Avast reckons CCleaner malware infected 2. M users. Users of a free software tool designed to optimize system performance on Windows PCs and Android mobile devices got a nasty shock this morning when Piriform, the company which makes the CCleaner tool, revealed in a blog post that certain versions of the software had been compromised by hackers and that malicious, data harvesting software had piggybacked on its installer program. The affected versions of the software are CCleaner 5. CCleaner Cloud 1. The company is urging users to upgrade to version 5. So clearly some users may still have a compromised PC on their hands Piriform says its moving all users of the CCleaner to the latest version of the software, while noting that users of CCleaner Cloud will have been updated automatically. The malware was apparently capable of harvesting various types of data from infected machines specifically, Piriform says the computer name, IP address, list of installed software, list of active software and list of network adapters data it describes as non sensitive transmitting it to a third party computer server located in the US. We have no indications that any other data has been sent to the server, it writes. Working with US law enforcement, we caused this server to be shut down on the 1. September before any known harm was done. Probably the most popular freeware cleaner globally with over 2 billion downloads since its launch in 2003. Piriforms CCleaner is a quick and easy to use program. The program will prevent crashes, fix system errors, clear away digital trash, and optimize and protect your computer. Kerish Doctor 2017 is completely easy to use. Malware that piggybacked on CCleaner, a popular free software tool for optimizing system performance on PCs, appears to have specifically targeted high. These days, it seems like every Windows user has heard about CCleaner. Its widely recommended, online and offlinebut this week, it acted as a piggyback for malware. Our aim is to provide you with the simplest method of downloading the newest versions of the best software. Use-Ccleaner-Step-9.jpg/v4-728px-Use-Ccleaner-Step-9.jpg' alt='Program Ccleaner' title='Program Ccleaner' />It would have been an impediment to the law enforcement agencys investigation to have gone public with this before the server was disabled and we completed our initial assessment, it added. A spokeswoman for security giant Avast, which acquired the UK based company back in July, told us We believe that these users are safe now as our investigation indicates we were able to disarm the threat before it was able to do any harm. We estimate that 2. Windows machines, she further added. At the time of the acquisition, CCleaner was billed as having 1. M users, including 1. M on Android. So concerns had been raised about the very large potential number of affected devices. Although it would appear that, in this instance, the illegal payload was only successfully delivered to a small minority of users and specifically to those using 3. Windows PCs. No people running the tool on Android devices were affected, according to Avasts spokeswoman. Piriforms VP of products has gone into some technical detail regarding the hack here, writing that An unauthorized modification of the CCleaner. IP address on affected systems. He also notes the company first noticed suspicious activity on September 1. Opera Vista 32 Bit. CCleaner and the 1. CCleaner Cloud was illegally modified before it was released to the public. That means some Windows users of CCleaner could have had their machines compromised for more than a month given the affected versions of the tool were released on August 1. August 2. 4 respectively. Piriform added that it estimates these versions may have been used by up to 3 of our users which would push the pool of affected users as high as 3. M. Avasts CTO Ondrej Vlcek declined to speculate on the hackers intentions for the data being harvest by the malware saying he could not comment on account of a law enforcement investigation currently underway. Asked what additional measures its taking to guard against a similar future attack, Vlcek told us We are making sure the problem doesnt happen again by moving the entire Piriform product build environment to a more robust, secure infrastructure provided by Avast. Featured Image Bryce Durbin.