriform\Agomo:NID"
Do these go away when you uninstall CCCleaner before checking? I don't even have a \Piriform path in the registery anymore.
QuantumZebra
Member
I never trusted CCleaner. I go w/ nothing but Malwarebytes and Windows Defender. Been issue free for ... years... decades really.
*Caveat: I do run Avast For Business (its free believe it or not) at home and at work now - you just sign up using a business name and you have free top-tier antivirus, and it has a built in VPN that costs $5 / month. VERY good.
*Caveat: I do run Avast For Business (its free believe it or not) at home and at work now - you just sign up using a business name and you have free top-tier antivirus, and it has a built in VPN that costs $5 / month. VERY good.
Wag
Member
The NSA is on to you.
Red Liquorice
Member
This is why I don't have automatic updates on progrems. Tell me there's a new version, fine - but I'll decide if I want it or not.
You still have to go do it manually. It just lets you know.
nephilimdj
Member
Only effected 32bit, more legecy nsa/cia leaked crap hacking civillians?
GifGafIsTheBestGaf
Member
fuck, when i was booting up ccleaner i found this thread on gaf lol
i installed it the 21 of august, i will have to delete it from my other laptop as well
i installed it the 21 of august, i will have to delete it from my other laptop as well
DiipuSurotu
Banned
"Crap Cleaner" indeed
ZombieSupaStar
Member
I have win10 64bit and missed the infected version (yay for not updating for months). Does the site automatically give you the installer based on your OS? I don't ever remember selecting a 32/64 bit version when I download it.
kraspkibble
Permabanned.
I have no idea what version I have but it's getting uninstalled real fast as soon as I get back to my PC. Have been meaning to do it for a while now anyway.
Buy out the competition, sabotage their software to slowly kill them.
The_Inquisitor
Member
Depressing. I have 64 bit installed but looks like MalwareBytes isn't taking any chances and quarantined it. I didn't renew for premium this year and may not after this. Had no idea AVAST acquired them.