Computer optimisation software is supposed to keep your computers running smoothly. Unfortunately it turns out that one of the most popular software tools out there, CCleaner from Avast Pitform is not doing “Exactly what it says on the tin”. Last week, It was discovered that CCleaner had become infected with Malware and may effect approx 2.3 million machines.  

What does the malware Do?

The malware gathers a host of information including, your IP address, computer name, a list of installed software on your computer, a list of active software and a list of network adapters and sends it on to a third party computer server. It appears that financial information such as credit card numbers are safe.

So, who was infected?

It is believed that the infected version of the software affects about 2.3 million users. The compromise to the system is believed to have started on 03 July prior to Avast buying the company and the problematic version of the software was released on the 15th of Aug. It also appears to specifically affect users of Windows 10 32 bit systems although it has not be ascertained for certain that other version of Windows have not been effected. 

What are the corrupted versions of CCleaner?

The effected versions are CCleaner v5.33.6162 or CCleaner Cloud v1.07.3191 for 32 bit Windows machines. It doesn’t appear to affect the Android version of the software. Avast say that 730,000 users are still using the infected version of the software. They have further advised that if you have updated your software since 12 Sept, you should be OK. Cloud versions should now have automatically updated themselves and as such, should be OK.

I don't have the cloud version:what should I do?

CCleaner doesn’t update on it’s own. If you have an older version or suspect your version may be compromised, you should uninstall the current version and install the current version for the Pitform website. For the time being however, recommends uninstalling the software and waiting a couple of weeks until we can be certain that the issue has been fully resolved.