• Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.

CCleaner infected with malware

ShirAhava

Plays with kids toys, in the adult gaming world
Desktop is fine...64 bit, ran a check, all good, deleted CC anyway

Windows 8 laptop I barely use is FUBAR ;/ gonna wipe the drive and install Linux cause why not
 

Neith

Banned
wew, this is going to be a doozy.

Parental computer had the affected 32 bit version but they don't have the exe and removed the program.

I've run a RogueKiller scan, an MB scan and have searched the registry for any of the apparent infected values but 0 results so far. News sense tells me I'm not looking hard enough and that it is probably hiding but Comp sense tells me if its not showing up they probably didn't download an infected version of 5.33 to begin with and likely before the time period of infection.

The struggle is real.

MB will find this thing. I use only the 64 bit version, but I have the 32 bit version cuz it comes along with the install. MB found it right away. No idea if I have been affected.

It's 2017 bros. No need to use CC cleaner.

It was still a decent application. Cleaned registry and logs and stuff and did so very easily for a lot of people. It is what it is.

There is nothing wrong with having an application to clean caches, registry, and logs lol. You guys are a little overboard with the we don't need this we are too modern thing going on. A lot of people find this app helpful obviously.
 

Neith

Banned
So glad I use Win10 64-bit because I just scanned the setup exe and it's definitely infected.

I'm going to look for an alternative to CCleaner, I have a feeling this program is going to take a huge hit after this.

Auslogics boost speed is the best out there IMO. I think most people torrent it though lol.

I had CCleaner because it was an easy way to securely erase anything in the recycling bin if you wanted to. Nothing more than that really.

Can someone tell me exactly what is at stake here if you were infected and things were working properly, and also who would want to do this outside of NSA or someone like that?
 

Pooya

Member
It was still a decent application. Cleaned registry and logs and stuff and did so very easily for a lot of people. It is what it is.

You don't want to "clean registry". It's placebo at best, often can be system ruining.

don't use this pos. It does no good.
 

adamsapple

Or is it just one of Phil's balls in my throat?
Whelp. If it doesn't effect 64 bit machines then thankfully all of my personal and work laptops are safe. Really disappointed by this, I've been using Ccleaner for years and it works well for cleaning caches and temp files in a single go. Just to be safe I'll probably run full Malware Byte scans on all of my computers tonight.

Auslogics boost speed is the best out there IMO. I think most people torrent it though lol.

I had CCleaner because it was an easy way to securely erase anything in the recycling bin if you wanted to. Nothing more than that really.

Can someone tell me exactly what is at stake here if you were infected and things were working properly, and also who would want to do this outside of NSA or someone like that?

Never heard of Auslogics Boost before but will give that a shot too. Thanks.
 

Neith

Banned
You don't want to "clean registry". It's placebo at best, often can be system ruining.

don't use this pos. It does no good.

I have never had one instance of cleaning a registry doing anything harmful to MY computer, but if you start pushing random buttons it could do that I guess.

I have used Auslogics Boost Speed without fail for years. I clean my registry every now and then and it seems fine to me.

I used CC because I could securely erase the recycle bin in an easy and efficient way along with any of its other functions.

Besides I had no idea this company was bought out by some large ass thing. I won't be using it anymore.
 

WetWaffle

Member
I still have version 5.20.5668 64 bit,should be safe. Thank God I ignored that update message for months. Shit like this is why I almost never upgrade some software, if it works, don't change it. Same thing happened with that freemake youtube video downloader. I had a version that had no malware but for some stupid reason, I updated and had to purge it.
 
For what purpose where people using CCleaner before that it matters whether you had an SSD of a HDD?

Adobe software still generates a lot of cache files and it is always easier to erase them in a single action than go program by program. Even more important to do this on an SSD than in a drive with space to spare. To bad CCcleaner never did figure out what to do with After Effects cache. Even Norton on my old 2011 computer could clean the After Effects cache.
 

adamsapple

Or is it just one of Phil's balls in my throat?
For what purpose where people using CCcleaner before that it matters whether you had an SSD of a HDD?
Adobe software still generates a lot of cache files and it is always easier to erase them in a single action than go program by program. Even more important to do this on an SSD than in a drive with space to spare. To bad CCcleaner never did figure out what to do with After Effects cache. Even Norton on my old 2011 computer could clean the After Effects cache.

Cleaning cached files from pretty much all major programs and web browsers, clean up redundant registry entries, clean temporary files and recycle bin. All of the above in a single go basically. Additionally you can use it as a hub to uninstall programs, set startup apps to launch with windows and even use advanced features like disk analyzers to find and root out duplicate files.

All the things it does can be done individually without needing to install it but it's more of a (free) tool of convenience than necessity.
 

Kudo

Member


Cleaning cached files from pretty much all major programs and web browsers, clean up redundant registry entries, clean temporary files and recycle bin. All of the above in a single go basically.

All the things it does can be done individually without needing to install it but it's more of a (free) tool of convenience than necessity.


This and more secure formating feature for HDDs.
It's useful program for sure, and lets you choose what cookies you keep so don't have to log in each time you clear everything, but alas I think it's time to start living without maybe, not sure if I can get back from this..
 
Don't visit shady websites, and don't click on ads, and certainly don't open anything you downloaded randomly.

Clicking is not required.

Don't get ads at all (driveby malvertising is very common). Clicking isn't required. The stronger the adblocking you use the better. Sucks for sites that get by on advertising though.

Phishing: don't ever click on links (especially from emails) without hovering over the link to verify it is going where it says it is. This covers like 75% of phishing emails. Most of them are obviously not what they say they are (microsoft account will be disabled! But the link is hwaeijdsadsa.ru or whatever). And don't open attachments that you don't expect to receive from people. Most phishing emails are: fake shipment notifications, fake invoices, fake "your account will be disabled" type emails, and around tax season, fake IRS notices.

Phishing works well in corporate environments because they are sent as things people expect to receive: invoices, for example. Home users should never get something like that they haven't been told they'll be receiving from someone. Why is someone sending you a word doc? You should never be getting an attached doc these days that you don't expect.

If you want to be extra paranoid, don't run software from companies that you don't trust to have good security. These days that list is pretty scarce, unfortunately. Also don't visit sites you don't trust to be comped (for example, off the top of my head, years ago, GNC, the company that sells supplements in malls, was comped and putting out malware. Ditto for Reader's Digest site a while back).

And run anti-virus, for god's sake. This is the kind of thing that at least you would be notified of via an A/V scan, if you're not paying attention to the news. Yeah they get like 30 or 40 % of stuff these days (and that is being generous), but it's the retroactive alerting that is useful, for exactly this kind of thing.

Source: work in Cyber Incident Response for the last 5 years

Feel free to ask any other questions.

Lastly, I'm not sure this is the best approach, but I personally don't let any software run on startup that I don't need. No auto-updaters, no "makes the app start faster" startup stubs, etc. I do a manual update when I go to use the program. As an IT geek I have a lot of programs I don't use often (partition software, file recovery software, etc). CCCleaner (if I used it) would fall into this category. I probably would have lucked out as most of that stuff isn't used that frequently.

Only thing I have left on auto-update is Windows. Office, and stuff with high attack frequency like Adobe Acrobat.
 

Hesh

Member
I'm still on 5.32 and I only use CCleaner these days to clean my registry. Never really bothered with the tools included, I just like the convenience of being able to quickly and easily clean my registry and clear out my cached data.
 
According to Windows I installed 5.34 on 9/15/17

Honestly can't remember what version I had before that and can't think of a way to check either.

Malwarebytes says my system is clean.

How do you know if you had the 5.33 version if you uninstalled it ?




I had updated yesterday to 5.34, but I couldn't remember the version I had prior. So going into system restore, and looking at the different restore points it was able to show me what software would change based on the restore point date. Using that I was able to see I had 5.30 as of 9/12/2017 at 7:30 PM before I updated to 5.34 last night.
 

Neith

Banned
I don't have a restore point before that. CCleaner can honestly suck my balls. I don't have the time to do a full reinstall either. My PC has shown no signs of problems, and I have never used the 32 bit version despite having it because they insist it come with the 64 bit version.

Now what do I expect on my PC. MB found and killed the trojan. Is that not enough? Does this thing still exist?

Better yet who the fuck found a way to get this into their download lol? This sounds like some seriously shady shit coming from the inside.
 

Koren

Member
i cant keep up with all this malware/ransomware/spyware bullshit.. i want to give up.
Same, though I seem to be lucky enough to avoid those even without software against those (just really careful and a scan from time to time) I'm scared by ransomware.

At least, I've only my laptop to think about, all my other computers are Linux and mostly safe against it (partly because targeting Linux isn't as efficient, partly because it's easier to prevent software to do nasty things)


Still, it's not new, Microsoft distributed CDs of Windows (95 IIRC) with a virus on the CD...
 

LoveCake

Member
I am very security conscious and this has knocked me back a few, I am not happy at all about this, I'm quite angry actually, I have got rid of it now after many many years and won't be installing again, I have also uninstalled a couple of other programs I don't use that much just in-case any future updates are compromised.

The real issue is that this is happening more and more often and how this is now getting into software it's getting serious, even a Linux ISO was infected malware early last year, it has now got to the point where any program that you update could be compromised.

It does seem strange that this happened after being taken over, this has no doubt done significant damage though as it's been on the main news here and it's all over the internet, the people at Avast should be doing a hell of a lot more, that blog does nothing at all really, it goes on about only 32-bit users are effected, I am 64-bit Win 10 with the Pro CCleaner version and Malwarebytes flagged up Trojan - Nyetya and others with 64-bit have found the same.
 

A Human Becoming

More than a Member
It appears I have the infected install file. My father's XP computer also probably has it.

What should I do besides uninstall? I'm reading mixed responses here.
 
So I had .34 installed, but I'm not sure if I ever had .33 installed. Anyways, I had the 64bit version so I should be ok? Im running a full scan now and I uninstalled CCleaner.
 

LoveCake

Member
It appears I have the infected install file. My father's XP computer also probably has it.

What should I do besides uninstall? I'm reading mixed responses here.

I agree, there seems to be mixed responses everywhere on this, I just uninstalled and ran Malwarebytes (free) which removed it, then ran Kaspersky found nothing then ran Malwarebytes again, have a look on their blog https://blog.malwarebytes.com/secur...ted-ccleaner-downloads-from-official-servers/

It seems to be the consensus that it didn't actually activate and once removed people will be ok, it is just like getting a virus/Trojan and once removed it's ok without the need to reinstall Windows.
 

TheContact

Member
I feel bad for Avast. I wanted to like them. They have fucked up in the past though. One of their AV updates took a lot of busineesss out of commission for a few days. This breach of security is ironic considering they're a security firm. CCleaner was an OK piece of software for cleaning out temp files and browser history but anyone with 1 minute of free time can do this manually and cleaning out registry files has absolutely no benefit to computers or systems and can actually cause more harm than good. I've seen people use ccleaner and ruin their systems because of it.
 

chaosblade

Unconfirmed Member
My install of CCleaner is super old and I stopped using Avast this year. Glad I ditched it for Windows Defender again.
 

XOMTOR

Member


Cleaning cached files from pretty much all major programs and web browsers, clean up redundant registry entries, clean temporary files and recycle bin. All of the above in a single go basically. Additionally you can use it as a hub to uninstall programs, set startup apps to launch with windows and even use advanced features like disk analyzers to find and root out duplicate files.

All the things it does can be done individually without needing to install it but it's more of a (free) tool of convenience than necessity.


Can't you basically do all this already with Windows' built-in Disk Cleanup?

As for registry entries, I always create a system restore point prior to installing any new software so that if I decide I don't want it, I can restore and remove all traces of the software.
 

FlynnCL

Unconfirmed Member
This sucks. I was scrambling around trying to find the cause of this "Floxif" malware since at first I didn't believe CCleaner would truly be the cause.

The fact that this has been going on for so long is annoying. Going to reinstall Windows just to be sure and I will not be using CCleaner again.
 
*scratches head* How does an SSD prevent my OS and programs from racking up pointless junk files? Or how does an SSD help me delete junk leftovers in the registry? Or any other features that ccleaner offers?

CCleaner is not really necessary anymore. The Windows cleanup utility does most of the actually useful stuff it does (remove Windows temporary files). Most applications that keep temporary files will clean up after themselves (browsers for instance) or put them in a place where Windows will clean them up eventually (AppData/Local/Temp). Registry cleaning hasn't been necessary in a long while (especially if you have a SSD).
 
CCleaner is not really necessary anymore. The Windows cleanup utility does most of the actually useful stuff it does (remove Windows temporary files). Most applications that keep temporary files will clean up after themselves (browsers for instance) or put them in a place where Windows will clean them up eventually (AppData/Local/Temp). Registry cleaning hasn't been necessary in a long while (especially if you have a SSD).


This.

And registry cleanup isn't needed. It doesn't improve performance or really do anything else useful. Some stray reg entries aren't gonna hurt anything.

It's kind of like power washing your engine. It doesn't make your car perform any better, it doesn't really do much besides make it look nice / make you feel better.
 

Kudo

Member
This.

And registry cleanup isn't needed. It doesn't improve performance or really do anything else useful. Some stray reg entries aren't gonna hurt anything.

It's kind of like power washing your engine. It doesn't make your car perform any better, it doesn't really do much besides make it look nice / make you feel better.

People like clean things, and hard disk space is not free so I'd rather have that browser cache and temp clean at the end of the day.
Also cleans ALL browsers and junk most your software leave with one press of a button. This is what people fail to understand, it's just too convenient.
And lets you choose what data to even delete so you can leave the stuff you use and don't want cleaned.

Each to their own, I'm not too keen to run Windows Cleanup weekly on each HDD/SSD I have and try to remember to empty the trash can when space starts to run out, when I can just have this one handy button..
 

Keyouta

Junior Member
what's in everyone's registry that needs cleaning?
This is my question as well. I've never needed a registry cleaner and advice I've been given is to not install one. Even though there may be some leftover files in the registry pointing to a program you uninstalled, cleaning these files won't magically speed up your computer.
 

adamsapple

Or is it just one of Phil's balls in my throat?
People like clean things, and hard disk space is not free so I'd rather have that browser cache and temp clean at the end of the day.
Also cleans ALL browsers and junk most your software leave with one press of a button. This is what people fail to understand, it's just too convenient.
And lets you choose what data to even delete so you can leave the stuff you use and don't want cleaned.

Each to their own, I'm not too keen to run Windows Cleanup weekly on each HDD/SSD I have and try to remember to empty the trash can when space starts to run out, when I can just have this one handy button..

Yeah, pretty much all the things CCleaner does can be done manually .. this is/was just a really convenient one button solution to do all of that.
 

longdi

Banned
Damn n i wanted to buy the pro version last month. It has helped me clear my index.dat smut for years. No wonder it suddenly prompted to update, even though i never had it on auto update.
 
Top Bottom