Linked by Thom Holwerda on Tue 19th Sep 2017 09:58 UTC
Privacy, Security, Encryption

Talos recently observed a case where the download servers used by software vendor to distribute a legitimate software package were leveraged to deliver malware to unsuspecting victims. For a period of time, the legitimate signed version of CCleaner 5.33 being distributed by Avast also contained a multi-stage malware payload that rode on top of the installation of CCleaner. CCleaner boasted over 2 billion total downloads by November of 2016 with a growth rate of 5 million additional users per week. Given the potential damage that could be caused by a network of infected computers even a tiny fraction of this size we decided to move quickly. On September 13, 2017 Cisco Talos immediately notified Avast of our findings so that they could initiate appropriate response activities. The following sections will discuss the specific details regarding this attack.

Don't use registry cleaners. They serve no purpose.

Thread beginning with comment 649115
To view parent comment, click here.
To read all comments associated with this story, please click here.
bassbeast
Member since:
2007-11-11

You DO know you sound like someone who sells shoes saying they are qualified to do foot surgery? Because if you are using registry cleaners to "fix muh box" you are frankly as bad an end user as those grandmas that click on everything whose PCs I have to fix!

If you were an actual educated computer end user? Then you would know 1.- Don't install crap on your PC, 2.- If for ANY reason you have to install crap on your PC you use an install trace program like Revo to make a log of every change to your system so that on uninstall ALL of the changes are reversed, and 3.- You should have multiple disk images both on and offline so if any serious issue happened you could restore your PC in under 30 minutes with a single click.

I'm sorry but registry cleaners can seriously screw a PC up, most do not understand symlinks for just one example and if you had actually been a competent end user frankly a registry cleaner would never have been needed because you wouldn't have had programs crap all over your PC in the first place, see rules 1-3.

Reply Parent Score: 3

rcaudill Member since:
2011-09-01

You DO know you sound like someone who sells shoes saying they are qualified to do foot surgery? Because if you are using registry cleaners to "fix muh box" you are frankly as bad an end user as those grandmas that click on everything whose PCs I have to fix!

If you were an actual educated computer end user? Then you would know 1.- Don't install crap on your PC, 2.- If for ANY reason you have to install crap on your PC you use an install trace program like Revo to make a log of every change to your system so that on uninstall ALL of the changes are reversed, and 3.- You should have multiple disk images both on and offline so if any serious issue happened you could restore your PC in under 30 minutes with a single click.

I'm sorry but registry cleaners can seriously screw a PC up, most do not understand symlinks for just one example and if you had actually been a competent end user frankly a registry cleaner would never have been needed because you wouldn't have had programs crap all over your PC in the first place, see rules 1-3.



First of all, Revo is a pretty good utility and I can't disagree with that. Understand that I have used Linux primarily from 2002 and on, so being adept in Windows management is something I only do when I need to (I despise Windows).

Second, I agree that registry cleaners are terrible as they pose a lot of risk. I would not suggest them to everyone, but to a trained technician they are of great benefit. I don't mind, for myself, taking that risk. But I would be much more cautious with someone else's computer.


Third, again disk images are good but when you have a deadline that you have to meet and that means installing some software that you would rather not under other circumstances, you just usually bite the bullet and deal with the consequences after.

Fourth, who said anything about crap? I install software I need at the time. I don't go to download sites and am very meticulous in what I install. That does not mean anything though. At one point I had 3 different versions of Visual Studio (yes I could have installed appropriate SDKs but that takes more time to get right), Android SDKs/NDKs,QT4.8/5.3,Netbeans 8.1, Eclipse, etc installed at the same time. Unfortunately not many products are great at removing themselves though and they leave residuals and sometimes need to be removed the more risky way. Again, you weigh the risk vs the reward.

Reply Parent Score: 2

zima Member since:
2005-07-06

What disk imaging software do you recommend?

Reply Parent Score: 2

Kochise Member since:
2006-03-03

Hiren Boot CD

Reply Parent Score: 3

bassbeast Member since:
2007-11-11

Paragon Backup & Recovery. They have a free version if all you want to do is have disk images or if you need a full suite including disk partitioning and HDD management you can buy the full suite.

The nice thing about Paragon is it can set up an encrypted backup capsule which will store disk images (you can also have offline images as well which is what I recommend and do myself) which you can just push a key combo at boot and even if your PC is so messed up it cannot boot into the OS it will let you boot into the Paragon management tool and restore the PC easy peasy.

I've been using it for years as well as recommending it to customers and it works quite well, even in the free version you can browse inside images and restore single files/folders as well as entire images, it allows incremental images to keep image sizes down, you can lock an image so you can have a "fresh install with all my programs" image for refreshing Windows and it doesn't get simpler to use than Paragon. Two thumbs way up.

Reply Parent Score: 2

zima Member since:
2005-07-06

PS. I will add to your three points a 4.- Test software in a virtual machine. ;)

Reply Parent Score: 3