mrdimly
Experienced Members-
Posts
17 -
Joined
-
Last visited
Reputation
0 Neutral-
5.46 Latest Version Unwanted and Problems
mrdimly replied to ArchAngle's topic in CCleaner Bug Reporting
Hi, I'm confirming 2 tasks in task sheduler, but my v5.38 slim never updated itself to v5.46, maybe as auto-update remained always unticked. Nonethless it phoned home, by-passing firewall rules (as it has to do) until I disabled the 1st of the 2 tasks (CCleaner.update) I wasn't aware of. Such a task seems to be more regular update performing than a so called emergency one I never found anywhere. Could that sheduled "call back home" task be the previous mentioned "heartbeat" ? Some advice welcome. I did never have Avast. Thanks. -
Hi, I use an older version: when not launched I don't have any ccleaner process in the Task Manager, and I unchecked monitoring and update search; ccleaner is blocked in the firewall. Ccleaner yet seems to phone home some time after boot finished, and I wonder if this is part of what you call the "heartbeat". Thanks for your response,
-
Work for me also. Where come these links from as they are ?
-
Hi, 1st link works to download slim, but not the 2nd (URL points in realty to http://www.ccleaner.com/ ) Some links above change after signing-in and permit access to slim download; very strange as access to builds never needed to create an account before; is this an information to know ? Had always non-HTTPS versions of the pages, my AV (non desabled) is from a third party on W7 x64. May be some URLs appear as fakes in my location only ???
-
Hi, Thanks for CClaner536 checksums, I'm looking for CCleaner536_slim later. As far I'm concerned, I use MD5_&_SHA_Checksums_Utility which shows MD5, SHA-1, SHA-256, SHA-512 (free version) with verifying function; it doesn't need installation and I downloaded from https://raylin.wordpress.com/downloads/md5-sha-1-checksum-utility/ (Publisher gives checksums). No competent AV flags it when downloaded on the above.
-
It seems that some HKLM Agomo leftover registry key values would be found, after install-uninstall of CCleaner533 on x64 running computers , that belong to CCleaner Cloud (since 2017-09-18) and therefore aren't deleted by the most competent AVs. Vendor's statement about this would be of great interest. Here's how a competent AV sorts these out: https://forums.malwarebytes.com/topic/210927-ccleaner-hack/
-
Hi, I'm learnig too, all things considered, that on 2017-09-18 I had a very competent AV keeping me safe with the CCeaner533 standard download, which was flagged at that time only by some AVs, among which mine, ( https://virustotal.com/en/file/36b36ee9515e0a60629d2c722b006b33e543dce1c8c2611053e0651a0bfdb2e9/analysis/1505759047/ ). Now, I'll try to get it back and updated really. For checksum's calculating at home, I found "MD5 & SHA Checksum Utility" (not verified, no need of installation SHA-1 4B70B5213249014C3785460720B81B5F9BEABEC3, SHA-256 D3D6F3597AEBA37312F61E59BA465E57B19140CC9A4517C7F9C49461F1D0A4BB), but we may need cheksums from the vendor itself for next versions of CCleaner; hope this'll be possible to stay in full confidence; what I mean is "as official checksums".
-
Hi login123, I went to the Avast blog last week after your post, but am sorry not to recognize the official CCleaner533_slim self-extracting installer checksums (MD5, SHA-1, SHA-256) among those tens of IOCs 1st stage, 2nd stage, etc.... ?! (IOC: Intelligent Orientation Control or what else ?) Simply: 1st question: get these official checksums. 2nd question: what about some AVs that flag CCleaner533 standard installer, but not CCleaner533_slim installer ? Hope you have now a clear understanding of my questions.
-
It might look differently here overseas (attachement), no 533 versions checksums. Not to mention that for example Qihoo-360 (my AV) flagged CCleaner533_standard since 2017-09-18, but not Microsoft nor many well-known AV brands ( https://virustotal.com/en/file/36b36ee9515e0a60629d2c722b006b33e543dce1c8c2611053e0651a0bfdb2e9/analysis/1505759047/ ) although nowadays Qihoo-360 doesn't yet flag CCleaner533_slim as some other well-known AV brands ( https://www.virustotal.com/fr/file/4f8f49e4fc71142036f5788219595308266f06a6a737ac942048b15d8880364a/analysis/ ) Don't ask why I'm still confused even after this huge amount of posts above.
-
Hi Stephen Piriform, Would be nice to give us MD5, SHA-1 and SHA-256 hashes for CCleaner 5.33 standard, slim, and portable versions for verifying purposes, as still having a 5.33_slim installer archived (downloaded 01 Sept 2017), although I uninstalled it successfully as it seems. I didn't find those anywhere and as many people am very curious to know about.
-
Hi Nergal, I remain confused because I can't get a relevant response after analysis of my CCleaner 5.33 self-extracting EXE upload to Virus total and it seems I could assume the Agomo registry key files, if somewhere on any computer, are there after installing CCleaner 5.33 self-extracting EXE slim without even knowing anything about CCleaner Coud or that it only exists.
-
Hi lmacri, I always downloaded and/or installed the slim version of different CCleaner versions apart from the 5.34 standard version I never installed, only saved for examination purpose; I never dowloaded and/or executed a portable version. So the files I submitted on Virus Total were the self-extracting exe files fore CCleaner 5.33 and 5.34. Some confusion comes from the analysis response of Virus Total which always says "The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem" ( https://www.virustotal.com/fr/file/4f8f49e4fc71142036f5788219595308266f06a6a737ac942048b15d8880364a/analysis/1506631637/ ). The digital key chains are different between my uploaded self-extracting 5.33 slim and their portable 5.33 Win32 EXE file. For the 5.34 version, I don't have the cc_setup534.exe, mine is self-extracting ccsetup534.exe preventing any comparison, but the problem may be the same as they say on Virus Total "The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem" ( https://www.virustotal.com/fr/file/cbc2f423d035cf315ac724e61287420013c517cf3d95dbdfa673179436184e64/analysis/ ). So analysis results on Virus Total are more confusing than informative as they never gave SHA256 hash for the submitted self-extracting exe files of CCleaner. And what about Agomo related registry keys coming with Floxif ? Isn't Agomo part of CCleaner Cloud ? Meaning that the bundle of the CCleaner 5.33 Win 32 EXE should have something to do with CCleaner Cloud ? Even more confusing ! Hope I'm wrong there !