Woody Leonhard's no-bull news, tips and help for Windows, Office and more… Please disable your ad blocker – our (polite!) ads help keep AskWoody going!
Home icon Home icon Home icon Email icon RSS icon
  • CCleaner 5.45 removed

    Posted on August 3rd, 2018 at 22:17 Kirsty Comment on the AskWoody Lounge

    A couple of days ago, Martin Brinkmann (on ghacks.net) wrote:

    Don’t install or upgrade to CCleaner 5.45

    Piriform/Avast released CCleaner 5.45 recently to the public that Windows users may not want to install or upgrade to.

    Today, Lawrence Abrams (on bleepingcomputer.com) wrote:

    CCleaner v5.45 Pulled Due to Anger Over Usage Data Collection

    It has not been a good week for Piriform’s PC cleaning tool CCleaner. With the release of CCleaner version 5.45, it was quickly discovered that the program’s “Active Monitoring” component, which is utilized to send anonymous usage data back to Piriform, could no longer be disabled.
    First discovered by Ghacks.net, users of version 5.45 discovered that unlike previous versions there was no privacy setting that allowed you to disable the sending of anonymous usage information to Piriform.

    This was discussed here on Piriform CCleaner & Speccy

    Now, feedback has resulted in changes, as noted on piriform.com today:

    Today we have removed v5.45 and reverted to v5.44 as the main download for CCleaner while we work on a new version with several key improvements. You can grab version 5.44 from one of the links [below]:

    (You can find those download links here)

    It’s nice to know that feedback can make a difference, while they go back to their drawing boards, trying to keep their customers happier.

  • Remember the infected version of CCleaner? 2.27 million downloads, but only 40 got the royal treatment

    Posted on April 22nd, 2018 at 10:49 woody Comment on the AskWoody Lounge

    If you remember the widely-publicized CCleaner attack, you may be surprised to discover that of the 2.27 million infected downloads, the attackers only gave the full treatment to 40 machines. Says Lily Hay Newman at Wired:

    The hackers were apparently launching a targeted attack, looking for a few needles in the massive haystack of 2.27 million “successful” malicious downloads. Of those, about 1.65 million copies of the CCleaner malware phoned home to the attackers, and they only targeted 40 with a second stage of the attack: installing ShadowPad. All of these were technology and IT enterprise targets (most CCleaner users are individuals and home users), and the attackers were able to infiltrate 11 companies through the 40 installs they picked out.

    Fascinating story.

  • Is your CCleaner safe? New evidence suggests maybe not

    Posted on September 21st, 2017 at 04:37 woody Comment on the AskWoody Lounge

    CCleaner is back in the headlines. After the initial report that the CCleaner installer included malware, Avast/Piriform/CCleaner claimed that installing the latest version of CCleaner — version 5.34 — would knock out the infection.

    Now Cisco’s Talos Group says that isn’t the case. For machines on some domains — samsung.com, vmware.com, cisco.com, linksys.com, and a couple dozen more — there’s a secondary infection that isn’t so easy to scrub.

    Martin Brinkmann at ghacks.net has a good overview.

    For those of us who have railed against registry cleaners for many years (“It’s like sweeping off a spot in a Target parking lot in Anacortes”), the brouhaha comes as a welcome vindication. Yes, I know CCleaner does more than registry cleaning. Mumble mumble.

    UPDATE: Catalin Cimpanu at Bleepingcomputer digs into the code. Signs point to this being the handiwork of Axiom, which has been linked to the “Chinese Intelligence Apparatus.”

    UPDATE: Avast confirms the Talos Group report.

    UPDATE: Kevin Beaumonth (@GossiTheDog) has a scary conclusion:

    The CCleaner hack is the biggest single remote code execution attack possibly ever. They had huge amounts of access,  it is incredible.

    They were directly behind firewalls at governments, banks, Fortune 500 etc and pulled it off for a month without any detection. Crazy.

  • CCleaner back door / botnet infection updates

    Posted on September 18th, 2017 at 07:27 woody Comment on the AskWoody Lounge

    Bottom line: If you installed CCleaner any time after Aug. 15, you need to install the latest version.

    Avast bought Piriform (and CCleaner) in July. The malware was inserted into the installer in August. The botnet Command center was taken down in September.

    Oy. Don’t use registry cleaners, OK?

    Computerworld Woody on Windows.