[HACKED] A Reminder To Be Vigilant

MBAM picked it up for me yesterday. At first, I thot it was another episode of The Malware Vigilantes War. A quick Google showed me that I was wrong. It was quickly quarantined. I appreciate all that you do, Bob.

Thanks Bob for keeping us informed of all these security breeches. I hadn't heard about this one anywhere else. Just checked and it appears I'm ok.

Webroot caught this on my PC's bootup three days ago. It deleted the infected exe and allowed my 64 bit version to continue functioning.

I am more than a little disappointed that Piriform sent out no notices about the issue. I had to go hunting in their user forums to find out anything beyond news reports.

@ Deb, I've read in the Piriform forum that Malwarebytes and other similar programs are blacklisting the entire CCleaner application.

Avast Internet Security sez MyTurboPc
is malignant. ??

No need to even use CCleaner. Never used it with Windows 10, in fact, I read somewhere that it could do more harm then good. Looks like they were correct.

I read where Piriform delayed the announcement while they put the police tracking down the rouge server. Supposedly it was captured as well as the perpitrator... and THEN the announcement was made and a new version released. Credible?

So what are the chances that other popular freeware used by millions of people are also similarly affected? After learning about this hack, I'm forced to assume the worst. The best you can do is to keep anti-malware protection running on your local PC and mobile devices at all times, and stay informed. Quote from Bob Rankin.

Truer words were never spoken, Bob. I agree 100%.

My 64bit W8.1 laptop wouldn't allow CC ver.5.33 to install. Would go part way then crap out with a write error. I tried a number of times with downloads from Piriform and Filehippo but could not get it to work. With the message saying it was a write error I thought it might be a disk error but a couple of different tests found none, so I just continued using CC ver 5.32, which seems to work fine. Maybe Windows was protecting me and I didn't know it until I read this article. Thanks Bob.

According to Malwarebytes, Ccleaner was sold to Avast. Unfortunately, before the program was transferred to Avast, someone (maybe a disgruntled employee) slipped in a bit of ugly.
Ccleaner is a fantastic program as long as you don't get into the "tools" section and mess with things you don't have the knowledge for.
One nice feature is that any programs you no longer want sometimes hide their uninstall feature. Ccleaner knows them and shows the uninstall. In tools find the program and click uninstall. Other tool things can mess up your system if you are not computer literate. Be careful.
Any way it's truly a great software that I have used for many many years and will continue to do so.

I am to the point that I use two different types of 'firewalls'. I don't do automatic updates to any of the software packages installed in my systems whether they are programs or updates to the hardware the system is built around (e.g. graphics subsystem, etc.) and all executable are prevented/blocked from connecting to any outside IP numbers. In addition to the Win10Pro-64bit OS enabled firewall protection, I use WinPatrol Firewall, and Desksoft BWMeter. It takes some alignment to configure them properly since every connection must first be determined to be blocked or not. Afterall, as Mr. Rankin has stated " ...you can’t count on anyone else to protect you against malware."

@Denis - You need to re-install the CCleaner version 5.34 or higher. Anything earlier will be contaminated with the malware.

I found out about all of this, is past weekend. I got an article from The Windows Club and this breach was noted as the most recent Hack Attack.

The Windows Club or TWC only talked about the 32-bit versions. I felt like you Bob - What harm does it do to uninstall and re-install a program? Anywho - I uninstalled CCleaner and re-installed the 5.34 version per recommendation.

If, you want to use a PC or Laptop or Mobile Device - Get yourself some good protection be it Free or Paid. }:O)

Correct me if I am wrong, but Ccleaner was never meant to block malware but to rid the system of junk. I use another software to protect my computers from malware. I will continue to use Ccleaner. It performs well for me.

They found the hack, shut down the server and then went public... I can understand this... nothing like the EquiFax debacle :O
I'm not going to throw out the baby with the bathwater, I'll keep on using Ccleaner as I been using it for years.

Hi Bob,
Thank you for all your wonderful info over the years! I use CCleaner Free on all my devices. I just got a auto-update tonight for my desktop machine. I think we're good. Cheers, David

How can an average user be vigilant against compromised versions of applications that are distributed using the software company's own infrastructure?

Those with 64-bit Windows were not entirely safe from this hack. When Ccleaner installs on a 64-bit machine, it installs both 64b and 32b executables.

The 32b version isn't used, but it's there. There is also a registry key (HKLM\software\piriform\agomo) that, if present, shows you were infected at one time. Delete it if so.

Maybe a '2' on a 1-10 malware scale. I'd give Wannacry an 8, Equivfax is a solid 10.

I use to use CCleaner Free until it screwed up my Win 10 Laptop registry; or at-least that is what the laptop Mfg believed. After exhausting all possible repairs, I had to do a reinstall of windows 10! So I deleted CCleaner Free some 7-8 months ago.

I've used CCleaner for years. No reason not to; it's fast and simple. I do not use their registry cleaner just to be safe, but it helps me a lot by cleaning out junk left behind by my browsers that I sometimes get too lazy to do.

This does sound like a vindictive action. I believe Piriform didn't come out with this information right away because they were anxious to track down what happened and didn't want to let the cat out of the bag too soon. However, it wasn't as ridiculous as Equifax, which I still have some nagging questions about how that company handled things.

A 2nd Option:
The great advantage about CCleaner Portable is that it allows you to do just the same without leaving any evidence of use on the computer. In fact, you don't even need to install it. Simply run it from your USB memory stick and you'll have immediate access to all of its features. CCleaner Portable does create some necessary keys in Windows Registry, but these are deleted when the program is closed, so there'll be no trace of it left on the system.

I was quite surprised the other day when my ZoneAlarm said it found a virus in ccleaner.exe and fixed it. I thought I was in the clear since I had the 64-bit version. Sheesh.