How To Remove CCleaner Malware

CCleaner remains a popular device optimizer, despite being repeatedly hacked by cybercriminals. Here's what to do if you think you have CCleaner malware.
We may receive compensation from the products and services mentioned in this story, but the opinions are the author's own. Compensation may impact where offers appear. We have not included all available products or offers. Learn more about how we make money and our editorial policies.

CCleaner is a popular clean-up tool used to optimize system performance. CCleaner got infected with malware in 2017, 2019, and yet again in 2021, but if you are concerned that you may have an infection, there are steps you can take to remove a virus.

The most recent cyber attack happened when malware spread to users of the version of CCleaner for 32-bit Windows. Hackers injected malware into the app and infected computers by accessing a backdoor to download servers used by Avast, which owns CCleaner and also offers antivirus software programs.

What’s happening with this utility tool, and how can you know your devices are free of malware if you use CCleaner? Keep reading to find out and learn what you should do if your device is compromised, including info on the best antivirus program to get rid of this malware.

In this article
How do I tell if I have CCleaner malware?
How to remove CCleaner malware
CCleaner malware FAQs
Bottom line

How do I tell if I have CCleaner malware?

If you’ve noticed your device has become slow to respond, you may have an infection. You can also run your antivirus software to check for viruses or malware.

At the time of this article, the latest version of CCleaner that’s safe to use is 6.01.9825. To know if you’re running the secure version, you should check your CCleaner app.

If you have any of the versions in the following list, they’re the products infected with malware. You may not have an infection, but it’s best to remove these versions to avoid any potential malware.

  • CCleaner 5.33.6162 or CCleaner Cloud 1.07.3191 — both released in August 2017
  • The Windows 32-bit version of the 2017 release
  • CCleaner 5.52.6967 — released in January 2019

Finding out which CCleaner version you have is simple and can be done by following a few steps.

1. Open the CCleaner app on your device.

2. The version you have now will show in the upper left corner next to the CCleaner logo.

3. If you don’t have the latest safe version, you’ll need to update your app. You may also see a message letting you know an update is available.

What is CCleaner software?

With multiple malware infections discovered, you may wonder why anyone would use this product. Unfortunately, the CCleaner malware issues came after many users found great potential in the service.

The utility tool CCleaner was made by Piriform in 2004, which was later acquired by Avast in 2017. You can think of CCleaner as a cleaning tool designed to scrub files for device optimization. Years before the malware problem, CCleaner was the gold standard for computer users wanting to optimize device performance.

The popularity of CCleaner comes from its many features. Many people like the ease of use CCleaner offers and that you can use it for free.

CCleaner has a registry cleaner that goes through out-of-date or invalid files. It looks for entries that could slow down your device. Once found, it can erase the files.

You can also perform manual cleaning of junk files. The app allows you to see a list of files it deems as unnecessary. Then, you can clean out those files from the internet cache, browsing history, and temporary files folder. Once that finishes, your device should offer optimized performance.

Regarding performance, some of the most avid users of CCleaner love the Disk Analyzer function. It scans your files to see which ones take the most space. Once you know what impacts performance, you can choose how to proceed and whether you want to keep the files or remove them. Either way, the feature offers insight into how your device is performing.

If you do any web browsing, you may already know that your device captures and stores temporary files from websites. We frequently forget these files exist. They may stack up over time, blocking space on your device. A product like CCleaner will look through your temporary files and show you how much space might be wasted storing them.

You can also use the Duplicate Finder feature of CCleaner. That function will search your device for any duplicate files that you can then delete. There may be some modified versions of files that you want to save while deleting the rest to free up space.

How to remove CCleaner malware

Life happens, and there’s no shortage of malware ready to invade when given the opportunity. When that’s the case, knowing how to remove malware will help you clean your device and get it ready to use again.

If you know you’ve been the recipient of CCleaner malware, you can remove it from your device. You’ll need to uninstall the CCleaner app first, but you’ll have the option to reinstall a later version if you choose.

1. Uninstall CCleaner

This step depends on your operating system, but with Microsoft Windows 10 and later, you go to your Start menu, choose Settings (the cogwheel), and click Apps.

If you’re using a previous version of Windows, you can go to the Control Panel and click Programs. Find the CCleaner program and select Uninstall. You may need to confirm that you wish to uninstall the program.

For Mac users, you can simply search for the CCleaner app or locate it in the Applications tab of your Finder window. Then select the app and choose Move to Trash. Don’t forget to Empty Trash afterward.

2. Run an antivirus or anti-malware scan

Removing the CCleaner program may not clean your device if you’ve got malware. You should run a full scan of your antivirus software to catch any malware that could be present on your machine.

There are many antivirus programs to choose from, and some offer more customized plans with features tailored to specific needs. Here are a few that we recommend for the value they offer:

  • McAfee: This antivirus can protect every device you have in your house. It also offers on-demand malware scans so you can check your device at any time, and built-in parental controls help you keep kiddos out of trouble too.

    See McAfee Plans | Read Our McAfee Review
  • Norton: With Norton, you get the Data Protector feature that foils ransomware attacks. It also includes a password manager and offers on-demand malware scanning plus excellent real-time defense against future malware attacks.

    See Norton Antivirus Plans | Read Our Norton Review
  • Bitdefender: Bitdefender antivirus checks for existing malware and guards against new malware threats. It also offers a full range of security tools like a VPN, ransomware protection, a password manager, and parental controls.

    See Bitdefender Plans | Read Our Bitdefender Review

Learn More
On McAfee's website

3. Remove any remaining malware

The 5.3 version of CCleaner that got compromised produced two payloads of malware. The first spread installed spyware called Floxif on the computers. The spyware gathered the data of all running processes.

The second payload brought in Trojan.Nyeta, which was installed to modify the Windows Registry. That malware could send saved passwords and user keystrokes to the hacker’s server. It could also send financial data.

When removing malware, check for both of these payloads. Leaving either one would make your device vulnerable to future cyber attacks.

4. Set up malware protection

If you haven’t already done this, arm your device with malware protection. The best way to secure your online activity is to have an antivirus or anti-malware installed and ready to scan. The best malware protection locates the malicious software that compromises your device’s security, and we recommended a few of these programs in step two.

To continuously protect your device from malware, make sure your antivirus is up to date and set to automatically scan at least once a month. (Once a week is better if you can.)

CCleaner malware FAQs


What’s the name of the malware included in CCleaner?

The malware included in the 2017 and 2019 CCleaner hacks were Floxif, a type of spyware, and Trojan.Nyetya, a Trojan horse.


What versions of CCleaner were infected with malware?

Infected versions of CCleaner include:

  • 2019: Version 5.52.6967
  • 2017: Version 5.33.6162 or the CCleaner Cloud 1.07.3191


Does CCleaner still have malware?

No, at this time there are no reports of CCleaner malware for 2022. But that can always change with the creation of new cyber infections being so abundant.

It’s crucial to note that some users were looking for a “cracked” version of CCleaner. That version is a pirated copy of the premium software version. You should never obtain a pirated version of any program, as doing so puts you at risk of breaking the law.

Because a “cracked” version is a stolen copy, you put yourself at greater risk for malware since it does not come directly from the manufacturer.


Is CCleaner safe?

In general terms, yes, CCleaner is still a safe tool you can use to clean up your device.

As with any software, there are risks that come along with it. Still, when CCleaner sees these infringements, it reports the version issues and addresses concerns in the updates. You can always check the CCleaner site for updated reports. The company is fast to respond to any malware threats and consistently updates its versions for improved device performance.

Bottom line

In terms of safety, CCleaner has been around for almost two decades, and during that time, we know about three malware instances. That’s still quite a secure record for a tool that packs in so much worth.

Although CCleaner is not a perfect product, it could be worthwhile to have for performance optimization alone. If you depend on your computer for work or play, chances are you want to keep it as healthy as possible. CCleaner still provides a ton of value with its features. As a utility tool, you would be hard-pressed to find other products that offer all the combined functions of CCleaner.

The 5.33 and 5.52 versions of CCleaner that became compromised have been addressed, and there are updates to later versions. It’s safe to use CCleaner as long as you keep your antivirus software updated and run periodic full scans. If you don't have antivirus installed on your device yet, check out our guide to the best antivirus programs for recommendations.

Learn More
On McAfee's website

Author Details
Patti Croft is a freelance writer who specializes in all things technology. Her expertise includes antivirus software, online security strategies, and safety practices. She has a degree in Computer Information Systems and extensive experience working in the IT field. In her spare time, Patti is an avid reader and researcher, and loves spending time with her pets. She currently shares an office with her cat, Beau.