2017 CCleaner Malware/Trojan

the fuck happened now?

It depends what version you was running, only one version was affected. As long as you didn't update the software to the affected version you're safe.

v5.33. AFAIK the trojan only affects 32bit version. Regardless, don't ever update CCleaner again.
Avast acquired Piriform a few weeks after the 5.32 update. Avast is a shit company that shouldn't be trusted with user data.

>using CCMEMER in 2017

wew

The user above is reporting a positive result on malwarebytes even with the 64bit version. Could he be mistaken?

And thank you for your advice. I shall be taking it and uninstalling Ccleaner.

The straw that broke my back were the constantly failing hard drives from high disk writes and increasing lack of control by newer and newer versions of windows to deal with these kinds of problems.

>I made the full switch to Linux yesterday.
>oh no a program had malware
So youre also gonna stop driving a car because you can get hit by a 3rd party?

vocaroo.com/i/s0JSmpoi8PrK

It was the latest version of the 64-bit one, but I'm still kinda worried

I was supposed to update cccleaner?
Like ever?
What for?

>Rather use virus infested Windows computer than a clean Linux.

Id rather have a STD infested hooker than a clean Wife

>Id rather have a STD infested hooker than a clean Wife
I'd rather have a clean hooker than an STD infested wife like yours, linux cuck.

I too am running 64-bit and Defender had a notification for me when I logged back on to my PC after getting home from work. I've removed everything and am running a malewarebytes scan now to see what it comes back with. I read an article on How to Geek that said if there was a particular reg key in HKLM\SOFTWARE\Piriform then you are affected. The reg key was not on my system but I'm still skeptical. We'll see what malewarebytes turns up, it's going to be a while, I'm scanning all my drives so I'll report back what I find later.

64bit version wasn't infected

It wasn't this, I'm thinking about it because everything really. It was time to buy a new router and that article about all of them being compromised came out. This got me thinking of the state of windows. Really though I think everything is compromised. I honestly think that Linux users are probably targeted more aggressively because it would be used by people trying to get away from windows.

I think we're fucked and this is the beginning of the end. Between security and how politically active everyone online is becoming I don't really see myself using the computer anymore in the coming years and I'll probably be offline within five.

I'll do my dumb shit for work and maybe have a video game console. But I really don't enjoy the internet anymore. It's became more of an entertainment platform than a communication/education platform.

I'll probably just become /fit/ and focus on music and some other hobby. Really tho I think working with computers killed it more for me.

/blog

Right but Defender still called it out as a threat. So I'm still cautious.

Funny how this happened right after it was bought by an anti-virus company. Is it safe to assume that piriform is tainted as a company now?

"Within the 32-bit CCleaner v5.33 binary included with the legitimate CCleaner v5.33 installer, '__scrt_get_dyn_tls_init_callback' was modified to call to the code at CC_InfectionBase(0x0040102C). This was done to redirect code execution flow within the CCleaner binary to the malicious code prior to continuing with the normal CCleaner operations. The code that is called is responsible for decrypting data which contains the two stages of the malicious payload, a PIC (Position Independent Code) PE loader as well as a DLL file that effectively functions as the malware payload. The malware author had tried to reduce the detection of the malicious DLL by ensuring the IMAGE_DOS_HEADER was zeroed out, suggesting this attacker was trying to remain under the radar to normal detection techniques. "

Source:
blog.talosintelligence.com/2017/09/avast-distributes-malware.html

Also as another user stated
>Installing a 3rd party program to "clean" your registry
Haha oh wow, what the fuck did you guys expect? Welcome to the year 2017 where large companies don't give a FUCK about security if there aren't laws for them to do so.

idk but if a program wants me to update and then just takes me back to their site so i have to re-install it, i just delete the program.

too lazy for that

So basically if you don't have those reg keys in that folder I called out earlier, you should be good. I don't have anything in there so that makes me feel better.

Well after removing CCleaner and running malewarebytes everything looks good. I was running the 64-bit version though and never had any of the weird reg keys in my registry. Running a Defender scan because fuck it why not, it was the thing that called this out on my machine. Still debating a windows reinstall just to be safe.

>tfw reinstalled windows the other week but used a ccleaner .34 installer

I'm safe right?

>Number of Windows 10 S users infected with this: 0
Sup Forums BTFO

well they tried to fix that with the store which is essentially just a graphical package manager, and everyone spat in MS' face. there's 3rd party solutions too like chocolatey, but if you don't adopt any of them how do you expect the issue to ever be resolved?

It literally could have happened on any OS, retard. They broke into a secure server and were able to sign their modified binary.