I am not particularly knowledgeable on such situations.
I think those who have/may have installed the version identified have many questions. A few I can think of are:
1) Will updating to the latest software version remove the infected files? I assume it will as it were those particular files that were affected. However, what about the "2nd payload" mentioned in the blog post? Was this actually downloaded or just potentially could have been downloaded if set to do so? If it is downloaded somewhere, is it in a separate location as the files affected or in the same location and will it too be removed? Clarification on this would be good.
2) The blog post mentions it is the 32-bit version of Windows that is affected. From the above post I can see that it is the 32-bit version of the CCleaner software that is affected. I assume the 64-bit version isn't affected, however like the above post mentions, their ccsetup5.33 installer has been flagged (mine too). When I read one of the original articles I updated immediately as I had the affected version number in question, however I did not notice if I had the 64-bit or 32. It now says I have the 64-bit latest release. This may sound dumb, but I guess that the updater will not update to 64-bit from 32 and assume I had 64-bit before? If anyone could confirm that would be great.
3) Is there any information on what the 2nd payload did/was supposed to do? I guess what people really want to know is are all my passwords safe? Is my bank info safe? Do I need to change everything?
4) Is there anyway to tell if we were/are infected? Can we see if our PC's contacted this IP or downloaded anything from there? Will the latest updates to scanners detect anything? (See Q5)
5) I assume that all the security packages, malware scanners etc. are now aware of the situation and can scan for anything affected? I guess I should be checking their website for updates as well, but clarification on this would be good.
I realise some of these are probably dumb questions, but there maybe people out there who are in the same boat and would like information on this matter to sort the problem or alleviate their own fears.
Thanks
