Popular software CCleaner infected with backdoor

Also figured out why NOD32 detected it at Startup.

The Auto Cleanup Feature during Startup uses the 32-Bit Exe... even if you're using a 64-Bit OS.

 

Thought whole theory behind CCleaner was that fewer files meant quicker operation and kept storage constraints lower. It made more sense on mechanical drives. SSDs are fairly immune to that; why indexing is off. It also provided a way to render erased internet cache file sniffers useless. For me all it amounts to is an easy way to clear unneeded files in one fell swoop; and that is what I use it for. The auto feature was more of a hindrance even when it was first introduced; never liked it and was disabled soon after. CCEnhancer provided no need to upgrade the actual interface so the auto update checking was disabled as well. Asking why anyone uses such a thing is pointless. Some find it useful some do not. Even if it is useful in a placebo kind of way, it is still fulfilling a purpose to that individual. It hurts no one and has been providing a living for all employed by Piriform.

 

This is giving me temptation to create a free alternative

 

There is an alternative.

https://www.bleachbit.org/

 

Not sure if this one clean the registry.

 

It does not, did you make your alternative yet?

 

A registery cleaner does more bad than good.

If you have issues in you register it's best to google and fix it manually.

As for cleaning it, it makes zero difference in performance. And you can easily clean it manually by searching for the specific program you uninstalled.

 

i would download that , so long as can cleans my temps just as easy and has similar cookie function XD.

I only use CCleaner to automate my temp files/history/cookies cleaning threw a manual created schedule task, using the /auto augment from ccleaner64.exe

Ccleaner get installed into same folder ccleaner.exe ( 32bit) ccleaner64.exe are located in the same folder

 

Win98 was probably the last system i used such programs on. The good old days of Norton utilities.

 

Windows Defender has just warned me that it was eliminating a threat. It was CCleaner that was infected. Then I've deactivated Windows system protection on C:\ and have run Superantispyware and Malwarebytes Antimalware afterwards, just in case.

I thought that we people with portable CCleaner were not infected...

 

At the rate windows 10 pushes faulty automatic updates & win10 driver issues with latest branch; i been seeing reformat almost quarterly. who needs cleaners when you get that fressh install snappyness. nevertheless, i havent seen a infection in over a decade.

I had one on those old dell 2350 or w/e crap xp pentium 4; the never ending pop up. i haven't used cc cleaner since XP lol. Just use a host file and some script blocking, windows defender like another user said firewall/packet sniffer is all you need to monitor traffic; windows has built in network monitoring, cleaners its more rudimentary; furthermore, antivirus is really not needed for power user; i do recommend it for less techy folks. Moreover, its best to not use your admin account when ever possible! its more important for sheep like grandma clicking all ads on Facebook n crap.

Quick code for PwShell2.0 - netstat -a

Why they put it at the bottom? Probably because you need to update all your passwords asap why not mention that? i would even reformat, etc. You can see the trojan is looking for admin process with known exploits.. there a reason MICROSHIT add all those dummy numbers that change with updates _25235

"Additional information whether the process is running with administrator privileges, whether it is a 64-bit system, etc." -PAUL YUNG VP, Products

That is how they hit you with the ranmsom ware crap i see pop up on interent. that crap is hella funny tho its all spelled wrong and crap hhaha. i could make something way cleaner with just print screen and mspaint lmao.

Dont install Cleaner, optimizer, malware, anti virus crap on your cell phone; its all junk snake oil! You can do it all manually; it so easy to make a boot script . Those applications just slow down your lte connection with crap traffic. Root, Host file, firewall/wireshark, and remove adware. then just remove SU when your done using it but always use a root manager tho so you get the notice of anything ruining the SU randomly.

depending on how lazy you are you could also check the file system and see if you can find the bad files or for new ones that shouldn't be there. then ddos the asshole haha jk lol its possible? lmao,

Suspect malware,? wipe & restore backup,update passwords.
(edited)

Dont Forget you can run Windows IN A VirtualMachine.. could be viable depending on workload.

my 120gb hd to small tho haha need more games! amd needs to push more multi platform vulkin api 32 cores and 1tb ssd lmao $50.

 

https://arstechnica.co.uk/informati...much-worse-than-it-first-appeared/?comments=1

Looks like it much worse than we feared?

So we need to format? I had something on my PC from this but I removed it via suggestions in this thread. Or so I thought.

Also would we have to wipe other drives with games and such? Could we even backup?

 

@HonoredShadow

they already seized the servers that where getting all this info, according to them there is nothing to worry about

 

On 32bit windows yes, probably a good idea.
64bit version of ccleaner did not install the extra payloads, so really no worries there.

 

Not defrag from Norton Utilities but still nostalgic




PS Guys check these cool nostalgic videos
https://www.youtube.com/user/TheCanadianToast/search?query=Computer+Chronicles

 

I just clicked the download button and have no way of knowing which version? It's uninstalled and the installer deleted. As I said though I found something but removed it. Scanned only last week so...