Makers of both the tools have same purpose-to make my System run faster than before- why then such vast difference between their findings?Īs an individual, if you had to take the decision for your own use, which of the two tools you would have preferred, and why? This would be apparent looking at the names of those 19 unnecessary applications. Next, I ran CCleaner but did not delete the files because I wanted to obtain forum members' opinion first.Īvast Cleanup reported that my System has 34 issues comprising 1.38 GB of Junk files + 19 Unnecessary applications + 15 System settings.ĬCleaner reported that my System had over 23 GB of Junk files + 143 Unnecessary applications/Registry issues.Īvast was reporting Registry issues under a different name "Unnecessary applications". I started the process asking myself (a) what would paid Avast Cleanup do for me, (b) what does free CCleaner do for me at present, and (c) how do they match up in their performance?įirst, I ran Avast Cleanup but did not remove unwanted files reported by it because I did not have Avast Cleanup, which I shall buy only after I receive favourable opinions of Forum members. I began my search and analysis to find an answer for my question: Do I need Avast Cleanup (aka PC Optimization Tool) in addition to my existing Avast Internet Security? It might be sensible to roll-back your computer to a backup created before you installed that poisoned version of CCleaner.Īnd, if you’re in any doubt as to the scale of the potential threat, cast your mind back a few months when ransomware spread around the world after being seeded through a malicious automatic update to a popular Ukrainian accounting software, or when in late 2016 attackers hijacked Ask Toolbar updates to install suspicious code.My System configuration is 64-bit Windows 10, 圆4-based processor, 8 GB Memory, and 1 TB HDD more than 50% free space. After all, if you ran version 5.33 of CCleaner your PC may have been compromised. It’s worth pointing out that you may want to go one step further than just downloading a fixed version of CCleaner. (Of course, the lack of automatic updates for the free edition of CCleaner may actually have reduced the total number of users put at risk by the compromised version.) This message needs to especially get out to users of the free edition of CCleaner, as it does not feature automated updates and requires them to manually download updates. It goes without saying that anyone still using version 5.33 of CCleaner needs to update to the (safe) version 5.34 as soon as possible. Law enforcement agencies have also been informed of the situation, and the third-party server that was set up to receive stolen data has been taken down. It is also possible that an insider with access to either the development or build environments within the organization intentionally included the malicious code or could have had an account (or similar) compromised which allowed an attacker to include the code.”Ĭisco Talos researchers immediately informed Avast of the problem, and offending versions of the CCleaner installer containing the malicious payload are no longer available from the CCleaner download website. “…it is likely that an external attacker compromised a portion of their development or build environment and leveraged that access to insert malware into the CCleaner build that was released and hosted by the organization. What make things most concerning is that the malicious code was digitally signed using a valid digital certificate issued to the software’s developer Piriform, who were acquired by anti-virus firm Avast just two months ago.Ĭisco Talos researchers warn that the fact the binary was digitally signed using the software developer’s valid certificate is of particular concern: Researchers at Cisco Talos, who first identified the problem, discovered that the installer for CCleaner v5.33 – first delivered to users’ computers by the legitimate CCleaner download servers on Aug– was the culprit. The stolen data was then sent to a US-based server under the control of a hacker. Once in place, the malware would wait five minutes, determine if the user had admin privileges, and then steal information from PCs, such as the computer’s name, a list of installed software and Windows updates, running processes, MAC addresses of network adapters alongside additional information. As a security notification on CCleaner’s support forum explains, CCleaner v and CCleaner Cloud v were compromised.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |