Updated on: July 19, 2024
Short on time? Here’s how to remove CCleaner malware:
- Preliminary Step. Uninstall CCleaner from your PC.
- 1. Scan Your PC. Run a full system scan with a high-quality antivirus (Norton is the best).
- 2. Remove the Malware. After the scan is complete, let the antivirus remove all instances of CCleaner-related malware.
- 3. Keep Your PC Protected. Protect yourself from further infections with a high-quality internet security package (again, Norton is the best).
CCleaner is a popular system cleanup tool for Windows computers from Avast Piriform. Unfortunately, in 2017, hackers compromised its security — they managed to infiltrate the software’s update servers and insert malicious code into the legitimate CCleaner update. This resulted in over 2 million users downloading and installing the infected version, unknowingly opening a backdoor to their systems.
The attack targeted CCleaner versions 5.33.6162 and CCleaner Cloud version 1.07.3191. Once installed, the malware, two Trojans called Trojan.Floxif and Trojan.Nyetya, attempted to collect sensitive information such as IP addresses, installed software, running processes, and network adapter details. They then communicated this data to the attackers’ command and control servers.
The response from Avast was swift — the company promptly identified and removed the compromised versions, released a clean update, and initiated an investigation to understand the breach’s scope and prevent future incidents. But with so many devices infected, it’s likely that even years after the attack there are users out there with their Windows PCs still running the infected CCleaner version.
If you’re worried that you’re one of them, you’re in the right place: this guide will show you how to remove CCleaner malware from your PC in 3 simple steps. You’ll need to uninstall CCleaner from your system and run a full system scan with a reliable antivirus program — after extensive research, I’ve found that Norton is the best choice. It offers perfect malware detection rates and a wide range of extra security features.
Preliminary Step: Uninstall CCleaner
Malicious code inserted into CCleaner in 2017 only affects 32-bit Windows PCs. If you have CCleaner installed on any other device, such as a 64-bit Windows PC, a Mac, or an Android phone, there is nothing to worry about.
If, on the other hand, you installed it on a 32-bit Windows computer, you should check which version you’re running. The compromised versions are v5.33.6162 and v1.07.3191, so if you’re running any other, again, there is no need to uninstall it.
Now, if you find that you have an infected version, you need to both uninstall it and check your computer for malware (you can re-install a newer version of CCleaner later if you wish to continue using it). Here’s how to uninstall the program on Windows 10 and 11:
- Click the Windows Start button. Though this will look different depending on whether you’re using Windows 10 or 11, the process is virtually identical.
- Begin typing “add or…”. When the Add or remove programs option appears, click it.
- Find CCleaner in the list of apps. Then, click the 3 horizontal dots.
- Click Uninstall. Once you do that, follow the on-screen instructions to complete the uninstallation process.
Now, that simply removes the CCleaner app itself. This won’t remove any malware that came with infected versions of the app. To remove any lingering malware, you’ll need to first identify it with a reliable antivirus app.
Step 1. Identify CCleaner Malware With Your Antivirus (And Don’t Make the Problem Worse!)
IMPORTANT: Don’t connect your phone, tablet, USB drive, or any other external devices or drives to an infected computer. Connecting these devices can cause malware to replicate onto them.
After installing a secure antivirus program, run a full disk scan of your computer. Even if you think you know where the infection is, a full disk scan is mandatory. This scan will identify, isolate, and remove every piece of malware, including any hidden threats like spyware, rootkits, or worms.
Remember: Always allow the full system scan to complete! Do not stop the scan when you see a piece of malware listed. There may be multiple copies or related threats within your system.
A full scan can take anywhere from a few minutes to an hour (and sometimes a bit longer). Your antivirus needs to check every file and process on your computer. When the scan finishes, all CCleaner malware will be identified and quarantined. You can now proceed to Step 2.
Step 2. Remove the CCleaner Malware Infection and Delete Any Other Infected Files
Your antivirus will offer you the option to delete all compromised files after it has identified and quarantined them. If you’re an advanced user, you’re welcome to review the quarantined files to check for any false positives before pressing the Delete button. However, most users should trust their antivirus software — if Norton or another reputable program flags something as malware, it’s likely something you don’t want on your device.
After you’ve removed the malware in the quarantine list, I recommend restarting your computer. Once your computer boots back up, perform a second full disk scan to make sure your antivirus has removed all traces of malware. Subsequent scans are usually faster — many antivirus programs, including Norton, remember previously scanned files and can analyze your disk more quickly the second time around.
Ensure you let the second scan run its full course. Once it’s complete and you’ve deleted any compromised files in your quarantine folder, you can be confident that your device is malware-free. However, there are still countless other threats that can infect your devices, compromise your online security, and spread through your Wi-Fi network.
Step 3. Keep Your Device From Getting Reinfected
To keep your computer secure and maintain its performance at all times, adopting strong cybersecurity habits is essential.
Here are some effective strategies to help you protect your device from malware:
- Keep your OS and apps up to date. Software updates often include patches for security vulnerabilities that malware can exploit. By regularly updating your operating system and applications, you ensure that these weaknesses are fixed, reducing the risk of infection. Enable automatic updates where possible to stay protected without manual intervention. This simple step can significantly enhance your system’s overall security.
- Avoid suspicious file downloads. Download files only from reputable and trusted sources. Malware often disguises itself as legitimate software, especially on unfamiliar or unverified websites. Be cautious with files received via email, especially from unknown senders, as they may contain harmful software.
- Uninstall browser extensions you don’t recognize. Some browser extensions can track your activity or even introduce malware. Regularly review and remove any extensions you don’t remember installing or no longer use. Stick to extensions from well-known developers and check user reviews before adding them to your browser. Keeping your browser lean helps minimize the risk of malicious code.
- Don’t click on ads in your browser. Some ads online are malicious and lead to unwanted downloads or phishing sites. Avoid clicking on ads, especially those that promise too-good-to-be-true deals or urgent alerts. Use a good ad blocker (like the one from Private Internet Access) to minimize exposure to potentially harmful ads. Being cautious with online ads can prevent many malware infections.
- Secure your network and Internet of Things (IoT) devices. Use strong, unique passwords for your Wi-Fi network and all connected devices. Consider changing default settings and disabling unnecessary features on your IoT devices. Regularly update the firmware of these devices to close security gaps, too. A well-secured network acts as a robust barrier against malware spreading through connected gadgets.
- Download and use trusted antivirus software. A reliable antivirus program is your first line of defense against malware. It continuously scans your system for threats and can remove malware before it causes damage. Choose software with high detection rates and additional security features like real-time protection and firewalls. Keep the antivirus updated to ensure it can counter the latest threats. I highly recommend Norton because it consistently achieves perfect malware detection rates.
Editors' Note: Private Internet Access and this site are in the same ownership group.
3 Best Antivirus Programs for Removing CCleaner Malware
Quick summary of the best antiviruses for removing CCleaner malware:
- 🥇 1. Norton — Best antivirus for getting rid of CCleaner malware, with lots of extras.
- 🥈 2. Bitdefender — Good lightweight and intuitive cloud-based antivirus scanner.
- 🥉 3. TotalAV — Great antivirus for beginners with an easy-to-use interface.
Frequently Asked Questions
How can I remove CCleaner from my computer?
To remove CCleaner from your computer, start by uninstalling it through the Windows Control Panel. Go to Apps & Features in Windows 10/11, find CCleaner in the list, click the 3 horizontal dots, and click Uninstall. Then, follow the prompts to complete the uninstallation process.
After uninstalling, it’s a good idea to check for any leftover files. Use a reputable antivirus program to run a full system scan to detect and remove any remnants of CCleaner. This ensures that your system is completely clean and free from potential risks associated with the software.
How do I get rid of the CCleaner virus?
To get rid of the CCleaner virus, first uninstall CCleaner from your system via the Control Panel’s Apps & Features in Windows 10 or 11. Next, download and install a trusted antivirus program if you don’t already have one. Then, run a full system scan to detect and remove any malware or viruses associated with CCleaner.
After the scan, follow the antivirus software’s instructions to delete or quarantine the detected threats. Reboot your computer to ensure all changes take effect. Performing a second scan after restarting can help confirm that your system is completely clean and free of CCleaner-related and all other malware.
Why do I have CCleaner on my computer?
You might have CCleaner on your computer because it was recommended for system optimization. Many users download CCleaner to help clean up temporary files, manage startup programs, and maintain overall system performance. It’s often promoted as a tool to make computers run more efficiently by freeing up disk space and managing resources.
Sometimes, CCleaner may come bundled with other software you’ve installed. If you’ve downloaded freeware or shareware from certain websites, CCleaner could have been included as an optional component. Always check the installation options carefully to avoid inadvertently installing programs you don’t want.
Is CCleaner a PUA (potentially unwanted program)?
This really depends on who you ask. For example, CCleaner is often labeled as a PUA by security programs like Microsoft Defender. This classification came about because some copies of CCleaner include bundled software or make changes to system settings that users might not want. PUAs are not inherently harmful but can perform actions considered intrusive or unnecessary.
Additionally, past issues with CCleaner, such as a malware incident in 2017, have contributed to its PUA status. While these problems have been resolved, it’s crucial to download CCleaner from the official website and carefully review the installation options to avoid unwanted components.
