Popular software CCleaner infected with backdoor

Discussion in 'Frontpage news' started by Hilbert Hagedoorn, Sep 18, 2017.

  1. Hilbert Hagedoorn

    Hilbert Hagedoorn Don Vito Corleone Staff Member

    Messages:
    30,124
    Likes Received:
    273
    GPU:
    AMD | NVIDIA
    A bit of a warning, if you have download CCleaner recently, their installer was infected with malicious software. With millions of downloads last month the end-users may have been infected....

    Popular software CCleaner infected with backdoor
     
  2. StewieTech

    StewieTech Chuck Norris

    Messages:
    2,034
    Likes Received:
    44
    GPU:
    MSI gtx 960 Gaming
    You´re never really safe are you? Such a cool little program, what a shame... :(
     
    Keitosha likes this.
  3. WhiteLightning

    WhiteLightning Don Illuminati Staff Member

    Messages:
    26,726
    Likes Received:
    57
    GPU:
    Inno3d GTX 1070 iChill x4
    glad i use the portable one
     
    Jumbotron likes this.
  4. AMDNvidia

    AMDNvidia Member

    Messages:
    14
    Likes Received:
    1
    GPU:
    GTX980 4GB + GTX 780Ti
    Thank you for the warning
     

  5. allesclar

    allesclar Ancient Guru

    Messages:
    5,433
    Likes Received:
    21
    GPU:
    Nvidia GeForce GT 540M
    Jesus, makes you wonder doesn't it. Inside job?
     
  6. bjoswald

    bjoswald Member Guru

    Messages:
    140
    Likes Received:
    0
    GPU:
    8GB MSI Gaming-X RX 480
    One less thing to install after Windows!
     
  7. fry178

    fry178 Master Guru

    Messages:
    565
    Likes Received:
    7
    GPU:
    Strix 1060/6GB@2GHz
    not an issue for me or machines i work on.
    stopped using newer releases after 5.18.5607, when they went with "premium" crap.

    even that i dont believe in "dont fix a working system", its not always the best to update everything as soon as possible.
     
  8. Only Intruder

    Only Intruder Master Guru

    Messages:
    834
    Likes Received:
    3
    GPU:
    Sapphire R9 Fury Nitro
    So we need a crap cleaner for CCleaner now :')
     
  9. ubercake

    ubercake Active Member

    Messages:
    97
    Likes Received:
    6
    GPU:
    Asus GTX 1080 FE
    It should be noted that all communications from piriform indicate it affects only 32-bit Windows systems.
     
  10. CrazY_Milojko

    CrazY_Milojko Ancient Guru

    Messages:
    1,750
    Likes Received:
    45
    GPU:
    GTX760 270X GTX970
    Thanks for the heads up HH!
     

  11. Hilbert Hagedoorn

    Hilbert Hagedoorn Don Vito Corleone Staff Member

    Messages:
    30,124
    Likes Received:
    273
    GPU:
    AMD | NVIDIA
    Actually, I think what they meant is this, it involves the 32-bit installer, which most normal people download download and which installs just fine on 64-bit OSes.
     
    airbud7 likes this.
  12. Jumbotron

    Jumbotron Member

    Messages:
    25
    Likes Received:
    1
    GPU:
    Zotac 980 Ti Amp! Extreme
    I use it too. In fact, I always use portable editions over classic setup ones (whenever that option is present, of course).
     
  13. Moto_Life

    Moto_Life New Member

    Messages:
    5
    Likes Received:
    1
    GPU:
    Msi 1070 gaming X
    Damn it. I was running that version of CCleaner. Scanning with Malwarebytes as I type this and I see it detected the trojan :( I'll wait for the scan to finish and hope it takes care of it. Cant remember the last time I got infected. Will really suck if i have to reinstall windows. I had already scanned with windows defender both a full scan and the offline one and it didn't see it...
     
    Last edited: Sep 18, 2017
  14. MerolaC

    MerolaC Ancient Guru

    Messages:
    2,823
    Likes Received:
    4
    GPU:
    R9 390 8GB
    Just use the Portable build.
    Always used it myself.
     
  15. wavetrex

    wavetrex Member Guru

    Messages:
    179
    Likes Received:
    12
    GPU:
    Zotac GTX1080 AMP!
    Version handled by Chocolatey is 5.34.6207 and just ran a malwarebytes scan - 0 infections detected.

    I seriously recommend this to handle your free software installations, not only that it does them automatically ( like Linux package managers ), but also is another layer of safety ( every update on all their software is thoroughly scanned, so chance of such mishaps is very slim )
    https://chocolatey.org/

    Started using it about 5 months back and I would never go back to manual installs, that feels so archaic !
    [​IMG]
     

  16. Moto_Life

    Moto_Life New Member

    Messages:
    5
    Likes Received:
    1
    GPU:
    Msi 1070 gaming X
    [​IMG]

    It did remove it. Think I'm all good now?
     
  17. Robbo9999

    Robbo9999 Master Guru

    Messages:
    647
    Likes Received:
    17
    GPU:
    Zotac GTX1070 AMP 2050Mhz
    I supposedly had the affected version of CCleaner installed, but regular Malwarebytes & Avira scans that I do have never picked up any infection. Either way I downloaded the new version of CCleaner & I'm running a full deep scan again with Malwarebytes - I'll update this post if it finds any malware - I doubt it as I did a scan a few days ago. Mind you I always delete the setup program file after installation & I see the user above me just detected the trojan in the setup file, maybe that's why my PC has been coming up clean recently after scans. EDIT: just finished scans - yep, no detections.
     
    Last edited: Sep 18, 2017
  18. Raplapla

    Raplapla Member

    Messages:
    22
    Likes Received:
    0
    GPU:
    -
    I don’t miss Windows.
     
  19. pyro226

    pyro226 New Member

    Messages:
    2
    Likes Received:
    0
    GPU:
    Sapphire Radeon 6850 1GB
    Malware bytes didn't detect a problem with a system. It found a problem with the installer. You could try to boot into safe mode (F8) and scan again, but most likely, you're fine.
     
  20. CrazY_Milojko

    CrazY_Milojko Ancient Guru

    Messages:
    1,750
    Likes Received:
    45
    GPU:
    GTX760 270X GTX970
    In your case MBAM found infected installer. Suggest you to scan system with AdwCleaner and HitmanPro, maybe even Combofix if you have Win7 or 8 (doesn't work on Win8.1 or 10). If they don't find anything you're safe.
     
    Aura89 and airbud7 like this.

Share This Page