Forumi


Povratak   PC Ekspert Forum > Računala > Software > Aplikacije
Ime
Lozinka

Odgovori
 
Uređivanje
Staro 18.09.2017., 13:18   #1
Disco
Prvoklasni Krkan
Moj komp
 
Disco's Avatar
 
Datum registracije: Jan 2006
Lokacija: Rijeka
Postovi: 1,020
CCleaner 5.33 malware!

Da ne pisem previse evo linkovi:

http://www.piriform.com/news/release...-windows-users

http://blog.talosintelligence.com/20...s-malware.html

Eh sada, Priform naravno kaze da je sve kako treba, a ovi sa bloga vele da bi valjalo renistalirat/restorat OS.

Pa sta se nemoze taj vrag sa necim ocistit?
Sto sada?
Imam to cudo oduvjek na svim kompovima i sad mi je to malo prisjelo.
A jel moguce da ako imam 64bit Winse, da nisam ''pogodjen''?
__________________
Slobodno me dodajte na PSN
Disco je offline   Reply With Quote
Staro 18.09.2017., 14:29   #2
John Creasy
For Whom The Bell Tolls
Moj komp
 
John Creasy's Avatar
 
Datum registracije: Oct 2005
Lokacija: Slavonski Brod
Postovi: 1,682
vidio sam taj članak jutros.. fino piše samo 32-bit windowsi..
John Creasy je offline   Reply With Quote
Oglasni prostor
Oglas
 
Oglas
Staro 18.09.2017., 14:51   #3
Disco
Prvoklasni Krkan
Moj komp
 
Disco's Avatar
 
Datum registracije: Jan 2006
Lokacija: Rijeka
Postovi: 1,020
A meni se po svemu cini da su ih ovi sa bloga skuzili, pa su sad objavili vjest.
Poanta je da Eset/NOD32 javlja vec godinama da je ccleaner malware, i ocito je da je to neki njihov spyware.
Sve ukazuje na tako nesto, pa tako i dio da nije pocinjena nikakva steta.
Sad ce samo morat smislim neki novi spyware sa kolegama iz Avasta
__________________
Slobodno me dodajte na PSN
Disco je offline   Reply With Quote
Staro 13.03.2018., 11:32   #4
The Exiled
McG
Moj komp
 
The Exiled's Avatar
 
Datum registracije: Feb 2014
Lokacija: Varaždin
Postovi: 619
Avast Shares New Info on 2017 CCleaner Incident: Possible 3rd Stage Payload
Citiraj:
Speaking at a conference in Mexico, the company's researchers said they uncovered new evidence to suggest that the hackers who breached CCleaner's infrastructure were preparing to deploy a third malware strain on infected computers. This new strain was found on four computers of Piriform employees, Piriform being the company behind the CCleaner app, which Avast bought in July 2017. These infections went back to April 12, 2017, and Avast believes it was used to scout Piriform's network in preparation for the main hack that was to come over the summer. The name of this malware is ShadowPad —a multi-purpose and modular malware framework that comes with many plugins which provide various functionality, such as backdoor features, keylogging, and data exfiltration.

ShadowPad was first spotted by Kaspersky researchers in August 2017 on the servers of NetSarang, a South Korean software maker. According to Kaspersky, an unidentified cyber-espionage group injected ShadowPad in NetSarang's software and was using the malware as a backdoor into infected networks. Avast says it found ShadowPad log files on the four infected Piriform computers. The log files contained encrypted keystrokes, meaning attackers deployed ShadowPad's keylogger plugin. They also found ShadowPad plugins that could steal passwords from local apps, but also other tools that could download additional ShadowPad plugins.

Avast says that today, the CCleaner distribution chain is protected.
Izvor: BleepingComputer
The Exiled je online   Reply With Quote
Staro 13.03.2018., 13:00   #5
Nikky
Moderator
 
Nikky's Avatar
 
Datum registracije: Sep 2006
Lokacija: St
Postovi: 15,443
To je počelo sa novijim v5 verzijama, staviš zadnju v4 + ugasiš auto update i nema problema.
Nikky je offline   Reply With Quote
Staro 13.03.2018., 13:08   #6
The Exiled
McG
Moj komp
 
The Exiled's Avatar
 
Datum registracije: Feb 2014
Lokacija: Varaždin
Postovi: 619
Jasno, ali obzirom da im je kompletna infrastruktura bila kompromitirana, tko zna kaj sve bude proizašlo iz CCleaner havarije. Osobno ga ne koristim od Windows XP dana, a one koji traže nešto slično uputim na BleachBit, mada sve to sam Windows OS ima, ali ljudima je draže kad je sve na jednom mjestu unutar lijepo zapakirane aplikacije. IMHO, ionako previše sranja (ransomware + cryptojacking kao trenutno najpopularniji) danas kola uokolo, da bi čovjek razmišljal da li i jedan CCleaner vuče smeće sa sobom ili ne. Mada pitanje je vremena kad i ostale popularne aplikacije završe slično.
The Exiled je online   Reply With Quote
Staro 13.03.2018., 13:09   #7
Drug Brko
Retired S.T.A.L.K.E.R.
Moj komp
 
Drug Brko's Avatar
 
Datum registracije: Aug 2007
Lokacija: Chernobyl Exclusion Zone, Kiev Oblast, Ukraine
Postovi: 17,619
Jel sad to znači da je CCleaner siguran ili ne?
Ne mislim se vratiti na njega jer mi je BleachBit bomba za ta povremena čišćenja, pitam informativno.

Sent from Mobara
__________________

CPU: AMD Ryzen R5 2600 B2 Pinnacle Ridge 3400MHz @ 4200MHz (100x42 @ 1,373V) SMT enabled
CLR: THERMALRIGHT Venomous X Black w/ NOCTUA NF-F12 PWM chromax.black.swap 120mm Fan
MBO: ASUS ROG Crosshair VI Hero
RAM: G.SKILL Trident Z RGB DDR4-3200 2x8GB (16GB) @ 3466MHz -- 14-14-14-30 1T @ 1,40V
VGA: EVGA GeForce GTX 1080 FTW Gaming 8192MB
HDD: SAMSUNG 960 EVO 250GB SSD M.2 ++ SAMSUNG 860 EVO 500GB SSD SATA3 ++ WD Black 500GB WD5001AALS ++ WD Red 2000GB WD20EFRX ++ WD Red 3000GB WD30EFRX
OPT: LG GH24NS90
PSU: SEASONIC X-750 (SS-750KM3) 750W 80+Gold Modular
BOX: FRACTAL DESIGN Define R4 Black Pearl Midi Tower
LCD: LG Flatron IPS231P-BN 23" LCD @ 1920x1080
OS1: MICROSOFT Windows 10 Pro x64



CPU: INTEL Xeon X5450 E0 Harpertown 3000MHz @ 3000MHz (333x9 @ 1,200V)
CLR: INTEL FOXCONN Stock HSF
MBO: FOXCONN G31MX
RAM: BUFFALO Firestix DDR2-1066 1x1GB ++ KINGSTON ValueRAM DDR2-800 1x2GB (3GB) @ 800MHz -- 6-6-6-18 @ 1,8V
VGA: INTEL G31 OnBoard
HDD: SEAGATE Barracuda 7200.10 160GB ST3160815AS ++ SEAGATE Enterprise ES.2 500GB ST3500320NS
OPT: TSST SH-S223
PSU: FORTRON 250W w/ Active PFC
BOX: MS Apollo Midi Tower
LCD: LG Flatron IPS231P-BN 23" LCD @ 1920x1080
OS1: MICROSOFT Windows XP Professional w/ SP3
OS2: MICROSOFT Windows 7 Professional N 32bit w/ SP1
OS3: MICROSOFT Windows 8.1 Professional N 32bit
OS4: MICROSOFT Windows 10 Professional N 32bit



GSM: SAMSUNG Galaxy S7 SM-G930F Black Onyx
ROM: Android Nougat v8.0.0 BTU
MSD: SANDISK 64GB Extreme MicroSDXC Class 10 U3



Reputacija: 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36
Drug Brko je offline   Reply With Quote
Staro 13.03.2018., 13:12   #8
The Exiled
McG
Moj komp
 
The Exiled's Avatar
 
Datum registracije: Feb 2014
Lokacija: Varaždin
Postovi: 619
Po njima je siguran, ali opet oni mjesecima nisu znali da im netko fila aplikaciju s čudesima za infiltraciju svega po spisku. Format C:\ kaj se tiče CCleanera.
The Exiled je online   Reply With Quote
Staro 13.03.2018., 13:17   #9
Drug Brko
Retired S.T.A.L.K.E.R.
Moj komp
 
Drug Brko's Avatar
 
Datum registracije: Aug 2007
Lokacija: Chernobyl Exclusion Zone, Kiev Oblast, Ukraine
Postovi: 17,619
Ja sam imao one CPU 100% spikeove i nakon deinstalacije CCleanera nakon kaj si prvi puta to obznanio. Par dana kasnije išla je nova instalacija windozera i nikad više nisam te spikeove imao.

Mislim da je i Manuel došao do istog zaključka.

Sent from Mobara
__________________

CPU: AMD Ryzen R5 2600 B2 Pinnacle Ridge 3400MHz @ 4200MHz (100x42 @ 1,373V) SMT enabled
CLR: THERMALRIGHT Venomous X Black w/ NOCTUA NF-F12 PWM chromax.black.swap 120mm Fan
MBO: ASUS ROG Crosshair VI Hero
RAM: G.SKILL Trident Z RGB DDR4-3200 2x8GB (16GB) @ 3466MHz -- 14-14-14-30 1T @ 1,40V
VGA: EVGA GeForce GTX 1080 FTW Gaming 8192MB
HDD: SAMSUNG 960 EVO 250GB SSD M.2 ++ SAMSUNG 860 EVO 500GB SSD SATA3 ++ WD Black 500GB WD5001AALS ++ WD Red 2000GB WD20EFRX ++ WD Red 3000GB WD30EFRX
OPT: LG GH24NS90
PSU: SEASONIC X-750 (SS-750KM3) 750W 80+Gold Modular
BOX: FRACTAL DESIGN Define R4 Black Pearl Midi Tower
LCD: LG Flatron IPS231P-BN 23" LCD @ 1920x1080
OS1: MICROSOFT Windows 10 Pro x64



CPU: INTEL Xeon X5450 E0 Harpertown 3000MHz @ 3000MHz (333x9 @ 1,200V)
CLR: INTEL FOXCONN Stock HSF
MBO: FOXCONN G31MX
RAM: BUFFALO Firestix DDR2-1066 1x1GB ++ KINGSTON ValueRAM DDR2-800 1x2GB (3GB) @ 800MHz -- 6-6-6-18 @ 1,8V
VGA: INTEL G31 OnBoard
HDD: SEAGATE Barracuda 7200.10 160GB ST3160815AS ++ SEAGATE Enterprise ES.2 500GB ST3500320NS
OPT: TSST SH-S223
PSU: FORTRON 250W w/ Active PFC
BOX: MS Apollo Midi Tower
LCD: LG Flatron IPS231P-BN 23" LCD @ 1920x1080
OS1: MICROSOFT Windows XP Professional w/ SP3
OS2: MICROSOFT Windows 7 Professional N 32bit w/ SP1
OS3: MICROSOFT Windows 8.1 Professional N 32bit
OS4: MICROSOFT Windows 10 Professional N 32bit



GSM: SAMSUNG Galaxy S7 SM-G930F Black Onyx
ROM: Android Nougat v8.0.0 BTU
MSD: SANDISK 64GB Extreme MicroSDXC Class 10 U3



Reputacija: 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36
Drug Brko je offline   Reply With Quote
Staro 13.03.2018., 13:27   #10
The Exiled
McG
Moj komp
 
The Exiled's Avatar
 
Datum registracije: Feb 2014
Lokacija: Varaždin
Postovi: 619
Ma opće je žalosno da jedna takva (zapravo nebitna) aplikacija posluži za sigurnosni šou neviđenih razmjera.
The Exiled je online   Reply With Quote
Oglasni prostor
Oglas
 
Oglas
Staro 13.03.2018., 13:52   #11
D/G
Premium
Moj komp
 
D/G's Avatar
 
Datum registracije: Feb 2010
Lokacija: Ploče
Postovi: 548
...kod mene CC v5.32.6129 radi svakodnevno jer imam dosta podešenih stvari u opciji "Custom Files and Folders" i radi bez problema.
ps: možda provjerim tu aplikaciju koju predlažete BleachBit idućih dana..
D/G je offline   Reply With Quote
Staro 13.03.2018., 20:25   #12
dadoremix
Premium
Moj komp
 
dadoremix's Avatar
 
Datum registracije: Nov 2006
Lokacija: Cakovec
Postovi: 1,754
Svaki app danas moze biti špijunski
Dal direkt ili u stilu cc-a
A mi neznamo
Bezveze paničarite
I ms nas prati
I linux ekipa isto
dadoremix je offline   Reply With Quote
Oglasni prostor
Oglas
 
Oglas
Odgovori


Uređivanje

Pravila postanja
Vi ne možete otvarati nove teme
Vi ne možete pisati odgovore
Vi ne možete uploadati priloge
Vi ne možete uređivati svoje poruke

BB code je Uključeno
Smajlići su Uključeno
[IMG] kod je Uključeno
HTML je Isključeno

Idi na