The malware allowed an infected system to be remotely controlled and collect data from your computer. “The compromise could cause the transmission of non-sensitive data (computer name, IP address, list of installed software, list of active software, list of network adapters) to a 3rd party computer server in the USA,” Piriform says in a statement issued on Monday. The malware affects CCleaner version 5.33.6162 and CCleaner Cloud version 1.07.3191. According to Avast, about 2.27 million people ran the affected software. Luckily, the company is taking the necessary steps to correct the situation. In a blog post this morning, Piriform exec Paul Yung writes, “we’re moving all existing CCleaner v5.33.6162 users to the latest version. Users of CCleaner Cloud version 1.07.3191 have received an automatic update. In other words, to the best of our knowledge, we were able to disarm the threat before it was able to do any harm.”
Check Your Version of CCleaner
To determine the version of CCleaner you are currently running simply launch the application and check the version number on the app’s upper-left next to the logo. The current non-compromised version at the time of this writing is 5.34.6207. If you haven’t run CCleaner in a while, you will probably get a message similar to the one shown below that alerts you to an available update.
Note that the Android version was not affected. Only the 32-bit version for Windows was compromised. If you’re running the 64-bit version, you should be fine – but it wouldn’t hurt to check for an update. I’m still a fan of CCleaner and its other products. But, AVAST needs to take a look and get things cleaned up on its systems side of things. https://www.groovypost.com/unplugged/confirmed-cnet-download-com-gains-crapware-status/ https://www.groovypost.com/howto/avoid-computer-bloatware-from-cnet-download-com-crapware/ If you have the Agomo listed, ouch! Do some research on the following in relation to CCleaner and you will see what I mean: GeeSetup_x86.dll trojanized TSMSISrv.dll, associated with the 32 bit trojanized EFACli64.dll, associated with the 64 bit There are also some other registry keys that need to be checked to see whether one has been compromised or not. Again the research will show you which keys have been affected. Comment Name * Email *
Δ Save my name and email and send me emails as new comments are made to this post.