Personal computing discussed

Moderators: Flying Fox, Ryu Connor

 
just brew it!
Gold subscriber
Administrator
Topic Author
Posts: 49718
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

CCleaner p0wnage

Mon Sep 18, 2017 3:21 pm

If you downloaded and installed an update to CCleaner within roughly the past month, your system has been compromised. Gory details here: https://arstechnica.com/information-tec ... -ccleaner/
Nostalgia isn't what it used to be.
 
bthylafh
Grand Gerbil Poohbah
Posts: 3907
Joined: Mon Dec 29, 2003 11:55 pm
Location: Southwest Missouri, USA

Re: CCleaner p0wnage

Mon Sep 18, 2017 3:36 pm

Although this apparently only affects the 32-bit executable, so if you run 64-bit Windows you probably are unaffected. Still would be best to upgrade or uninstall, of course.
Hakkaa päälle!
i7-8700K|Asus Z-370 Pro|32GB DDR4|Asus Radeon RX-580|Samsung 960 EVO 1TB|1988 Model M||Logitech MX 518 & F310|Samsung C24FG70|Dell 2209WA|ATH-M50x|Asus Xonar DX
 
Acidicheartburn
Gerbil First Class
Posts: 123
Joined: Thu Jan 01, 2015 4:12 pm

Re: CCleaner p0wnage

Mon Sep 18, 2017 3:48 pm

Yeesh. Glad I don't update CCleaner. I'm also really disappointed that Avast acquired Piriform. Not looking forward to the eventual decline of CCleaner and Speccy as they become more ad and bloatware filled.
 
just brew it!
Gold subscriber
Administrator
Topic Author
Posts: 49718
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: CCleaner p0wnage

Mon Sep 18, 2017 3:53 pm

bthylafh wrote:
Although this apparently only affects the 32-bit executable, so if you run 64-bit Windows you probably are unaffected. Still would be best to upgrade or uninstall, of course.

Ahh, missed the part that indicated it was 32-bit specific. That mitigates things somewhat, but I imagine there are still quite a few 32-bit systems out there.
Nostalgia isn't what it used to be.
 
bthylafh
Grand Gerbil Poohbah
Posts: 3907
Joined: Mon Dec 29, 2003 11:55 pm
Location: Southwest Missouri, USA

Re: CCleaner p0wnage

Mon Sep 18, 2017 4:09 pm

Acidicheartburn wrote:
Yeesh. Glad I don't update CCleaner. I'm also really disappointed that Avast acquired Piriform. Not looking forward to the eventual decline of CCleaner and Speccy as they become more ad and bloatware filled.


There's always Bleachbit for clearing out junk, but it doesn't have a nice quickly-accessible list of programs to uninstall, which is most of what I use CCleaner for these days.
Hakkaa päälle!
i7-8700K|Asus Z-370 Pro|32GB DDR4|Asus Radeon RX-580|Samsung 960 EVO 1TB|1988 Model M||Logitech MX 518 & F310|Samsung C24FG70|Dell 2209WA|ATH-M50x|Asus Xonar DX
 
Acidicheartburn
Gerbil First Class
Posts: 123
Joined: Thu Jan 01, 2015 4:12 pm

Re: CCleaner p0wnage

Mon Sep 18, 2017 4:38 pm

bthylafh wrote:
Acidicheartburn wrote:
Yeesh. Glad I don't update CCleaner. I'm also really disappointed that Avast acquired Piriform. Not looking forward to the eventual decline of CCleaner and Speccy as they become more ad and bloatware filled.


There's always Bleachbit for clearing out junk, but it doesn't have a nice quickly-accessible list of programs to uninstall, which is most of what I use CCleaner for these days.

In the past when I was still running Vista, my computer would have issues with taking absolute ages to turn off. It was to the point of being a downright nuisance as it meant I couldn't stuff my laptop into my bag without fear of overheating the computer. I had read somewhere that CCleaner could help with this by running the registry cleaner. I gave it a shot and sure enough, it fixed the issue. I've since liked to run the reg cleaner every now and then on all my and my relatives' computers. Does Bleachbit have this feature?

I've never bothered with updating CCleaner after installing it for the first time, as it's always run fine and I've never felt like I needed any "new features". Perhaps I can simply continue the way I have.
 
bthylafh
Grand Gerbil Poohbah
Posts: 3907
Joined: Mon Dec 29, 2003 11:55 pm
Location: Southwest Missouri, USA

Re: CCleaner p0wnage

Mon Sep 18, 2017 5:26 pm

I don't think it does, no. But now I remember the other thing I use CCleaner for, mostly: managing startup programs. It's been a while since I used msconfig but it liked to gripe every boot about having some items disabled.
Hakkaa päälle!
i7-8700K|Asus Z-370 Pro|32GB DDR4|Asus Radeon RX-580|Samsung 960 EVO 1TB|1988 Model M||Logitech MX 518 & F310|Samsung C24FG70|Dell 2209WA|ATH-M50x|Asus Xonar DX
 
Captain Ned
Gold subscriber
Global Moderator
Posts: 26471
Joined: Wed Jan 16, 2002 7:00 pm
Location: Vermont, USA

Re: CCleaner p0wnage

Mon Sep 18, 2017 5:40 pm

Dodged a bullet on this one. Had the exact compromised version on my work lappy, but the 64-bit version didn't have the malware. That saved me from some "interesting" 'splainin.

According to Piriform's site, the installer for 5.34 (latest malware-free version) will remove the malware. Haven't seen that tested, though.
If the Earth were flat, cats would have pushed everything off of it by now.
 
Chrispy_
Gold subscriber
Maximum Gerbil
Posts: 4102
Joined: Fri Apr 09, 2004 3:49 pm
Location: Europe, most frequently London.

Re: CCleaner p0wnage

Mon Sep 18, 2017 6:49 pm

For the best part of a decade I've considered CCleaner as malicious/malware anyway, so the fact it comes with Malware now is exactly what I've always expected.

CCleaner does more harm than good - If a machine comes to me with problems and I see CCleaner installed, I just format the disk and install a fresh OS. I have thousands of hours of experience repairing the damage CCleaner has caused. And do you know what? I'm too old and impatient to deal with it anymore.
Congratulations, you've noticed that this year's signature is based on outdated internet memes; CLICK HERE NOW to experience this unforgettable phenomenon. This sentence is just filler and as irrelevant as my signature.
 
bthylafh
Grand Gerbil Poohbah
Posts: 3907
Joined: Mon Dec 29, 2003 11:55 pm
Location: Southwest Missouri, USA

Re: CCleaner p0wnage

Mon Sep 18, 2017 7:25 pm

Chrispy_ wrote:
CCleaner does more harm than good - If a machine comes to me with problems and I see CCleaner installed, I just format the disk and install a fresh OS.


:roll:
Hakkaa päälle!
i7-8700K|Asus Z-370 Pro|32GB DDR4|Asus Radeon RX-580|Samsung 960 EVO 1TB|1988 Model M||Logitech MX 518 & F310|Samsung C24FG70|Dell 2209WA|ATH-M50x|Asus Xonar DX
 
Acidicheartburn
Gerbil First Class
Posts: 123
Joined: Thu Jan 01, 2015 4:12 pm

Re: CCleaner p0wnage

Tue Sep 19, 2017 7:25 pm

Chrispy_ wrote:
For the best part of a decade I've considered CCleaner as malicious/malware anyway, so the fact it comes with Malware now is exactly what I've always expected.

CCleaner does more harm than good - If a machine comes to me with problems and I see CCleaner installed, I just format the disk and install a fresh OS. I have thousands of hours of experience repairing the damage CCleaner has caused. And do you know what? I'm too old and impatient to deal with it anymore.

Correlation=/=causation.

In all my years of using CCleaner across many different computers and Windows OS's, I can say with confidence that I have never once had an issue with using it. Anecdote, yes, but it still stands.
 
Kougar
Silver subscriber
Minister of Gerbil Affairs
Posts: 2046
Joined: Tue Dec 02, 2008 2:12 am
Location: Texas

Re: CCleaner p0wnage

Wed Sep 20, 2017 11:22 am

The last time I used CCleaner on a Win 10 system to see what it would do, the Windows Explorer process began to hang, and auto-restart itself 1-2 times a day until I used the restore point I made just prior. Something to do with opening/viewing folders.

Correlation is not causation, but I find it interesting how some of the people I know with absurdly frequent Windows problems also happen to use that software. That software is a menace if used on default settings, akin to using a sledge hammer to assemble IKEA furniture. It's gonna be dented and damaged (as with the OS) by the time ya finish.
 
bthylafh
Grand Gerbil Poohbah
Posts: 3907
Joined: Mon Dec 29, 2003 11:55 pm
Location: Southwest Missouri, USA

Re: CCleaner p0wnage

Wed Sep 20, 2017 11:53 am

Anecdata:

My department's got it on several hundred computers and has for the thick end of a decade. I've never known it to cause problems... as long as I remember to turn off having it clear out "recent documents" in Microsoft Office, which got me the stink-eye from a user more than once. Even having it clean the Registry (which I've given up on doing) hasn't seemed to cause any trouble.

At a guess you checked some "clean these" boxes that weren't on by default.
Hakkaa päälle!
i7-8700K|Asus Z-370 Pro|32GB DDR4|Asus Radeon RX-580|Samsung 960 EVO 1TB|1988 Model M||Logitech MX 518 & F310|Samsung C24FG70|Dell 2209WA|ATH-M50x|Asus Xonar DX
 
just brew it!
Gold subscriber
Administrator
Topic Author
Posts: 49718
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: CCleaner p0wnage

Thu Sep 21, 2017 6:34 pm

https://arstechnica.com/information-tec ... -appeared/

Looks like it was part of a very sophisticated, targeted attack. When installed on computers at certain companies, an additional payload was delivered and executed.

The good news is, if you don't work at one of the targeted companies you're probably in the clear. The bad news is, the attacker(s) were potentially able to break into the networks at some of the biggest companies in tech, including Microsoft, Cisco, VMware, and Samsung. There could still be additional follow-on implications if any sensitive systems were accessed.
Nostalgia isn't what it used to be.
 
cheesyking
Minister of Gerbil Affairs
Posts: 2664
Joined: Sun Jan 25, 2004 7:52 am
Location: That London (or so I'm told)
Contact:

Re: CCleaner p0wnage

Fri Sep 22, 2017 11:41 am

What on earth were people at any of those companies doing installing or even being allowed to install crudware ccleaner anyway?
Fernando!
Your mother ate my dog!
 
Chrispy_
Gold subscriber
Maximum Gerbil
Posts: 4102
Joined: Fri Apr 09, 2004 3:49 pm
Location: Europe, most frequently London.

Re: CCleaner p0wnage

Fri Sep 22, 2017 12:23 pm

Acidicheartburn wrote:
Correlation=/=causation.


...and yet there's no smoke without fire.

CCleaner can be used harmlessly, but it's usually something people have installed because it claims to fix registry errors; Any registry that has been "fixed" by automated tools is probably not even worth bothering with. Proper registry repair is not a quick and easy job even if you know what you're doing.
Congratulations, you've noticed that this year's signature is based on outdated internet memes; CLICK HERE NOW to experience this unforgettable phenomenon. This sentence is just filler and as irrelevant as my signature.
 
HAL-9000
Gerbil
Posts: 11
Joined: Fri Feb 24, 2017 2:51 pm
Location: Discovery One

Re: CCleaner p0wnage

Fri Sep 22, 2017 7:48 pm

cheesyking wrote:
What on earth were people at any of those companies doing installing or even being allowed to install crudware ccleaner anyway?


And to add the cherry on top, they would need to have been using the 32-bit version of CCleaner to get infected.

Are there still that many Windows PC's running a 32-bit OS at these major companies?
 
just brew it!
Gold subscriber
Administrator
Topic Author
Posts: 49718
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: CCleaner p0wnage

Fri Sep 22, 2017 9:12 pm

HAL-9000 wrote:
Are there still that many Windows PC's running a 32-bit OS at these major companies?

I would hazard a guess that the percentage is small. But even a small percentage of a really huge number is still a pretty big number.
Nostalgia isn't what it used to be.
 
HAL-9000
Gerbil
Posts: 11
Joined: Fri Feb 24, 2017 2:51 pm
Location: Discovery One

Re: CCleaner p0wnage

Sat Sep 23, 2017 5:40 pm

 
just brew it!
Gold subscriber
Administrator
Topic Author
Posts: 49718
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: CCleaner p0wnage

Sat Sep 23, 2017 5:55 pm

Holy... f*cking... crap. That's pathetic.

I've never been a fan of CCleaner, and stopped recommending Avast a few years back. Looks like it's gonna stay that way.
Nostalgia isn't what it used to be.

Who is online

Users browsing this forum: No registered users and 1 guest