JohnDotCom Posted March 2, 2018 Share Posted March 2, 2018 What do those log files indicate, Jacee? Link to comment Share on other sites More sharing options...
JohnDotCom Posted March 2, 2018 Share Posted March 2, 2018 What do those log files indicate, Jacee? Link to comment Share on other sites More sharing options...
Juliet Posted March 3, 2018 Share Posted March 3, 2018 It removed the remnant/traces of the IObit\Advanced SystemCare folder. Link to comment Share on other sites More sharing options...
JohnDotCom Posted March 3, 2018 Share Posted March 3, 2018 So it seems that Revo removed all traces except the actual folder name (which is benign) and this Cleaner, removed the actual folder name, and confirmed that Revo did its job, at least as well as this latest cleaner. If I were designing this, I would have left the folder name as a forensic clue, as Revo did. I don't buy the explanation, that Piriform offered, that this was a sophisticated successful attack on their "company's hosted" latest revision of the cleaner. The infected update was left available on the company's web site for almost a month. Meanwhile the installed base was being driven to the company's site, to get infected by the "There is a new update available." built into the Piriform CCleaner Software. (Good reminder that anytime you select, "Keep this software updated automatically" you are skating on thin ice and trusting that this exact thing will not happen again, with any vendor, and you are opening a door into your system, and trusting the "Whatever Company's security". I note that Jacee suggested removal of the Cleaner after using it... (Good Advice) I think I will not just uninstall it, but remove all traces with Revo, and then watch for Security News on Revo. I don't like trusting even Revo, or the hosts that Revo uses to host their latest revision, so maybe we need serial forced removals, by multiple removal vendors, with the most trusted and least recently hacked removal vendor, used as the last. Link to comment Share on other sites More sharing options...
JohnDotCom Posted March 3, 2018 Share Posted March 3, 2018 (edited) I'll bet it turns out that most of these hacks are inside jobs, or the result of an insider (or former insider) that hangs and socializes with a less than reputable crowd. An insider knows where the weak points are, in any system. With that kind of knowledge, it doesn't take much sophistication, to hack in to anything, including the Pentagon. Most people thought John Podesta to be too sophisticated to be duped as he was, or to use "password" as his password, unless that is FakeNews. Edited March 4, 2018 by JohnDotCom Clarity... Link to comment Share on other sites More sharing options...
Jacee Posted March 4, 2018 Author Share Posted March 4, 2018 John, Juliet is right. "It removed the remnant/traces of the IObit\Advanced SystemCare folder." PS......... With that kind of knowledge, it doesn't take much sophistication, to hack in to anything, including the Pentagon Yep. it's been on TV, within the last couple of days. Link to comment Share on other sites More sharing options...
.png.9d4b89b15b2cd5e65edd93a0e6823dce.png)
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now