CCleaner 5.33 Backdoor Vulnerability

BOTNET
O
T
N
E
T

>v5.25

phew

>current year
>using proprietary shitware
this user said it. Fpbp
A distro is not a kernel, you underage faggot. Go back to redd1t

Is there a decent alternative for CCleaner on Windows? I use the Winapp2.ini ruleset with CCleaner currently.

Anyway, time for a reinstall. Luckily it's just the machine I use for vidya that runs Windows.

I got that shit but looks like the only infected version was the 32 not 64
Who fuck use 32 nowadays

Malwarebytes sees it now. Ran a scan on ccsetup533.exe and it flagged it as Trojan.Nyetya

Are you using MB 2 or 3?

2.2.something

Not him but I'm using 3 with a legit premium key and it just showed up as my system being infected (from the program's install dir).

534.exe no flag

>32-bit

litrerally no one uses that old shit anymore except for GNU+Linux cucks

Bump

Im scanning mine, nothing yet.

It's a good thing I haven't updated CCleaner in like 3 months then. So how high risk is the vulnerability exactly? As in how easily can it be taken advantage of?

>could of
kys

If an old version is good enough no need to update a program ever.

I scanned ccleaner's dir with mb3.2.2 and nothing was found.

Are you scanning the exe?

see

32-bit installed by the installer on 64-bit systems, in fact ccleaner doesn't have an official 32/64 installer, unknown if it also runs it.

>for-32-bit-windows-users

Ha haaa

Has there been any reason to update ccleaner at all in the last few years?

>tfw was literally just about to pop in my new SSD and reinstall Windows 10 and then I see that I also got scumfuked by CCleaner

good timing desu, killing 2 birds with 1 stone now

Its litterally a trojan connecting to c2 servers. 100% Risk boi

Linux doesn't have this problem. And CCleaner is shitware and always has been. Clearing cache is retarded and a placebo unless you have 32GB storage only, in which case you shouldn't use windows and just get a Chromebook.

This.

You can manage startup services directly on windows, you don't need a separate tool just for that. Cookies can be managed by your browser.

Just goes to show that the ignorantly educated are most at risk. At least the complete ignorant fools buy chromebooks.

Well great. So anything before the 5.33 version is fine though right? Because I have a download folder full of the old executables of CCleaner

Only showing problems with ccsetup533.exe. I never deployed it but had a copy locally.

blog.malwarebytes.com/threat-analysis/2016/09/transmission-hijacked-again-to-spread-malware/

Kill yourself, cuck.

First Linux Mint and now this.

I have the 64 bit version. I..I..I'm safe right?

here,
apparently it creates this is the registry
HKLM\SOFTWARE\Piriform\Agomo
If you don't have it you should be fine

The people most likely to be fucked are the ones that use filehippo or have their cc version set to notify them when new updates are available. Those users tend to upgrade versions quickly and would have been within the vector timeframe.

or just run malwarebytes they've already updated
forgot transmission too

I did have 5.33 due to those damn update notifications, but luckily it was the 64 bit version.

is Windows Shitfender updated yet? I'm using W10 practically a malware OS, haven't installed MBAM again

So, did AVAST buy just the rights to CCleaner, or did they buy out Piriform?
If it's the ladder, goddamn it.

I have 5.34 and mban scan came back clean.

Reading the talos blog it seems state sponsored. Coming right around the equifax breach.

malwarebytes.com/search/?srchsrc=blog#stq=ccleaner&stp=1

nothing of note.

Yeah because it has 1000 other problems.

Linux doesn't have many things. The more features something has, the more prone to problems they tend to become.

Actually, it does
arstechnica.com/information-technology/2017/09/devs-unknowingly-use-malicious-modules-put-into-official-python-repository/

Interesting. Will someone else update MWB to current definitions and do a single scan on a copy of ccsetup533.exe if they have it. I can't be the only moron with a copy.

Or corporate.

All it appears to disclose is system info and ip.

Or a botnet being built.

Odd that they found no evidence of it reporting back logins so far. Could of easily stolen bitcoin/etherium wallets.

5 million installs per a week.

Perhaps they tried to identify a specific set of systems and they already knew they were 32 bit Windows install, which is more often on corporate machines and then use a 0-day to hack it after?

All speculation at this point, but it seems rather sophisticated for a normal botnet hack.

my scan of 5.34 is clean

Yeah and that damn cert.

Having to babysit your OS with cleaners and anti-virus programs isn't a feature. Useless bloatware doesn't equate to "features" either. If I made 10000 useless programs for Linux it wouldn't make it have "tons of features". It's crapware. Linux has a lot more tools available for it than windows ever will anyway.
Not to mention that Windows has majority of tools CCleaner gives already integrated.

K E K
forum.piriform.com/index.php?showtopic=48301

"false positive"
guess the AVs truly knew more

Looking back wasn't Nyetya the one that got reclassified as a shredder because it was so fucked up decryption wise?

5.28 here

phew indeed my friend

B...but the executable downloads were signed. I thought that meant they hadn't been tampered with and were safe?

Notpetya?

reddit.com/r/technology/comments/70tvpi/ccleaner_compromised_to_distribute_malware_for/

>what is regedit

5.29 here
in the cclear

>proprietary software
>backdoor
kek who would have thought

>2017
>using windows
top fucking kek

bleepingcomputer.com/news/security/ccleaner-compromised-to-distribute-malware-for-almost-a-month/

Just read about this.
Thank god I had 3.32 64 bit

That's why you use torrent to download ISO and don't use retarded shit like mint.

MBAM is great, use it the memes about 3.0 being bad are entirely unfounded.
So far no, WD hasn't been updated.

Gentoo dosen't have this problem.
This is why compiling everything from source is not a meme.

Gentoo doesn't have anything in the first place lmao

I suppose it's time for a clean install.

Good thing I'm not a fucking retard who needs a application to remove a bunch of files.

Is bleachbit any good? I don't really care about the dban stuff does it let you delete stuff without overwriting?

how do you manage deleting temporary files and system cache without it?

it's good enough for a former future president

%temp%
select all
del
%appdata%
etc
woah

>go to temporary files folder
>ctrl+a
>shift+del
Alternatively just make a bat file that deletes everything from temporary folders and just periodically open it up, dumbass

>essentially necessary
Odd way to write "complete placebo".

I'm still on 5.29, can't be fucked updating often.

Thank Allah I'm a lazy fuck who rarely updates anything. Pic related

>Thank Allah

This is a Christian board.

Erasing caches makes performance worse, not better. The only possible use of CCleaner is temporarily freeing some disk space and a little bit of privacy.

>tfw also super lazy
>updated last week
Fugg.

seven thousand clicks vs 3 clicks

try bleachbit

>thank allah
why are you using intel if you're a death cultist?

Just took a look and it seems okay. I just hope it cleans as well as CCleaner. It supports Winapp2 which is good.

What does shift del do

>using cc at all
knew this board was filled with gullible sluts

you do realize windows has a built in cleaner called disk cleaner?
at best run it once a year

stfu with ur hate facts

Oh, they're clever. They went right in the back door. youtube.com/watch?v=lxiVyC0qxCo

t. Brainlet

then how come I've helped out countless friends and relatives with old computers that run slow as fucking shit, then when I run ccleaner they're magically faster as if it was the first day they bought it?
temporary files bog down windows like fucking molassas

en.wikipedia.org/wiki/Placebo

Everyone one in this thread might as well be using a "speed up my pc" program.

incorrect. what I said simply is true.

>using cc cleaner