Skip to main content

Tech Update: Urgent CCleaner Update




Brandon Hall
Director of Technology

A legitimate version of CCleaner has been found to contain code that was effectively malware embedded in the installer of version 5.33 of the 32 bit version of ccleaner.  This ccleaner was distributed between August 15 and September 12 2017.  Version 5.34 is not affected.  It had a valid signed certificate from the creators of ccleaner, who was recently purchased by the security company Avast.  This was either an external attack on Avast themselves, or an insider attack given that the certificate used to sign was legitimate.

I recommend uninstalling ccleaner at this point and if you require that kind of functionality, get it from Glary Utilities going forward. If you find you have the affected version or are certain you DID install the affected version, you should reinstall your machine from a backup before that time (system restore) or take it to someone to have this done for you. Uninstalling will not remove the malware.

To see if your machine was affected, review the version within your installed version of CCleaner at the top left corner of its main page, version 5.33 and 32 bit was the only edition that was affected.

Here is an example:

If your machine was affected, call or email me and let me know or take it to a professional to have it cleaned.

Here is additional info: http://blog.talosintelligence.com/2017/09/avast-distributes-malware.html

BRANDON HALL | DIRECTOR OF TECHNOLOGY   636.695.2820   BHALL@FIRSTHEARTLAND.COM
 

Share this