Jump to content

Tom CCleaner

Admin
  • Posts

    473
  • Joined

Everything posted by Tom CCleaner

  1. Hey! Our dev team are aware of this and we're currently looking into it! We hope to have it resolved soon. Tom
  2. Hey, could you email our customer support team at support@piriform.com they should be able to help
  3. Hi, I can see that your ticket is in our support queue, an agent will reply to you shortly
  4. Hi, Can I refer you to this quote from our CTO: You can read the full article here: https://blog.avast.com/update-to-the-ccleaner-5.33.6162-security-incident Tom
  5. Hi, we released this version earlier today. It's an important update and we're advising all users to update. Tom
  6. Hi, we're advising all users to update - thanks
  7. Hi, I've suggested already to everyone that you download the latest version which we know to be clean and not use version 5.33, even if it is 64-bit. You can download the latest CCleaner here: www.piriform.com/ccleaner/download/standard Thanks.
  8. Hi again, Your anti-virus will flag this regardless of whether you're running the 32-bit or 64-bit version as it is the entire version that has been balcklisted. There are no options when you download, CCleaner runs the correct version for your PC. Tom
  9. Good morning all. Apologies for the lack of communication. I hope that you can understand that it's been an incredibly busy time for our Customer Support team and given how quickly we identified the issue and made the announcement, we didn't have time to arrange extra support. I'm going to attempt to answer a couple of the main questions that you all have. I would like to ask that if you have more questions, please read our blog post before asking as this may enable you to find the answer first You can find this here: http://www.piriform.com/news/blog/2017/9/18/security-notification-for-ccleaner-v5336162-and-ccleaner-cloud-v1073191-for-32-bit-windows-users In addition to this, I'm not able to provide any more information than what is in any of the Piriform/Avast public statements although I can clarify the points to help with confusion. The main question that people are asking seems to be "Am I affected if I'm using the 64-bit, what happens because the 32-bit is installed? What happens if I ran the 32-bit version?" The answer to this is that no matter which .exe you run, if 64-bit can be run on your machine, it will be the one that runs. Opening the 32-bit will just launch the 64-bit version so you really shouldn't worry. "Is the Pro or slim affected" Any version with the number 5.33.6162 is affected. This includes Free, Slim, Portable, Pro, Business and Technician Edition. You're also asking "Am I still infected?" Well the problem was in the CCleaner.exe. This means that if you're removed this version then you're no longer at risk. In addition, as stated previously, the remote server has been shut down which means that even if the infected application is try to communicate - it can't. That being said, we're still encouraging everyone to update to the latest version. You can download this here: www.piriform.com/ccleaner/download/standard I hope this clears things up a little. Thanks - Tom Edit to add: Please note that it is only CCleaner and CCleaner Cloud that were affected by this. Speccy, Defraggler, Recuva, CCleaner Network and CCleaner Android are unaffected.
  10. Hi Guys. Even if you're on the 5.33 version, you're no longer at risk but we are trying to get everyone updateded as soon as possible. All AV programs will likely flag CCleaner 5.33 and 5.34 now however they are safe to use. We're working on resolving this so there are no false readings. Thanks for your patience. At this time all the information I have available is on our blog post: http://www.piriform.com/news/blog/2017/9/18/security-notification-for-ccleaner-v5336162-and-ccleaner-cloud-v1073191-for-32-bit-windows-users
  11. Morning guys. Apologies tor the slow reply to this. The above post is correct - sorry for the confusion.
  12. Hi all, The only version affected is the 32-bit binary of CCleaner v5.33.6162. It was the application that was the issue, not the installer. If you’re using a 64-bit version of CCleaner, then you’re unaffected although we recommend updating to the latest version. There is also no effect to the Mac or Android versions. At this time, we won’t be releasing a detection tool as the issue was in CCleaner itself, so uninstalling or updating the software removes the risk. You can download directly for free from here: www.piriform.com/ccleaner/download/standard For those interested, the MD5 hash of the affected CCleaner.exe is: ef694b89ad7addb9a16bb6f26f1efaf7 Thanks - Tom
  13. Dear CCleaner customers, users and supporters, We would like to apologise for a security incident that we have recently found in CCleaner version 5.33.6162 and CCleaner Cloud version 1.07.3191. We recently determined that these versions of our software had been compromised. We resolved this quickly and believe no harm was done to any of our home users, but we do have evidence that this has targeted large technology and telecommunication companies in Japan, Taiwan, UK, Germany and the US. This compromise only affected customers with the 32-bit version of the v5.33.6162 of CCleaner and the v1.07.3191 of CCleaner Cloud. No other Piriform or CCleaner products were affected. We encourage all CCleaner users to download the latest version of CCleaner: here. We apologize and are taking extra measures to ensure this does not happen again. For further information, please read the official announcements linked below. Official Information CCleaner v5.33 and CCleaner Cloud v1.07 Security FAQ https://piriform.zendesk.com/hc/en-us/articles/115001699371 Piriform blog: Security Notification for CCleaner version 5.33.6162 (Monday, 18 September 2017) Security Notification for a general audience. http://www.piriform.com/news/release-announcements/2017/9/18/security-notification-for-ccleaner-v5336162-and-ccleaner-cloud-v1073191-for-32-bit-windows-users Piriform blog: Security Notification with Technical Overview (Monday, 18 September 2017) A similar announcement to the above, aimed at a technical audience and revealing technical details about the nature of compromise. http://www.piriform.com/news/blog/2017/9/18/security-notification-for-ccleaner-v5336162-and-ccleaner-cloud-v1073191-for-32-bit-windows-users Avast blog: Follow-Up Announcement by Avast CEO & CTO (Tuesday, 19 September 2017) This blogpost confirms the timeline of events surrounding the detection, investigation and announcement of the compromise; what precautions we are advising customers to take and what information we are basing this on; and what precautions we are taking to ensure this does not happen again. https://blog.avast.com/update-to-the-ccleaner-5.33.6162-security-incident Avast blog: Investigation Progress Update #1 by Avast Threat Labs team (Thursday, 21 September 2017) This blogpost reveals more information regarding the target of the attack and more technical details about how the compromise behaves. https://blog.avast.com/progress-on-ccleaner-investigation Avast blog: Investigation Progress Update #2 by Avast Threat Labs team (Thursday, 21 September 2017) This second progress update explains why only part of the command & control server logs were recovered and provides yet deeper technical understanding of the way the malicious code was put together. It also shares some clues as to the identity of the perpetrators. https://blog.avast.com/avast-threat-labs-analysis-of-ccleaner-incident Avast blog: Investigation Progress Update #3 by Avast Threat Labs team (Monday, 25 September 2017) This third progress confirms how many and which companies were specifically targeted by the attack and present a hypothesis on the origin of the perpetrator(s). The blogpost also contains a full list of IOCs (Indicators of Compromise - in this case a list of files whose existence show that a system has at one time been compromised by this attack). https://blog.avast.com/additional-information-regarding-the-recent-ccleaner-apt-security-incident Future announcements will be made on the Piriform and Avast blogs. Piriform Software blog: https://www.piriform.com/news/blog Avast Software blog: https://blog.avast.com/
  14. Sorry, I forgot to ask what version of Firefox you're currently using?
  15. Hey guys, Our devs thought they'd solved this so I'm sorry to hear that's not the case. Could you please send some screenshots showing where in Firebox they aren't displaying correctly and if possible, list some of the affected websites?
  16. Hi, welcome to the Forum If you email support@piriform.com one of our agents will be able to help you out with this request. Thanks! Tom
  17. Hey, could you email our support team about this? You can do this at support@piriform.com - thanks!
  18. Hey, welcome to the forum The development team would like to know exactly what is broken so that they can investigate further. They've also asked if you could provide us with a copy of the file before and after cleaning so that they can try to identify what has changed - would this be possible? Thanks - Tom
  19. Hey to clarify, we've fixed the issue in 5.33, so you shouldn't experience the same issue when updating from 5.33 to 5.34 during the next release
  20. Hey, this should be fixed now. Can you guys let us know if you see the same issue with 5.33?
  21. Hey Sorry for the delay in response. If you email support@piriform.com they will be able to give you any information about your licenses. If you open CCleaner and click Options > About then you can click the blue license button and see which key it is using. I'll pass your comments on about the website Tom
  22. Hey guys! Thanks for the reports of this. Our development team have been able to reproduce the issue and they're now working on a fix for this
  23. Hi JMR The devs have got back to me and it this is caused because Windows saves Edge and Internet Explorer files in the same place and we can't tell them apart. This means that when we clean something in one browser like this, it will clean it from the other browser too. Thanks.
  24. Hi JMR - Could you please tell us which websites are/aren't being cleaned so that our developers can try and recreate the issue? Thanks - Tom
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.