Fatal error occurred while trying to sysprep

If VirtualBox suddenly displays a black screen without any text or mouse cursor when you are trying to boot a guest operating system, then read on as this post will guide you in fixing such an issue. This black screen occurs when Windows 10 failed to provide a specific setting that VirtualBox requires. Consequently, you will not be able to install or use any guest operating system in VirtualBox even if your PC has virtualization support, the best thing you can do now is to fix this black screen issue. There are two ways you can fix this black screen in VirtualBox, you can either try to disable Hyber-V or disable 3D Acceleration. For more details, refer to each one of the given options below.

Option 1 – Try to disable Hyper-V

Hyper-V is a built-in virtualization tool available in Windows that helps users in creating a virtual machine as well as install a guest operating system without using any third-party tool like VMware, VirtualBox, and many more. However, the problem with this virtualization tool is that some systems cannot run it and VirtualBox simultaneously which is most likely why the screen abruptly turns into black. Thus, you have to disable Hyper-V to resolve the problem. How? Refer to these steps:

• In the Start Search, type “Turn Windows features on or off” and then click on it from the results.
• Once you’ve opened the Windows Features window, remove the checkmark from the Hyper-V box.
• Click the OK button and then restart your computer.
• Now try to use VirtualBox again and see if the problem is fixed.

Option 2 – Try to disable 3D Acceleration

The guest operating system will use the host computer’s GPU to render 3D graphics if you enable the 3D Acceleration for the virtual machine. To simply put it, it will enhance the graphics of the virtual machine and will let you use 3D graphics. Although it may seem nice, it can actually cause the black screen to appear as well so you might have to disable it to isolate the problem. In fact, a lot of operating systems have failed to use the 3D Acceleration for the guest operating system because of this black screen issue. To disable it, follow these steps:

• Open VirtualBox on your computer and select the virtual machine.
• Next, click on the Settings button and go to the Display section.
• After that, look for a checkbox named “Enable 3D Acceleration” located on your right-hand side and then uncheck it.
• Save the changes you’ve made and reboot your PC and see if you can now run the virtual machine without any problem.

As you know, each one of the applications that you use in your Windows 10 computer has its own set of permissions by default. These applications either allows or denies the interactions between a few other applications, depending on their own needs. This is why you might suddenly encounter a message that says,

“This app wants to access your pictures” or “This app wants to access your account info”

both of which are followed by two buttons that will ask you to Allow or Deny the action. You can always click on any of the given options. This will determine the permission of the application. Users in Windows 10 are given the option to either allow or deny applications in accessing their account information like name, picture and other account information. Thus, in this post, you will be guided on how you can change the Privacy settings of these apps to allow or deny them permission to access not just your account info but for all users, as well as specific apps in Windows 10. The user account information is part of the Privacy data in Windows 10 that you can control easily using the Settings app. In fact, you can revoke or grant access permission for your account information, all the users and specific applications to do that, follow each one of the instructions provided below carefully.

Allow or deny apps permission to account info for yourself:

Step_1: The first thing you have to do is open Settings. From there, select Privacy. Step_2: After that, scroll and look for Account info and select it. Step_3: Now turn off the toggle button for the “Allow apps to access your account info” option if you want to deny apps permission to your account info. But if you want to allow them access, simply turn the toggle button on. Keep in mind that when you allow access or permission, you can select which apps can access your picture, name, and other account info by simply using the settings on the page you’re currently in.

Now if you want to allow or deny apps to access your account info for all the users, here’s what you have to do:

Step_1: First, open Settings and click on the icon for Privacy. Step_2: Next, scroll down until you see the Account info located on the left side and then click on it. Step_3: After that, click on the Change button under the “Allow access to account info on this device” section. If you want to deny account info access for all other users, then turn the toggle button off. Doing so will automatically disable not just the account info access for all users but also for all the apps as well.

On the other hand, if you want to allow or deny account info access to specific apps, you can do so by following these steps:

Step_1: As you did earlier, go to Settings and click on the Privacy icon. Step_2: After that, scroll down and select Account info located on the left side. Step_3: Now turn on or off the toggle button under the “Choose which apps can access your account info” section if you want to deny or allow specific apps permission to access Account Info. If you’ve turned on the toggle button under the “Allow apps to access your account info”, all the apps get access permissions by default.

Speech Recognition is a technology used to control computers using voice commands. Through this feature, you can say commands that your computer will respond to, and aside from that, you can also dictate text to your computer which eliminates the need to type words in any word processing program or text editor. All in all, the Speech Recognition feature allows you to communicate with your computer and improves your computer’s ability to understand your own voice better as well as improve its diction accuracy. However, before you can improve its accuracy, you need to “train the feature” first. And if so far you are not satisfied with its performance, you actually have the option to disable it. So in this post, you will be guided on how you can disable the Speech Recognition feature in Windows 10 v1809.

To disable Speech Recognition on your computer, follow the steps below.

Step 1: Go to Settings > Ease of Access. Step 2: From there, go to Speech. Step 3: Now switch off the toggle button for Speech Recognition to disable this feature. On the other hand, you can also disable the Online Speech Recognition feature if you really don’t want to have anything to do with it. You have two options to do that – you can either do it using Settings or using the Registry Editor.

Disable Online Speech Recognition feature via Settings:

• Click on the Start button and select Settings.
• Next, go to the Privacy section and click on the Speech option located at the right pane.
• Then switch the toggle button off to turn off the Online Speech Recognition feature.

Note: Speech services exist on your computer and even in the cloud since Microsoft collects essential information from these services in order to enhance user experience and if you want to stop this, you have to turn off the “Getting to know you” option under the “Inking and typing Personalization” section.

Disable Online Speech Recognition feature via Registry Editor:

Before you proceed, you need to create a System Restore Point first.

• Tap the Win + R keys to open the Run dialog box.
• Then type “Regedit” in the field and hit Enter to open the Registry Editor.
• Next, navigate to the following registry path:

HKEY_CURRENT_USERSoftwareMicrosoftSpeech_OneCoreSettingsOnlineSpeechPrivacy

• After that, check the default value of the “HasAccepted” key located in the right pane. As you can see its value is set to “1” which means that the Speech Recognition feature is enabled. And so to change it, you have to set “0” as its new value to permanently disable the feature.
• Just double click on the key and change the value from “1” to “0”. Keep in mind that even if you are using a 64-bit Windows 10 computer, you still have to create a 32-bit DWORD value.
• After that, restart your computer to apply the changes made.

Blinking or Flashing Desktop After login - What does it mean?

Upon updating to Windows 10, some users might encounter a blinking or flashing desktop after logging in. This will result in a repetitive restarting of explorer or you won’t be able to make the start menu and shortcut keys work. In addition, the network icon might not appear in your taskbar as well. Other Windows 10 error messages include error code 0xc000021a.

Solution

Error Causes

Your blinking or flashing desktop after logging in might be the result of problems with the bushell.dll shell extension, which is a part of the Norton Security Suite. Another possible cause for this annoying problem is an issue with your display driver since not all systems will use the same display driver and will depend on what graphics card you use.

Further Information and Manual Repair

In fixing the bothersome blinking or flashing desktop after logging in problem, you can do a manual repair method to address the root problem. You need to be familiar with the Windows command line to successfully go through the process. However, if you are not knowledgeable or confident enough to do this on your own, it would be best to seek help from a professional. Or, you might want to consider using an automated tool to solve the issue.

You need to identify first what’s causing the blinking or flashing of your desktop after login to properly address the issue. The following methods can be done if your issue is caused by bushell.dll shell extension issue:

Method One: Forcefully Terminate Process

1. Press on Ctrl+Alt+Del then select Task manager
2. Start a Command Prompt as an administrator by choosing the File menu then Run New Task.
3. Type exe. Make sure to tick the checkbox “Create this task with administrative privileges.”

NOTE: Text input is most probably affected by the explorer restarts so you might need to repeatedly type some letters or to carefully input texts.

4. In the Command Prompt, type taskkill /f /im explorer.exe. This will stop the blinking or flashing.
5. Type cd “Program Files” afterward, type dir /s bushell.dll to locate where the dll is. (For example, purposes, use c:\program files\Norton Security Suite\Engine6422.5.2.15 as the location)
6. If the dll file is not found, you can try repeating step 5 but this time, use “Program Files (x86)” However, you can proceed with the next step if you already located where the bushell.dll is.
7. Type cd ”c:\program files\Norton Security Suite\Engine 6422.5.2.15” to change the name of the directory you found the dll in.
8. Type ren bushell.dll bushell-crash.dll
9. Restart now the system by typing shutdown /r /f /t o in the command line.

Method Two: Uninstall Programs

1. Log out then go to the sign in screen
2. Press the Shift key as you simultaneously click on the Power button on the screen.
3. Continue pressing on the Shift key as you click
4. Continue pressing on the Shift key as you wait for the Advanced Recovery Options menu to appear.
5. Once the Advance Recovery Options menu appears, click on Troubleshoot then select Advanced options.
6. Click on the Startup Settings then select
7. Boot on Safe Mode by pressing 4 on your keyboard.
8. Log in then press Windows key + X.
9. Select the Device Manager then expand Display Adapter.
10. On your Display Adapter, right-click then select
11. Exit Device Manager
12. If in case you also have an older Antivirus utility, you should uninstall it as well.
13. Restart

NOTE: You might need to download the latest Video Driver on a working computer. Save it in a thumb drive then copy and install it on your computer. If in case there is no native Windows 10 driver, you can also download the latest Windows 7 or Windows 8.1 video driver. Afterward, install it in compatibility mode.

Method Three: Use Microsoft System Configuration Utility

1. Log out then go to the sign in screen
2. Press the Shift key as you simultaneously click on the Power button on the screen.
3. Continue pressing on the Shift key as you click
4. Continue pressing on the Shift key as you wait for the Advanced Recovery Options menu to appear.
5. Once the Advance Recovery Options menu appears, click on Troubleshoot then select Advanced options.
6. Click on the Startup Settings then select
7. Boot on Safe Mode but this time, choose 5 to start in Safe Mode with networking.
8. Check if your problem is present or not in Safe Mode. If not, then you are on the right track.
9. Press on the Windows key + R then type msconfig to start up your exe file.
10. Click on the Services tab then choose Disable All. Afterward, click on
11. Once you’re prompted to reboot your computer, go ahead and reboot in Normal Mode. Check if the issue is still present.
12. If the blinking or flashing desktop after login is gone, then you can just do a process of elimination.
13. Start-up on your exe again then begin bringing up services a few at a time.
14. You can turn on all other services except for the following which causes the blinking or flashing desktop after login problem: Problem Reports and Solutions Control Panel Support •Windows Error Reporting Service.

Hal.dll Error - What is it?

Hal.dll error is a type of dynamic link library error that is common in Windows. Hal.dll is the critical file in all Windows installations and the error occurs when this file cannot be correctly loaded. Hal is the abbreviation for ‘Hardware Abstraction Layer’. Communication between Windows and different PC hardware is facilitated with this file. The error causes inconvenience and hampers your ability to use the hardware. The error message is displayed in either one of the following formats:

• "Windows could not start because the following file is missing or corrupt: C:Windowssystem32hal.dll. Please re-install a copy of the above file."
• "Cannot find WindowsSystem32hal.dll"
• "C:WindowsSystem32Hal.dll missing or corrupt: Please re-install a copy of the above file."

Solution

Error Causes

Hal.dll error occurs due to multiple reasons. These include:

• BIOS are not configured properly
• Damaged hard drive
• Hal.dll file is missing, damaged, or corrupt
• Viral Infection

Further Information and Manual Repair

To fix and resolve the Hal.dll error code on your system, you don’t always have to hire a professional technician for the job. Though Hal.dll error is critical but easy to resolve, here are some solutions that you can try to fix it right away even if you don’t have any technical expertise.

1) Restart Your PC

Sometimes this can be a temporary error, so try restarting your PC. If the error is resolved then that’s great. However, if it still persists, then try other solutions.

2) Change the Boot Order

The underlying cause for the Hal.dll error is often not properly configured BIOS; if this is the cause, simply change the boot order of the bootable devices like your hard drive. The BIOS setup utility is used to change boot order settings. This can be done by restarting your PC. Once you restart, press F2 to enter the setup. Now go to SATA operation and change RAID AHCI to RAID ATA. Save changes and then exit. By doing so, you will be able to re-configure the BIOS and resolve the error.

3) Use BOOTMGR

Another way to resolve is to update the volume boot code to use BOOTMGR. To do this, access advanced startup options, open the command prompt and type bootsect command and then press Enter. Run the command and then you’ll get the following message: C: (\?Volume{37a450c8-2331-11e0-9019-806e6f6e6963}) Successfully updated NTFS filesystem bootcode. Bootcode was successfully updated on all targeted volumes. After that close the command prompt. This is most likely to resolve the error.

4) Repair Registry With Restoro.

In case the error is still not fixed, then this means that the problem is bigger than you thought. It may be due to hard drive failure, viral infection, or sometimes because of hal.dll file corruption. In the event of these error causes, it is recommended to download Restoro. Restoro is an advanced, next-generation, and multi-functional PC repair tool embedded with numerous utilities like a registry cleaner, an antivirus, and a system optimizer. The registry cleaner utility:

• Scans for all registry issues
• Wipes out the unnecessary files saved in the hard drive like the junk files, cookies, internet history, and temporary files
• Cleans the disk
• Repairs damaged and corrupt files
• Restores the registry

The antivirus utility scans and removes all malicious software from your PC including viruses, Trojans, malware, adware, and spyware. Simultaneously, it also boosts the speed of your system. It is safe and efficient PC repair software. It has simple navigation and a user-friendly interface. Whether you are using Windows 7, 8 or Vista, it is compatible with all. It can also be used on Windows XP. Click here to download Restoro and resolve the Hal.dll error today!

What is 0x3D55? As you know, Windows 10 is loaded with various Universal Windows Platform or UWP apps such as the Microsoft News, Weather, Calculator, Windows Mail, and many other applications that are based on the modern UWP platform of Microsoft that was introduced in Windows 10. Each one of these apps has a shared piece of code in the kernel for them to be able to get executed across any device that runs the Windows 10 OS which includes laptops, PCs, 2-in-1 devices, mobile phones, mixed reality headsets, and many more. However, there are times when the runtime information for these apps ends up getting corrupted which causes them not to function as expected and throws errors like the error 0x3D55. This kind of error can be pinned down when the UWP app malfunctions and you can also find an error message in the Event Log that reads, “0x3D55: Package family <App name with ID> runtime information is corrupted”. So if you encounter this error, read on for this post will walk you through fixing it. There are three suggestions you need to check out to fix this error – first, you can try to reset the Microsoft Store cache, second, you can try to re-register or reinstall the problematic app and lastly, run the Windows Store App troubleshooter.

Option 1 – Try to reset the Microsoft Store cache

Just like browsers, Microsoft Store also caches as you view apps and games so it is most likely that the cache is no longer valid and must be removed. To do so, follow the steps below.

• Right-click on the start button and click on Command Prompt (administrator).
• Next, type in the command, “wsreset.exe” and tap Enter. Once you do, the command will clear the cache for the Windows Store app.
• Now restart your PC and afterward, try opening Microsoft Store again and then try to install your app or update your computer again.

Option 2 – Run the Microsoft Store Apps troubleshooter

The Microsoft Store Apps Troubleshooter will help you in fixing the error 0x3D55. This is a great built-in tool from Microsoft that helps users fix any app installation issues. So this is worth a try to solve the problem. This built-in tool also helps you fix the Windows 10 Store if it isn’t working. To use the Windows Store Troubleshooter, follow the steps below.

1. Tap Win + I keys again to open the Windows Settings panel.
2. Go to Update & Security and then go to Troubleshoot.
3. On your right-hand side, scroll down to find the Windows Store Apps and then click on the Run the troubleshooter option and see if it fixes the problem.

Option 3 – Try to re-register the UWP app via PowerShell

• First, type “command prompt” in the Start Search and right-click on Command Prompt and then select the “Run as administrator” option.
• Next, navigate to this location in the command line utility: C:/Users/<Insert Username>/AppData/Local/Packages
• After that, execute the “DIR” command to view the list of all the directories in the given location.
• Once the list appears, look for the ID of the problematic app and take note of it.
• Now tap the Win + X key combination or right-click on the Start button and click on the Windows PowerShell (Admin) option.
• If a User Account Control or UAC prompt appears, just click on Yes to proceed and open the Windows PowerShell window.
• Next, type in or copy-paste the following command to re-register the Microsoft Store app and tap Enter:

PowerShell -ExecutionPolicy Unrestricted -Command "& {$manifest = (Get-AppxPackage Microsoft.<YOUR APP ID HERE>).InstallLocation + 'AppxManifest.xml' ; Add-AppxPackage -DisableDevelopmentMode -Register $manifest}"

• Wait for the process to be completed and then restart your computer.

Error Code 16 - What is it?

Code 16 is a type of Device Manager error code. Windows XP users are most likely to encounter it. This error pops on XP systems that are running legacy or not plug-and-play hardware.

Error code 16 is displayed in the following format:

‘Windows cannot identify all the resources this device uses. (Code 16)’

Solution

Error Causes

Error code 16 occurs when you use a peripheral device such as an external drive or a printer and that device is not properly or completely configured. Though the device may have been recognized before Windows fails to verify its configuration. Simply put, error code 16 appears when devices are partially configured.

In addition to this, another cause of error 16 is outdated or corrupt device drivers. Devices often fail to run successfully because of driver problems.

Device drivers are programs that provide instructions to control different devices attached to the computer system such as audio devices and printers to name a few.

Though error code 16 is not fatal like other PC error codes such as BSoD; however, it may hamper your ability to use certain devices installed on your system and lower your work productivity.

To avoid inconvenience, it is advisable to resolve the error immediately to avoid inconvenience.

Further Information and Manual Repair

PC error codes are often considered technical and difficult to resolve which is why many prefer to hire a professional for the repair job rather than doing it themselves.

Small repair jobs like fixing error code 16 by a professional computer programmer may cost you hundreds of dollars.

So, why incur so much cost when you can repair it easily by yourself even if you are not a technical whiz.

Error code 16 is easy to repair.

Here are some effective DIY methods that you can use for resolving error code 16 on your PC. These methods require no technical background, knowledge or expertise for that matter. Just simply follow the instructions and resolve the error code 16 issue.

Let’s get started…

Method 1 - Setup from the Disk that Came with the Hardware Device

Run setup from the disk that came with the hardware device, or you can simply copy the setup software file to your hard drive/flash drive. Refer to the vendor’s direction to set up.

If for any reason you’re unable to find the directions, simply uninstall the device. Then go to the start menu, Control Panel, and select ‘Add New Hardware’.

Now pick the appropriate hardware and follow the steps that the Wizard suggests. This is most likely to resolve the error code.

Nonetheless, if the error code still persists, then try method 2.

Method 2 - Allocate More PC Resources

Another alternative method to resolve error code 16 is to allocate more PC resources to the device. To specify additional resources:

• Go to the start menu
• Type Device Manager
• Then go to the Device properties and click the resources
• Here specify the device in the Device Manager
• If you see a resource with a question mark, assign that resource to the device
• However, if for any reason the resource is unable to change, then simply click ‘Change Setting’.
• If Change Settings is not available, then click the box to the ‘Use Automatic Settings’ box. This will make the option available.

Method 3 - Install DriverFIX

As previously stated above, device manager error codes like error code 16 may also occur due to driver problems. If this is the underlying reason for error code 16 on your system, then the best way to resolve it is to install DriverFIX.

DriverFIX is user-friendly, advanced, and feature-filled software deployed with an intelligent programming system, which detects all problematic device drivers automatically in seconds.

It matches these drivers with their latest versions and updates them smoothly without any hassle, resolving error code 16 right away.

And furthermore, once you install this software on your PC, you don’t have to worry about driver problems anymore typically because it updates drivers on a regular basis with compatible and new versions, ensuring that your computer functions properly. It is easy to install and is compatible with all Windows versions.

Click here to download DriverFIX to repair error code 16

One of the most common ways cybercriminals use to inject suspicious code into devices is by tricking users into installing a malicious program on a targeted device. Oblivious users are vulnerable to such tricks, which is why Microsoft has been working hard in the background to address this issue. Recently, Microsoft announced the availability of a sandboxed version of Windows 10 that runs inside Windows 10 in order to isolate suspected software to run inside it and protect the system from potential threats. This Windows Sandbox feature is a new feature that keeps your computer secure. It is a virtual disposable environment that you can enable. So if suspect any software of being malicious, you can run this software in an environment and ensure that it won’t interfere with any normal processes and would not jeopardize files on your computer. To simply put it, “Windows Sandbox is a new lightweight desktop environment tailored for safely running applications in isolation”. So if the Sandbox is closed, all the residual files, software, and other data are deleted permanently. To enable Windows Sandbox, refer to the instructions provided below. Step 1: You have to make sure that you are running either Windows 10 Enterprise Editions or Windows 10 Pro and that your computer is running build 18305 or newer. Step 2: After that, you have to enable Virtualization to let another instance of Windows 10 running in Sandbox mode. Step 3: Next, search for Windows Features on and off in the search box and then select the appropriate entry. Step 4: From the list, go to the mini window and check the Windows Sandbox and then click on OK. Step 5: Afterwards, in the Cortana Search box, search for “Windows Sandbox” and select the related entry to run it in an elevated window. Step 6: Then from your main computer (host), copy the executable file and paste it inside the Windows Sandbox environment. Step 7: Now run the executable file in the Sandbox environment and use it as you normally do. Step 8: Once you’re done, close the Windows Sandbox application and as mentioned, every data regarding the executable file and the temporary environment will be deleted. Step 9: And for the sake of safety, ensure that there are no modifications made to the host because of the executions in the Sandbox environment. You have the option to contact Microsoft for feedback related to Windows Sandbox. You can use the traditional Feedback Hub if you have any suggestions or any issues. Just fill in the appropriate details and select Windows Sandbox for the feature category under the Security and Privacy section. And if you have any issues related to the execution of and within Windows Sandbox, simply choose “Recreate my problem” then select Start capture to reproduce the issue, and once you’re done, select Stop capture.

Error Code 1627 - What is it?

Error Code 1627 is a type of HP printer installation error. It usually occurs when you try to install an HP printer on your PC. The error code 1627 pop-up hampers your ability to install an HP printer successfully. This error code is usually displayed in the following format:

Installation Error: Call to Driver Package Install returned error 1627 for package C:ProgramFilersHPHP deskjet 2510 seriesDriver storePipelinehpvplog.inf

Solution

Error Causes

Like every device installed on your PC, printers also need software called drivers to function on Windows Operating System. Although Windows supports several computer devices since many drivers are already installed in Windows but there are some devices that do need additional software to get started and operate smoothly on Windows such as Hewlett-Packard HP printers. Installing a Hewlett-Packard printer driver is slightly more time-consuming and complex than any other driver. Causes for HP printer installation usually include:

• Driver issues
• Bad Registry Keys

Though this is not a fatal error, it is still advisable to fix it right away to avoid inconvenience.

Further Information and Manual Repair

To resolve this error on your PC, you don’t necessarily have to hire a professional and spend hundreds of dollars in repair. The good news is that HP Installation error code 1627 is quite easy to fix. Here are some of the best and proven DIY methods to resolve error code 1627:

Method 1 - Uninstall and then Reinstall HP Printer Driver

HP printer installation errors can occur due to driver issues.  If the driver is not installed properly or is outdated, you will never be able to install an HP printer on your PC successfully. Therefore to solve this issue, first, make sure the driver used for printer installation is up to date. If it is outdated, then update it. On the other hand, if the printer driver is up to date but not installed properly then reinstall it. In both situations, first, you must uninstall the driver. Uninstalling the previous installation will help you clean the system. Once the system is clean you can reinstall the HP drivers again. To uninstall, go to the start menu and then the control panel. Now go to the Add/Remove program option and uninstall the driver. To activate changes, reboot your PC. Now install the updated version again.

Method 2 - Clean the Registry

If the printer software installation fails while updating, then this means the removal of the failed software was not successful. It may not show up in the Control Panel program list. This means the entries of the failed software are still present in the registry of your PC. In this scenario, you need to clean the registry and remove the bad entries from there to successfully install the HP printer driver on your system. Though this can be done manually this can be both time-consuming and slightly challenging if you are not technically sound. Therefore, to remove bad entries from the registry in seconds in just a few clicks download Restoro. This is a user-friendly PC Repair Tool deployed with a powerful registry cleaner. The registry cleaner scans your entire PC, detects and removes all bad entries and files corrupting the registry right away. Once the registry is cleaned, you can try installing the printer driver again. This is most likely to resolve the issue. Click here to download Restoro.

Method 3: Locate and Install the Driver

As was pointed out, you might need to reinstall the printer driver again. Using DriverFIX, you'll be able to automatically update your computer system and install the drivers your computer needs to operate smoothly.

On September 18th, 2017, Cisco’s Talos announced that CCleaner, a popular utility with billions of worldwide users, had been compromised by hackers, and was used to unwittingly distribute hidden malware in its installer. Later in the day, Piriform, the publisher of CCleaner, confirmed the problem.

Undetected by all but 1 major antivirus including CCleaner’s own parent company, this occurred for over a month and impacted over 2.7 million users. Users of CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 for 32-bit Windows are affected. These downloads were live on CCleaner’s official site from August 15th to September 12th, 2017. Anyone who downloaded the program during this time could be affected. The company claims that while the hackers set up the backdoor and many users were impacted, that the perpetrators have been arrested and that the malware never successfully performed its full task and compromised user’s PCs or sent out their data; in the wake of recent security breaches such as Equifax, users are understandably worried. Given the severity of the threat of hacking and data theft, users should take action immediately if they have CCleaner.

Technical Details of CCleaner Malware Injection

First reported by Talos, the malware, which was hidden in the CCleaner installer without the publisher noticing (despite them being owned by Avast, a massive Anti-virus company), modified a core program DLL file to evade detection, and creates several registry keys. Not only were these files not flagged by any major Anti-Virus, but they were also even digitally signed by Piriform via their Symantec certificate, meaning your PC and security program would likely whitelist and trust the malicious installer. The malware gathers personal information on a user’s PC, including IP address and running programs, and sends it to a remote server. In our testing, the program sent data to IP 216.126.225.148.

Restore Your PC (If Possible)

As of the publication of this article, there have been no assurances given that updating or even uninstalling CCleaner will remove the malware is installed. The only action thus far has been shutting down the remote server where user data was being sent has been shut down by authorities. For this reason, it is best to remove the underlying malware separately, as its presence represents a serious security threat. Unfortunately, as this could have been installed as far back as August 15th, 2017, your System Restore points may not go back that far, or even if they do, restoring to such an outdated point may cause unintended problems with other programs you use and potentially lost files and data. Manually backing up files and doing a full format or clean Windows installation would likely be successful in fully removing the malware, but is extremely time-consuming and can be difficult for many PC users. Unfortunately, this makes a PC Restore or format an unattainable option for many.

Update CCleaner to the Latest Version

While CCleaner has told users to update to the latest version of the program. Prior to doing so, we recommend fully uninstall CCleaner, ensuring you check its program files folders and registry keys, manually deleting any remnants, and then re-downloading the latest version from the official site and reinstalling clean.