Read more:
Tom's Hardware article link (less "junky"): http://www.tomshardware.com/news/avast-unknowingly-bundled-malware-ccleaner,35477.html ---Thanks @C0RR0SIVE
Just uninstalled it from my phone, I used it as a quick way to uninstall apps and clear cache. Uninstalling from my PC as soon as I get home today!
~Amanda
Thanks Amanda! Luckily I didn't have the infected versions installed, hadn't updated it in awhile.
I used this for a very long time because I thought it was easier to just have a tool do for me what I could do in a few different built-in accessories for Windows. I'd rather do it all by hand than keep something I know might be comprimised again, especially with the threat of keyloggers and whatnot.
Wow... Good to know.
Things like this is the single reason why I've avoided the temptation to use things like password utilities (like 1password) and such. That, and cloud-based things that make apps hand-off friendly.
All nice ideas, but as we know, that road is always paved with good intentions and someone's always out there looking for an exploit.
For those that hate Forbes: http://www.tomshardware.com/news/avast-unknowingly-bundled-malware-ccleaner,35477.html
Massive kudos to ClamAV.
Thanks @C0RR0SIVE I just grabbed the link off twitter, didn't realize it had so much junk on it without adblock/ublock origin on.
Have seen some reports where the malware reports to something in the 216.126.x.x range.
Would not surprise me if it's ServerCrate, which uses 216.126.224.0 - 216.126.239.255 in my spam ID list.
Wow! I got really nervous as I have CCleaner on all three of my machines, and they all had version 5.33, as well. It wasn't until I read that it was only concerning the 32 bit versions that I felt a little relief. Still, I've made sure to have all of my AV/AM software, including Malwarebytes, up to date and have completed scans. I also downloaded and ran deep scans with both the Malicious Software Removal Tool and the Safety Scanner from Microsoft (not that they would really pick it up, anyway).
Just last month I was reading complaints and speculations on another board about CCleaner now being owned by Avast and how things may change. This doesn't bode well.
Doesn't bode well for Avast, nor Symantec, whose certificates were compromised.
Marked decrease in spam in the last 12 hours. Amazing how that works...
All of a sudden all of the open relays get shut down after a mass security panic.
You'd think they'd be doing regular checks.
National Cyber Awareness System:
Piriform, a subsidiary of Avast, has released CCleaner 5.34 and has pushed v1.07.3214 to CCleaner Cloud users. These versions do not contain the Floxif malware found in the 32-bit versions of CCleaner 5.33.6162 and CCleaner Cloud 1.07.3191. Floxif malware collects information from the victim's system and can download additional malware to the system.
US-CERT encourages users and administrators to review the Piriform Security Notification and apply the necessary update.
@MarkJFine wrote:Marked decrease in spam in the last 12 hours. Amazing how that works...
All of a sudden all of the open relays get shut down after a mass security panic.
You'd think they'd be doing regular checks.
No doubt. I was somewhat shocked at the very small amount of spam I received around the time of the announcement, but, unfortunately, it looks like it's back to normal.
In the last 28 hours I've recieved over 60 spam emails. Ugh.
My trap had been filtering about 60-70/day until the past couple of days.
Today: only 32, and mostly from Alibaba/Chinanet/China Unicom. The rest mostly from onesy-twosy zombies.
That's pretty significant.
That's what you get with FREE software!!
This is a pretty old topic now... No, this isn't what you get with some free software, there are tons of products out there that are free (and in some cases can be purchased for more features) that work amazingly well... Sometimes a bad egg hatches and the good software dies off for good, other times someone makes a bad decision then notices it backfire.
Good Stuff that has stayed decent over time:
Malware Bytes
CCleaner (Just a small hiccup...)
HiJackThis
ATTO
Skype
TeamViewer
HWMonitor
CPU-Z
3dMark
DropBox
Things that went to absolute crap!
Anything owned by Lavasoft
Anything owned by Lavalys
Photobucket
SpyBot S&D (not sure what happened to them, Malwarebytes just kicked their **bleep**)
Photobucket was a funny one... Consumer backlash was rather massive on twitter, facebook, and everywhere else that they had a Social PR presence, it got to the point that it seems Photobucket killed PR entirely and stuck to their guns going from a free offering to a $50 offering, that suddenly was only available on a $400 offering. The idiots never learned and Photobucket is nearly dead now. Ranked very highly on Alexa (Top 100), they are now at almost 3000, and falling rapidly.
@C0RR0SIVEwrote:Things that went to absolute crap!
Anything owned by Lavasoft
Anything owned by Lavalys
Photobucket
SpyBot S&D (not sure what happened to them, Malwarebytes just kicked their **bleep**)
Photobucket was a funny one... Consumer backlash was rather massive on twitter, facebook, and everywhere else that they had a Social PR presence, it got to the point that it seems Photobucket killed PR entirely and stuck to their guns going from a free offering to a $50 offering, that suddenly was only available on a $400 offering. The idiots never learned and Photobucket is nearly dead now. Ranked very highly on Alexa (Top 100), they are now at almost 3000, and falling rapidly.
I used to use Adaware and Spybot S&D years ago. At the time they were the best free programs/apps for adware and spyware. It's interesting how things change like that over time.
Photobucket: They're getting exactly what they deserve, the jerks. To throw so many people out into the cold like that, and so suddenly? SMH.
I used to use Spybot S&D. It was fantastic.