Fraggled

September 23, 2017

 

and another question, if we don 't have the Agomo key in registry are we safe for the 1 payload?

if the one payload was not activated there is possibility that the second yes? or if we don't have the WbemPerf 1-4 and the GeeSetup_x86.dll TSMSISrv.dll EFACli64.dll we are safe?

Please someone reply

Is good enough a restore point or not? In my laptop I have do this in a date pre 5.33 but in my desktop

I have no restore point systems to a pre-ccsetup533.exe so in case I have to format and reinstall Windows

I, too, would like to see a reply and/or statement from Piriform with regards to the infiltration of servers and the version 5.33 security breach, the subsequent potential risks to users, and what action you believe is necessary for users to take.

However, I get the impression Piriform are laying low...

Hello Piriform, is anyone there? We would like to hear from you!

"...Warren Mercer, a technical leader at Cisco Talos, recommends wiping or reimaging all infected systems to ensure that any malware that may have been installed by the trojanized CCleaner is completely eradicated."

https://www.bankinfosecurity.com/trojanized-avast-ccleaner-attack-targeted-major-tech-firms-a-10328

https://www.bleepingcomputer.com/news/security/info-on-ccleaner-infections-lost-due-to-malware-server-running-out-of-disk-space/

https://arstechnica.com/information-technology/2017/09/ccleaner-malware-outbreak-is-much-worse-than-it-first-appeared/

http://gearsofbiz.com/avast-takes-dig-at-cisco-thanks-morphisec-for-uncovering-ccleaner-compromise/72181