Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


The Ccleaner virus?

  • Please log in to reply
2 replies to this topic

#1 Cleaningmompc


  • Members
  • 13 posts
  • Gender:Not Telling
  • Local time:07:28 AM

Posted 22 September 2017 - 10:39 AM

Hi, I'm running off of a 64bit Windows 7 home premium. 

I have bitdefender antivirus free. 

Some questions about the new exploit with Ccleaner. I unfortunately did install 5.33 around Sept 1st or so, as I always try to keep up with my updates.


However, between then and now, Bitdefender had never detected any trojans or the like since its installation on the 21st of August. However, right after the exploit was discovered, Bitdefender then notified me that the installation files were indeed infected. I had updated to 5.34 by the 12th of September and immediately uninstalled upon hearing of the infection, so any files would have been overwritten within its core and ultimately deleted upon uninstall. 


With all of the constant updates on this exploit, what is the likelihood of infection on my computer? I keep hearing that it either runs solely on 32-bit systems, or on the 32-bit installation file, which can run on 64-bit.


I have ran scans with Rkill, JRT, Adwcleaner, Rougekiller, MBAR and Bitdefender and all came up clean. (However, Roguekiller did bluescreen unexpectedly on its first scan with an errorcode linking to the appinit_dll file? The value was empty and I used microsoft's guide to disable its loading file "loadappinit_dll" by writing it to 0. I do not know if this is specifically related to possible infection or not) 


Bitdefender marked the installation files as backdoor.agent.ABXS. They were immediately disinfected and deleted.


Other than that odd blue screen and slow windows updates, nothing seems amiss. What should be done from this point?


I can provide scan logs if necessary and if further scans need to be done I can do them. I'm unsure how to access scan logs on bitdefender as I am pretty new to the specific antivirus program. 



BC AdBot (Login to Remove)


#2 zainmax


  • Banned
  • 344 posts
  • Gender:Male
  • Local time:03:28 PM

Posted 22 September 2017 - 11:32 AM

Be calm, nothing happened to you, and also nothing will not happen in future wich is related to this CCleaner story.
Commercial advertising and the fight for a place on the market should not affect nobody in any way. That is the story about CCleaner, it is commertsical advertising only, which has been lasted long time already in air. And now, when Avast has taken better positions on market, it is more actua againl.
In fact, this is all because more and more people are beginning to realize that anti-virus programs are quite useless and their position on market is going worse day after day. They can no longer cheat people so simply and they cannot so simply sell "air" for  high price.
And even more so, people have begun to realize that their work is to scare people and, at the same time, deal with espionage.

#3 quietman7


    Bleepin' Janitor

  • Global Moderator
  • 52,077 posts
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:28 AM

Posted 23 September 2017 - 05:02 PM

Security Notification for CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 for 32-bit Windows users
Short summary of the CCleaner incident

...updating CCleaner to the most recent recent versions fixes any issues, as "the only malware to remove is the one embedded in the CCleaner binary itself."..."The affected software (CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191) has been installed on 2.27M machines from its inception up until now,"..."We believe that these users are safe now as our investigation indicates we were able to disarm the threat before it was able to do any harm." "There is no indication or evidence that any additional "malware" has been delivered through the backdoor,"...

CCleaner Compromised to Distribute Malware for Almost a Month

There is an ongoing discussion in this CCleaner issue topic where you can read more information.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users