5 hours ago, stanrames said:
<div class="ipsQuote_contents ipsClearfix" data-gramm="false">
<p>
The question was what installer did we use...and we thought you were asking about WIN7.
</p>
</div>
Yes the Win 7 installer. There are known compromised ones out there to catch the unwary.
The fact that you are seeing this strange language issue when nobody else is, and only seeing it on one machine, points to something being odd on that particular machine.
if more CCleaner users were seeing it then that would be different, but nobody except yourself is reporting it.
It's certainly not happening on my machines.
As Hazelnut says the CCleaner backdooring in 2017 was a different thing.
Yes it did oringinate in China, but they were not interested in home users, as the zdnet article that you linked tells you they were after the big tech companies. To try and steal their development secrets,
Quote
<div class="ipsQuote_contents ipsClearfix" data-gramm="false">
<p>
Hackers were looking for computers installed on the networks of several major tech companies, such as Cisco, Microsoft, Google, NEC, and others.
</p>
</div>
Which also tells you that those big tech companies were all using CCleaner, and they still do.
If CCleaner wasn't so widely used then the Chinese hackers wouldn't have bothered attacking it.
They also attacked and compromised Teamviewer, another very widely used app, in a similar way in 2016.
If you did happen to get the tainted CCleaner installer (and it's freely admitted that most users did get it, I've still got a copy of it) then all it did was check if the computer was at one of the targeted companies and was it connected to their internal network, if so it reported back to the hackers that they had found a target,
If you weren't at one of those companies then it did nothing.
Only about 40 machines at those big companies actually got a second stage hack, but nothing got stolen. (As far as anyone knows).
The point is that as it is known that Chinese state sponsored hackers are widely active then anything unusual 'chinese' that shows up on a machine has to be regarded as possibly suspicious.
Especially if it turns up on a Windows OS that is end-of-life and so no longer getting security updates, both XP and 7 are EOL.
https://www.techadvisor.com/news/windows/windows-7-2021-dangerous-3807335/