Jump to content

malika4

Experienced Members
  • Posts

    30
  • Joined

  • Last visited

Reputation

0 Neutral
  1. the ccleaner scheduler is the automatic cleaning of the system option? (Run ccleaner on a schedule?) i haven t this option activated
  2. So a 64bit system has Clean And safe? Hasn t received The first payload You would Tell? "Unless the code ran on a 64-bit system long enough for the delayed action to be triggered, assuming the installation was not corrupt or the CCleaner64.exe binaries modified in any way, we believe a 64-bit system should not have received the second payload." It s correct that if The Agomo Keys aren t in The registry The backdoor was Not activated? And a 64bit syste without Agomo Keys i Clean And Not compromises?
  3. Is enables by default, in all My 3 pcs Is Like this And after reinstalled ccleaner Is enables by default
  4. on the piriform zendesk there is write: Who was affected? This issue was isolated to two versions: Cleaner v5.33.6162 for 32-bit Windows users and CCleaner Cloud v1.07.3191 (if you are using CCleaner Cloud, the 32-bit version runs on 64-bit machines). All builds on these version numbers were affected: Free, Professional, Slim, Portable, Business and Technician versions of CCleaner. so a 64bit windows if has the ccleaner cloud version it runs the ccleaner.exe (32bit version)
  5. Hi, I don't have any Piriform folder on HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node on my desktop, in my husband's laptop there is but Agomo there isn't and in HKEY_LOCAL_MACHINE\SOFTWARE\Piriform\ no Agomo On all my 3 pcs Windows 10 64bit I have this Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0) and is like this by default (I haven't modified this) so I think that if this task can activeted the trojan all the 64bits systems will be affected because I read that all 64bit version have the task like this but on Avast Blog there is write that The total number of unique PCs (unique MAC addresses) that communicated with the CnC server was 1,646,536
  6. Not have,sorry But My Phone has italian dictionary. I don t have any of that keys And My antivirus kis2017 And malwearbytes haven t detected Them
  7. 64bit users Installed and ran ccleaner v5.33.0.6162 before September 16th, and did use the skip User Account Control (UAC) feature But run only 64bit version? I only use 64bit version But have The Uac feature active But don t have any Agomo Keys or Webemperf 1-4
  8. No It s The dame Now, thanks
  9. https://piriform.zendesk.com/hc/en-us/articles/115001699371 here There is write The sha256 of all versions. Now is corretto But 3 hours ago are like i wrote in The 1st post
  10. Hi, I downloaded from Piriform site the 5.35 version on September 20. On Virus Total SHA-256 06b27f68366f8d25a599c3ad8b1d23f18158f4edddee3174a22d3698089a8bc3 File name CCleaner64.exe File size 9.4 MB Basic Properties MD5 e6f5ad3fd6d0f64ec88357fc481a71ab SHA-1 92fcff26e8c5f8238c2b7f1c025289c20168c9c2 On the piriform.zendesk.com there is write: CCleaner64.exe - 64-bit CCleaner executable MD5: e6f5ad3fd6d0f64ec88357fc481a71ab SHA256: 478262a5d9d72bf339bd9b17261fea42dfdf0e36e4f233bbf7d6c6e9de0b0dc8 why the sha256 are different? there is an error? becvause I see that on piriform.zendesk the cc5.35.exe and cc5.3564.exe have the same sha256: CCleaner.exe - 32-bit CCleaner executable MD5: 10f16bae4e236292a3bfa47b6f100518 SHA256: 478262a5d9d72bf339bd9b17261fea42dfdf0e36e4f233bbf7d6c6e9de0b0dc8 CCleaner64.exe - 64-bit CCleaner executable MD5: e6f5ad3fd6d0f64ec88357fc481a71ab SHA256: 478262a5d9d72bf339bd9b17261fea42dfdf0e36e4f233bbf7d6c6e9de0b0dc8
  11. when the notice of the trojan was comunicate last monday I just have installed version 5.34, my antivirus only detected the installer that I have on Document folder. I searched the keys on the registry but there weren t and not Kis2017 or Malwearebytes detected them on my system. I have windows 10 64bit and ccleaner 64bit
  12. I Read The news in The avast blog And It confirms that The Trojan create The Agomo Keys in registry so without Them The system was Not affected, right?
  13. Thanks so much hazelnut for The links And especially for The video. The video explain perfectly how The Trojan And The backdoor works in conclusion without any Agomo Keys on The registry The system wasn t compromised (right?)
  14. yes the point is the infected machine are the pc with the maliciuos key and files? they need to be restored or reinstalling windows? if in the pc there aren t those keys/files it's ok and no need to be restored reinstalling windows or there are other problems?
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.