Ramblings of an old Doc
Check your version!
Published on September 18, 2017 By DrJBHL In Personal Computing


"A version of CCleaner downloaded in August included remote administration tools that tried to connect to several unregistered web pages, presumably to download additional unauthorized programs, security researchers at Cisco’s Talos unit said.

Talos researcher Craig Williams said it was a sophisticated attack because it penetrated an established and trusted supplier in a manner similar to June’s “NotPetya” attack on companies that downloaded infected Ukrainian accounting software." - Cisco

"Piriform has confirmed that two programs released in August were compromised. It advised users of CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 to download new versions. A spokeswoman said that 2.27 million users had downloaded the August version of CCleaner while only 5,000 users had installed the compromised version of CCleaner Cloud.

Piriform said that Avast, its new parent company, had uncovered the attacks on Sept. 12. A new, uncompromised version of CCleaner was released the same day and a clean version of CCleaner Cloud was released on Sept. 15, it said....CCleaner does not update automatically, so each person who has installed the problematic version will need to delete it and install a fresh version, he said." Piriform

So, if you have the versions of CCleaner mentioned above on your machine, uninstall them and get the bewest version.

Thanks for the heads up, I.D.





on Sep 18, 2017

Just checked mine. I have version installed. Good thing I forgot to dl version 5.33 even though I was told it was available. Dumb luck I suppose. Thanks Doc for the heads up.

on Sep 18, 2017

Sure glad I never upgraded mine, am still using 5.00.

on Sep 18, 2017

Yes...just check your installed version number.....only the one is a bad egg...

on Sep 18, 2017

I recently did a clean install of Win 10 and went straight to version 34.  Before that I had version 32, so was lucky to have missed the 'buggy' one.

Just checked mine. I have version installed. Good thing I forgot to dl version 5.33 even though I was told it was available.

Same with me!  I was notified of the update but didn't bother as I had already decided to perform a reformat and a clean install of Windows.

As for dumb luck or prior planning, it was good to have missed version 33, right!

on Sep 18, 2017

I have the potentially hacked version installed.    

on Sep 18, 2017

Wait is the paid version free of the hack?  That's what I have.

on Sep 18, 2017

I installed an update about 5 minutes ago before I read this post.


I do not remember what my previous version was. Should I completely uninstall ccleaner and start again.


on Sep 18, 2017

Hi Aussi,

Installing version 5.34 overwrites the bad dll, so no worries, mate! 

I just finished an article about this at: https://davescomputertips.com/how-to-fix-ccleaner-botnet-infection/




on Sep 19, 2017

Thanks Richard,


on Sep 19, 2017

MalwareBytes is already flagging the 533 installer .exe as a trojan.  FWIW.

on Sep 19, 2017

It seems to be the 32-bit version , they say the 64-bit version is OK.