New CCleaner scandal: forced automatic updates
2018 has been a troublesome year for users of the computer program CCleaner. The popular Windows program to delete temporary files and data to free up disk space went through a series of program updates that many users of the software opposed.
While there has been some bundling with third-party offers, e.g. Avast Free Antivirus in the past, recent updates introduced advertising popups and privacy options that free users could not really configure. It culminated in the release of CCleaner 5.45 in August that collected more Telemetry. Integration made it near impossible for users to disable the collecting and Piriform/Avast had to retract the version eventually because the issue boiled over.
CCleaner 5.46 was released at the end of August 2018 but things have not calmed down a lot since the release. A user on the official Piriform forum reported on September 6, 2018 that CCleaner had updated itself automatically ignoring the user's configuration which was set to not check for or install updates.
So what was causing this change? Well I was using an older version of CCleaner 5.35.6210, for good reasons, and despite the fact it was still showing as that yesterday when I booted it this morning what do I find? I'll tell you what: it had been updated, against my express wishes in the settings to the latest version: 5.46.whatever. Obviously that was the problem.
Piriform confirmed the forced updating of users to the new version and reasoned that it was necessary to "meet legal requirements and give users more autonomy and transparency over their privacy settings".
Bleeping Computer ran a test and confirmed that old versions of the program were updated to CCleaner 5.46 automatically even when the "automatically check for updates to CCleaner" option is unchecked during setup.
What makes the whole auto-updating even worse for users is that privacy settings are reverted to their default values during the upgrade according to Bleeping Computer.
Some users may wonder how CCleaner managed to upgrade itself even if the update checking in the program is disabled.
The makers of CCleaner added a critical update feature to CCleaner 5.36 which may override the user's update preferences. Designed to push updates to user systems that protect against critical issues or security threats, it has been used by the company to update older versions of CCleaner forcefully.
According to them, the update was made in the best interest of users as it "gives users the best possible control of their privacy settings", prevents the "loss of personal settings in Chrome" and a "broken graphics driver" issue after Windows Updates.
Forced updates or critical update features are not something that is unique to CCleaner.
What can you do about it?
CCleaner users who were affected by the forced update to the new version of the program have three options to deal with it:
- Accept it, make the necessary changes to the program and forget all about it.
- Uninstall CCleaner and use an alternative.
- Revert to an older version and block the program's critical updating functionality.
I think that option two is the best course of action. While you can block CCleaner in the Task Manager, on the hard drive, and in the firewall so that it won't auto-update the program again, you have to ask yourself if you want to keep using a program that disregards user preferences.
In other news: CCleaner updated to version 5.47 today but the update was pulled again later today "because of a user preference that would not save correctly when changed. Reports suggest that the preference was the usage sharing privacy option. Piriform had to pull two releases in two months and there seems no end in sight.
Now you: do you still use CCleaner? (via Born)
What’s the best CCleaner alternative?
Try Bleachbit and see how you like it: https://www.ghacks.net/2018/02/28/bleachbit-2-0-temporary-file-cleaner-review/
I put Winapp.ini into Bleachbit’s folder, but nothing happened. Wasn’t supposed to work with that file?
I am using the Portable 64 Bit version of CCleaner which you can get here…
I was using 5.47 with no problems put I have gone back to 5.46.
I also use Windows Firewall Control, this is all you need to stop CCleaner from updating or
Even if you uncheck the box in Privacy Settings CCleaner still wants access to the
internet as soon as you start it, but I have it blocked with WFC. So Martin you might
want to ask the people at CCleaner what it is they are doing.
For me CCleaner works just fine.
ccleaner v5.32 – last from piriform, non-bloated version
The latest safe version is 5.42.6499. Older versions contain a bug, which can lead to Chromium browser profiles being corrupted:
Via filehippo (https://filehippo.com/download_ccleaner/84541/):
IMPORTANT FIX FOR CHROME/CHROMIUM BROWSER CLEANING
Fixed a critical issue where very long float values were saved in scientific format, causing the Chrome profile to be lost.
Fixed a critical issue where systems using non-standard decimal separators caused data to be stored incorrectly, causing the Chrome profile to be lost.
Are you sure this version didn’t have forced running services and whatever?
CCleaner v5.40.6411, alternatives are garbage and this is the last release before they “changed” things.
@Matt: I ditched CCleaner for Wise Disk Cleaner and have not looked back.
@Klaas : do think twice though before too categorically ditching things : not two programmes are really identic, and one has one or more features that the other has not. Why not keep making use of them ?
At the occasion of this article, I went back to my CC version (that I had still kept despite using Care now), to check whether it had actually been affected. I rediscovered a detail that I had long forgotten : it has a nicely detailed list of cookies that you can individually set to delete or not, a feature that I did not see in other cleaners. Although I systematically refuse all cookies everywhere (except 3 or 4 whitelisted sites where they are indispensable), I noticed that some dirt like that google’s had still found its way… and had not been cleaned…
My view is that the only sensible reaction to events like this is : keep enjoying the benefits of clean versions of programmes that once were acclaimed, and systematically block all programs in a decent firewall, that don’t really need internet for their functioning. No farces with phoning home and unwanted updates, and no spoiled joy.
@stilofilos: many thanks for your kind advice. Making use of a clean version is a good approach indeed, a number of people here have indicated that that is what they do and are happy with it. I might give CCleaner another shot.
The Wise series so-called system optimization utilities are developed behind by some chinese company named åŒ—äº¬æœ—å…´è¾¾ç½‘ç»œç§‘æŠ€æœ‰é™å…¬å¸ located in Beijing. Most of their freeware I tested will either phone home and post your personal data to their servers or just push ads and malware to you. I’ll never trust them their software all are PoS.
@gg: the fact that it is a Chinese company is completely irrelevant as far as I am concerned – the likes of Google, Apple, Microsoft are not better in any way.
Phoning home can be prevented with the Firewall. What do you mean by “PoS”?
finally someone who mentions what is behind this wise-crap. when i was still using eset nod 32, i got several warning messages from the behavioral analysis module after one month of use.
and whether you can intervene via firewall or not does not change the general/potential behavior of the software and the intentions of the developer.
my single opinion : don’t use “wise” – products. a d @klaas again: your whataboutism doesn’t change the descirbed facts either.
more powerful than all other apps of this kind and 100 % clean. you just need a little time to get used to it.
Agreed. “Privazer” is way better than “Ccleaner”. I also use “Registry First Aid Agent” to clean my registry.
agreed robert ;). the registry – cleaning (what bleachbit does not offer) is much deeper than that of ccleaner and even revo – uninstaller. after the first use, i was shocked to find several 2-3 years old crapware – entries after the scan (which ccleaner never captured). but the functionality goes _far_ beyond that.
@martin, your last review (https://www.ghacks.net/2013/08/02/privazer-2-0-improves-basic-user-interface-and-clean-ups/) was 5 years ago. maybe it’s time for a new review (in the actual context). new releases take place on a regular basis: https://privazer.com/download.php#changelog . i think this project deserved to get more attention.
Bleachbit is what I’d recomend, open source so it should be relatively safe from most shady crap, the only drawback is it doesn’t do registry, though to be fair cleaning the registry is more often than not snake-oil rather than an actual useful task (99.999999% of registry clutter etc… has no definable impact on performance).
I just use an old version of it and only update the Winapp.ini
Also make sure the update boxes are unticked and delete the task from Task Manager so it won’t override your choice.
Piriform is now a company ruled by data mining and greed. Even though they’ve backed off in the past, the narcotic of excessive revenue has taken hold of them.
I remember a time when I paid for the license, just to have an automatic update functionality so that I didn’t have to go re-download and install it every time it changed.
Ah ? I verified and it seems this feature is reserved to “pro” versions
I have the version 46 and I didn’t have any unwanted update
The auto-update feature in the pro version is a little different different.
This article is about the “emergency updater” that is installed with ALL versions of CCleaner (except the portable versions). An executable called “ccupdate.exe” is installed and added to Task Scheduler (even in the free versions). This executable runs a few times a day to check for “critical updates” and is able to silently and force-ably update CCleaner regardless of whether you have the free or the pro version, or what update settings you have. Last week Piriform, in their wisdom, decided that everyone (free or pro) who is not on 5.46 need to be updated to 5.46 as it met their definition of an “emergency” update (for reasons that are debatable to be honest).
I was on the free version of 5.43 and woke up one morning last week to find that I ad been silently updated to 5.46. At first I thought it was malicious until I started reading the reports. FWIW, I had “Automatically check for updates…” turned OFF too. After the update, usage sharing was turned on (it was off before). Pretty sneaky!
“you have to ask yourself if you want to keep using a program that disregards user preferences.” I would say Microsoft has done the same shit and will again yet most of you keep using windows, lol.
@420: “yet most of you keep using windows”
Behold the power of lock-in.
LoL. Right you are sir! :)
Agree, but it’s far easier to ditch CCleaner than it is Windoze 10.
Therein lies the difference..
What the… are they actually trying to kill this product? They may just as well just discontinue this piece of software, not sure how many people are still using this, but I’ve certainly uninstalled this crap from my machines a while ago. In fact you’re better off using the default windows cleaner or bleachbit.
Whatâ€™s the best CCleaner alternative
I use v5.32.6129 which is the last version issued by Piriform before the Avast buyout. Itâ€™s also blocked from accessing the net because, as others experienced, I found out a few weeks ago that it had automatically updated itself to the latest Avast version even if the autoupdate setting was off. Thatâ€™s the best version to use with Win 7 in my experience.
Martin, what about to block CCleaner withing Windows Firewall. Nothing gets past that… Do you think it as good idea or won’t do anything?
It should but it DOES NOT WORK
Exactly! Block an application from connecting to the internet with a firewall.
Look at all exe files in your installed CCleaner folder. Here (5.40.6411 – latest non-adware non-tracking) I have 4:
CCleaner.exe (of course, 32-bit)
CCleaner64.exe (of course, 64-bit)
CCUpdate.exe (especially that one, blocked = no updates)
uninst.exe (for the sake of the slap on a talkative application)
No phoning home.
@Deo-et-Patriae it’s a good idea but I wouldn’t count on “nothing gets past the Windows Firewall”…
I agree that you shouldn’t put too much trust in the Windows firewall. In fact, I argue that you shouldn’t put too much trust in any firewall that runs on the same machine that you want to protect with a firewall. A good external, standalone firewall is always the more secure option.
I use Windows Firewall in Windows-7.
I tried to block CCleaner.exe outbound.
Well it does not work. Using Nirsoft livetcpudpwatch it shows CCleaner is calling home.
So much for Firewall reliability.
I’m using ZoneAlarm free firewall. Updates didn’t got through… if that helps.
Still sitting on version 5.35 here with no intention to update at the moment. I have ccleaner set purely as a stand-alone program. I don’t allow it to start with the computer and disabled all automatic update checking. In this capacity it never prompts me to check for updates unless I click on “check for updates” in the lower right hand corner. Have also retained a copy of 5.35 in my download files in the event it suddenly (somehow) gets updated or I want to install ccleaner on another system.
Same for me And no unwanted update beacause there is no ccupdate.exe file and cclenaer is blocked To connect thanks To Kis2018 applications settings
I’m on 5.27, and do just as Herman (except slightly older version). Just standalone, and fire up as needed (which isn’t that often to be honest).
I would like to criticize/denounces Ccleaner, it is perfectly founded and legitimate. But what Bleeping Computer demonstrates makes me chuckle: years ago that Cleaner creates scheduled tasks (for updates and for something else) with triggers and it’s not at all the latest versions, so I call it surf on the wave to make clicks or discover hot water, there is nothing really new in here.
Incidentally, I still use it and I avoided the rotten versions. But for this last version, he did not force me at all, I had to do it manually: it offered me the update and did not imposed me.
One of the selling points of CCleaner Pro is automatic Updates, so I don’t know why CCleaner Free would have automatic Updates in the first place.
Regardless, this type of Software should always be blocked in the Firewall (it doesn’t need Internet whasoever).
CCleaner, Notepad++, Media Player Classic, Keepass, etc. All Software I have blocked in Firewall, so I’m never affected by any of this (all the complains and issues CCleaner had this year alone haven’t bothered me in the slightest, I don’t even get ads).
Forced automatic updates are always a terrible anti-user practice, period. I avoid all software that does this to the greatest degree that I can, and if I absolutely must use software that engages in this sort of malware behavior, I make sure to firewall it off so that it can’t find the updates.
I find it very disturbing that so much software these days engages in this sort of thing, and/or phoning home, and/or engaging in user tracking. Over the last five or ten years, it’s become clear that so much software must be treated as malware that the only reasonable stance to take is to assume that all software is malware.
Which is a very sad commentary on where the software industry has decided to go.
To make forced auto-updates worse, it seems that they are often added to software just at the time when most of users have finally realized that the development has gone really wrong and that updates will bring more harm than good. Examples : Windows 7 updates to Windows 10, all Windows 10 updates, Firefox ESR updated to quantum, “never check for updates” setting removed from Firefox, and now CCleaner.
It looks like a reliable signal that the house is burning.
Perfectly summed up.
You are so incredibly right in that.
I used CCleaner for many years, but cancelled my paid subscription to CCleaner in August. I also deleted Speccy, because I do not trust Avast. (And they wrecked AVG!)
BleachBit has replaced CCleaner. Belarc Advisor and Core Temp have replaced Speccy.
Thank you for these suggestions of replacements for Speccy, I was looking for that, because I want to get rid of all Avast products too. I tried Belarc Advisor and Core Temp and they’re good.
Another good free alternative for “Speccy” is “HWiNFO”
“HWiNFO” is certainly wonderful!
It is very beneficial!
HWiNFO has a lot more information than I need. Unless there’s a way to slim it down to the level of what Speccy offers.
Thanks for the reminder about Belarc. I used it and recommended it to everyone, but when Windows 7 came out and I did a clean install, it got lost in the shuffle. Downloading it now!
Thank you for mentioning “Belarc”! I did not know this application.
Indeed, it is very beneficial!
@Arcionquad said, because I do not trust Avast.
It is the same opinion!
I will also recommend it! This is an open source project, it is a sincere app.
There are other recommended applications about this.
# 1. “Open Hardware Monitor.”
The Open Hardware Monitor is a free open source software that monitors temperature sensors, fan speeds, voltages, load and clock speeds of a computer.
# 2. “thilmera 7” is a high-function.
thilmera uses memory and processes. Usage rate and temperature of CPU and GPU. It is a system monitor for Windows that displays drive temperature, read / write speed, communication speed etc in real time in a compact manner.
+1 on HWiNFO. It catches most things that are not covered GPU-Z/CPU-Z.
After further thinking, Belarc Advisor and Core Temp are proprietary and contains ad links. Belarc also says that security settings are almost all insecure to scare the user to buy their services. Core Temp installer also has a box, checked by default, to install some bundled game.
I found those good libre software alternatives : Winaudit for Belarc
(doesn’t spy on users either, according to http://www.parmavex.co.uk/terms.html )
and Open Hardware Monitor for Core Temp that owl suggested.
Thank you for the suggestions (WinAudit and Open Hardware Monitor). I will check them out.
Speccy is one of the best of its kind. It’s silly to dismiss it, just because it comes from a company you don’t like. Do you have proof that it does nefarious things ?
In my experience, there’s no single hardware monitoring program doing everything right. I always found necessary to have several ones at hand, and pick among them according to the information I’m trying to retrieve. Speccy is certainly one of those which have the easiest user interface, combined with the most information available.
“Itâ€™s silly to dismiss it, just because it comes from a company you donâ€™t like. Do you have proof that it does nefarious things ?”
It’s not because we don’t like it, it’s because we don’t trust it. The code is proprietary, I don’t know if it sends my data or not, and I don’t want to be anxious at every update or what Avast could have added inside. There are so many respectable alternatives that didn’t screw their users, why take the risk ?
@Clairvaux said, Speccy is one of the best of its kind. Itâ€™s silly to dismiss it, just because it comes from a company you donâ€™t like.
Well, so much, do not get frustrated.
Face, figure and fingerprint are unique, and the same one does not exist.
Values and Preference also.
Then, absolute and does not have any thing of the ultimate.
All things constantly change, evolve and degenerate, eventually reaching the end.
The truth of the universe is “Everything is in a state of flux”.
Something that fits sensibilities,
Those that meet the purpose,
Good things of Usability,
Energy-saving ones, etc,
Depending on that point of view, the choices are different.
By the way, the “choices” I place importance on are:
Secondly, support capability: complete FAQ, clarification of Contact, appropriate and appropriate response.
Third, legitimate degree of real function.
Â· Open source project applications will be given priority.
I prefer open source projects because I can confirm their “legitimacy”.
Â· After that, carefully inspected the “official” site,
FAQ, support system, the public of the developer information, Â· After that, carefully inspected the “official” site,
FAQ, support system, the public of the developer information, storage of the Release Notes, archive of the Release Notes,
As a prerequisite.
Also, I will use the developer’s email support (a few questions) and also check its “responsiveness and appropriateness”.
If they are satisfactory, “trial” and make implementation decisions.
Â· The birth place (China, Russia, Korea, etc.) is also a caution point.
Thanks to these suggestions, I found many unknown apps.
I feel that these postings are meaningful and I am very grateful.
When I go to the CCleaner site I still appear to download the ccsetup546 version and not version 5.47.
MajorGeeks.com had a CCleaner 5.47.6701 – SLIM downloadable from its own servers, but removed since as far as I can tell. I have it but it’s not installed (sticking to 5.40.6411).
If anyone’s interested I’ve saved it at https://mon-partage.fr/f/y0u7Myqt/
At your own risk : I haven’t installed it but the file is *exactly* as i’ve downloaded it yesterday from MajorGeeks. If they’ve removed it it may be for a good reason.
Tom, where do you find 5.40.6411?
@St_Vitus_Dance, at least here : https://filehippo.com/download_ccleaner/history/
But the list doesn’t include ‘Slim’ versions, only stadard.
I think this doesn’t happen to portable versions. Can’t see how this would be possible. I’ll test 5.46 as soon as 5.47+ gets (re)relelased. Right now versions 4.19; 5.32; 5.43, all portable, do not perform any updates on ther own.
This doesn’t happen to portable versions, cause they don’t even include the ccupdater.exe.
“CCleaner users who were affected by the forced update to the new version of the program have three options to deal with it:”
There is a fourth option : use a portable version.
I’m still on version 4.17.4808
Best version ever of ccleaner before it’s own crap…
I like C-Cleaner because of its sensible user interface. Some of its extra tools are better than alternatives in that respect (meaning : apart from the main cleaning feature and the registry cleaner, whose use is debatable). I have always used the portable version. Does that mean I’m immune from such shenanigans ?
And another question : people keep saying it’s stupid to “clean” the registry, because it does not bring any performance benefit anyway. When I do it, it’s not for performance. I do it for stability and compatibility. Cannot leftovers in the registry create conflicts with other software ? And if not, why do people keep recommending uninstalling programs such as Revo, which main benefit is to undo registry changes that regular uninstall routines often miss ?
Why is it that it’s highly recommended to deep-uninstall an anti-virus, possibly with its own specific, separate uninstaller, before installing another one ? Of course, the difference with Revo, and similar uninstallers, is they clean the registry in a targeted way, just undoing changes that have been logged at install, when they offer that feature. While registry cleaners such as C-Cleaner go on a blind rampage (possibly dangerous if it’s agressive enough, possibly inefficient if it stays on the safe side, as C-Cleaner is supposed to do).
It so happens that I have just uninstalled Avast antivirus free, because I was fed up with its sluggishness, and devious marketing nags (you have x GB of junk — do you want to get rid of it ? — oh, we forgot to tell : you need to pay — “junk” is your Windows-made backup).
I replaced it with Microsoft Security Essentials (Windows 7 here). Which duly proceeded to act as malware, by silently undoing my Never Check for Updates setting in Windows, then downloading 40 Windows updates behind my back, while I thought it was just dowloading virus definitions. By the time I switched off the PC, it was too late. MSE had set it to Always Download and Install, so I got the Please Wait While we Mess with your Computer, Installing the 40 Updates you Were so Adamant Protecting Yourself From.
It seems that trying to avoid the heavy-handed manners of C-Cleaner’s parent company will only make you fall victim of Microsoft’s. There’s no escaping Big Brother anymore.
Big Brother will do what they need to to win in their eyes. I think you’re on the right track kicking Avast to the curb and MSE has worked well for me for years. It’s just a damn shame MS has to always be playing their games.
It’s a lot more sinister than just “playing games” for sales. Microsoft, Goolag, Apple, AT&T, Facebook, Twitter, etc., these are all no less than an extension of the “Five Eyes” espionage network. They claim to be benevolent, claim to be “protecting” us. Their actions show they work for the elite, not the people. $$$
You’re absolutely right! And I really appreciate the mention of “Five Eyes” because everyone needs to be aware of what it means and not just here in the “Wild West”.
@Clairvaux: “Why is it that itâ€™s highly recommended to deep-uninstall an anti-virus, possibly with its own specific, separate uninstaller, before installing another one ?”
Because antivirus programs are deeply intrusive and, by their very nature, must engage in practices that in any other program are considered to be terrible. This fact is why antivirus programs tend to break things and have more compatibility issues than other sorts of programs. They cannot really play well with others.
Having two antivirus programs installed at the same time means that you have two different programs engaging in unsupported activities and the odds of them interfering with each other becomes rather high. Even if they don’t interfere directly with each other, having two of them does seriously increase the chances of system destabilization and/or compatibility issues.
It is never a good idea to run multiple antivirus programs simultaneously.
@ohn Fenderson, of course running more than one anti-virus is a bad idea but from what I’ve understood of Clairvaux’s comment one can wonder why it is advised to uninstall thoroughly an anti-virus when deep-uninstalling other software is never mentioned. I understand that an anti-virus because of its very integration in the OS requires a particular care but after all that care is supposed to be handled by the anti-virus’ uninstaller. I think there’s a point in using Registry cleaners (caution, use the right ones) for uninstalled software leftovers, those in the Registry.
I use ‘Glarysoft Registry Repair’, ‘Wise registry Cleaner’ and CCleaner’s Registry module. As Clairvaux my aim is not to speed-up the OS but general stability and, occasionally (I’ve experienced it, though seldom) a true repair of an obvious Registry intruder, like when uninstalling crapware which leaves crap in the Registry.
@Tom Hawack: “care is supposed to be handled by the anti-virusâ€™ uninstaller”
Ah, thank you, I understand the question better now. All I can provide is my own personal experience from when I worked for a major antivirus company…
In the course of my job, I often had to install/uninstall antivirus programs from a variety of vendors. I don’t think I found a single one that provided an uninstall program that was actually good at uninstalling. They all (including the one produced by my employer at the time) left varying degrees of crud behind (usually in the form of abandoned registry entries).
Although companies should put in the effort required to make their uninstallers work correctly (no excuses!) the reality of antivirus software makes uninstallation a highly nontrivial exercise, so uninstallers very often missed things either by accident or because doing it correctly would have involved more developer time than the budget allows.
I wouldn’t actually trust that the factory uninstallers do a complete job.
@ John Fenderson
I completely agree on anti-virus, but let me rephrase my question this way :
I believe it’s a good thing to undo registry changes when uninstalling all software (and any other changes they made for that matter), using a program such as Revo Uninstaller, and ideally using the logging feature in order to achieve this. I think it’s safe when done properly. I believe not doing it may lead to stability and compatibility problems. In fact, that’s what I always do. Even, in some cases, logging the “installation” of allegedly portable programs, which sometimes do write things here and there.
After long years of regularly using the “dumb” registry-cleaning feature of C-Cleaner (and not suffering any obvious problem because of it), I’ve been convinced that it’s either useless, or, possibly, in some rare but existing cases, dangerous. Therefore, I’ve stopped doing it, and I dropped any interest for registry cleaners, apart from uninstallers.
I have even taken to search manually, in some cases, for the odd leftover folders, files and registry keys, after using Revo, through Everything and regedit.
@Clairvaux wrote, “After long years of regularly using the â€œdumbâ€ registry-cleaning feature of C-Cleaner”. A categorical statement. Not dumb in my experience but rather not as complete as other registry cleaners which remain all pertinent even when a software has been removed by a dedicated application such as Revo or ‘Geek Uninstaller’ when in some situations leftovers remain nevertheless. If all has been cleaned properly then a Reg Cleaner will prove it, otherwise it’ll finish the job.
“I replaced it with Microsoft Security Essentials (Windows 7 here).”
Last time I looked, MSE didn’t have heuristic detection which made it not very credible as an antivirus, I don’t know if this has changed since then.
“Thereâ€™s no escaping Big Brother anymore.”
There’s also Avira free antivirus but you need to disable the “Cloud protection” that’s on by default or it will send data to Avira about your files.
Heuristics are enabled for ‘real-time protection’ in MSE but it’s probably not the best.
I’ve used MSE since the release of Windows 7 and will be the first to admit that MSE never has been nor will it ever be considered one of the best in AV tests and I’m okay with that. I wouldn’t recommend it unless I knew that the user had a good browser configuration and was using a properly setup content blocker.
Actually, over the years I’ve cleaned over a dozen computers that used AV from Avast, AVG, McAfee, Norton and others that were a mess. They all had 300-1000+ malware objects ( I wish I had screenshots but I couldn’t do that :) ), a couple had trojans, some root kits, and rogue extensions in Chrome is a given. Maybe it’s better now, I haven’t had to clean anything in a year or so.
I’ve always liked installing MSE especially on older less capable hardware because it is much less resource intensive than any of the others. I then check the firewall, router, reconfigure their browsers, install content blocking, install one of my hosts files that is not overly aggressive. And I never hear from them again… about their computer acting up! ;)
@Richard Allen, if MSE suits your needs then fine. My objection, which is rather a wondering, is how can anyone still use a Microsoft product? We all know who the Internet giants are and if some appear to be unavoidable then I’d consider them from as far as possible and certainly not as close as delegating my computer’s security would be. This said I don’t use a whatever anti-virus, Total security and other fantasies. I’ve been told and often read that professionals consider the a quality firewall as the first guarantor of a system’s security. Of course protection has to be deployed differently but, well done, may defend a system without the risks of Kernel-deep anti-visus’ intrusions.
I use MSE because it is simple and light on resources. “Simple” and light on resources is great for most everyone I know. Most people do not want to have to think about AV and they certainly don’t want anything intrusive. MSE fits the bill. I don’t really care what anyone uses, if they have something else they paid for it can be setup to meet their needs. Probably. Maybe.
I’ve never been a fan of the all-inclusive-total-security-monstrosity most AV companies are pushing. To be honest, MSE could quit working today and I would just leave it. I don’t care about AV products, for myself. I really only care about browser configuration, content blocker setup and a couple security privacy extensions that offer me more protection than any AV Security Suite. I haven’t seen a single malware object in over 10 years and it had Nothing to do with what AV product I was using.
Uninstalling Avira Antivirus Free made my PC feel decidedly snappier (again : 4 GB RAM).
Of course, immediately before or after, I mistakenly installed 40-odd Microsoft up- or down- grades that I had been blocking for maybe one year (some bits were actually from 2012), so it might have been a stroke of benevolence from Redmond, cleaning up some lethargy that had creeped up in my computer through my refusal of Windows nannying.
Although Microsoft’s “upgrades” did manage to break my Office 2003 : Word and Excel files stopped opening when clicked upon (despite the file associations still being correct). Using the Repair feature from within Office solved the problem (through some sort of repair-install). Some things were done right at Microsoft in 2003, since they’re able to repair blunders made 15 years down the road.
I was encouraged to switch to Microsoft Security Essentials, which I had used before, because one of the major anti-virus testing organisations found it significantly surged in malware-detection efficiency in the beginning of 2018, and has stayed there for the time being. Apparently, the days where MSE was a joke are behind us.
@Anonymous said, MSE didnâ€™t have heuristic detection which made it not very credible as an antivirus
The existing anti-virus and security solutions is a “virus scanner”, it does not monitor the network traffic.
Â· The virus scanner detects Virus and Malware. The confirmed “virus program file” is registered in the database and filtered as “definition file”. PUP is “illegal is excluded” if arbitrariness is collateral (it can refuse bundle).
Â· Filtering in definition file can deal with known threats, but is powerless to those of the unknown (new species). For that reason, heuristic detection etc … are also devised, but in any case, countermeasures are insufficient with virus scanners.
Â· Virus countermeasures are attracting attention, but new threats such as Ransomware, DNS hijacking, and malware redirects are becoming serious.
For countermeasures, it is effective to monitor encrypted communication (TLS), digital signature (authentication), and Internet traffic.
You should use the Browser the latest measures have been. (Firefox, Brave, Vivaldi)
Use of “Windows Firewall Control” etc. is also effective.
By Reason Core Security, it is also effective to strengthen the “prevention and protection function”.
It is security software designed to supplement, not replacing existing antivirus and security products. The main function is to “block the threat before infecting the system or executing the code”. This program functions in the same way as conventional anti-virus products, and adds another protective layer. free version, you will not be able to perform a virus scan and remove.
SpywearBlaster: This application has no virus / malware scanner function. Therefore, detection and deletion are not possible. Merely a specialization in “Prevention and protection function”, spyware, adware, dialers, and other malware will function to prevent from entering the system.
For your information : About System Resources (resident taskï¼šRAM)
ãƒ»Malwarebytes freeï¼š57MBÂ± (Serviceï¼š33Â±, Tray Applicationï¼š24Â±)
ãƒ»Reason Core Security freeï¼š62MBÂ± (Securityï¼š1Â±, Serviceï¼š2Â±, Engine Serviceï¼š59Â±)
ãƒ»Windows Firewall Controlï¼š68MBÂ±ï¼ˆ35Â±ã€Servicesï¼š33Â±ï¼‰
I tried App Check, and uninstalled it almost immediately. While the exploit protection part seems indeed nice, the cleaner feature showed its weaknesses immediately : it quarantined dozens of files, which were perfectly legitimate, and came from a (German) program I had just installed. Admittedly, that particular program had a somewhat quirky way to install itself. (Name is Edit : check it. It merges word-processing and spreadsheet for mass-mailing. Free for personal use.)
The quarantine occured without any warning, nor any way to opt out of it. Most of the false positives could not be restored, and there are other ways the cleaner features did not work as advertised. I had to uninstall and reinstall the program which triggered the false positives. I can’t let an anti-malware interdict parts of my setting without me being in control.
Correction : mailing program is Edi, not Edit.
The quarantine occured without any warning, nor any way to opt out of it. Most of the false positives could not be restored, and there are other ways the cleaner features did not work as advertised.
That was unexpected. I am “individual user (free version)” from 02/06/2018. In the meantime, no troubles are experienced. Certainly, I experienced quarantine of several programs, but it has not been deleted, it has been invalidated and isolationed.
#1 Isolation location: Tools (T)> Quarantine
There are programs that have been “quarantined” in there. If you want to “restore”, right-click on that item and select it.
#2 The method of white list,
option (P)> user-specified exclusion Files.
Because I am using the Japanese version, “notation” may differ from the English version. Please appropriately interpreted.
There is work in the daytime on weekdays, there is a time difference with Japan, so there is difficulty in that response. Please understand.
I may have been unlucky, and I may have over-reacted. But the behaviour of that cleaner is not conducive to trust. Right-click + Restore did nothing on most items. Except on two registry keys that were also quarantined. Having registry keys flagged as malware, then having to restore them blind, is unnerving.
A security program should not quarantine anything without asking. There should be settings to allow the user to choose what needs to be done with alleged malware.
I reinstalled the Edi program, parts of whom were flagged as malware by App Check, and subsequent scans with MSE and Malwarebytes found nothing. Needless to say, I never install anything before running it by Virus Total, and Edi is 100 % clean according to Virus Total.
Manually go through your registry and delete (be sure you know what you’re deleting!) all the left over avast and piriform entries if you want avast to truly be gone. There are many of them, revo pro even won’t get rid of all of them, the avast uninstaller leaves a lot behind so reinstallation is easier. I’ve never used avast on my current machine and there were a few avast entries in the registry. From declined bundleware? Provided by win 10? IDK.
Try webroot. I replaced bitdefender, which is supposed to be very fast with it and there’s no comparison, webroot is unnoticeable. Stick to just an AV, internet suites I’ve tried are severely bloated with redundant features.
Avast is showing its real face, again. I will get rid off their Antivirus, too. They have a strange way trying to convince people that they are an anti malware company. It actually looks quite like the opposite.
I actually like CCleaner, mostly because I’ve included and excluded custom files and folders. Haven’t experienced any unwanted updates and still using v5.40.6411. I’ve also had the CCleaner items in the Task Scheduler disabled forever, if that made any difference.
Whoops, I just realized, after looking that I had removed the updater from the CCleaner program folder back… whenever. :)
For me, CCleaner is not really that great of program, so if the program is doing what a few users claim [or what many user claim] updating itself, resetting privacy features, etc., then the rational choice is to stop using the program and find an alternative. There are literally a dozen good programs mentioned on Ghacks or other sites. I like WiseCare 365 Pro which is often given away on many German sites and some US sites. Glary Pro is good as well. Puran Utilities is quite good.
Add a firewall rule to block outgoing connections by CCleaner.
Use a utility like Patch My PC to update your programs.
CCleaner has proven themselves to be untrustworthy.
There is no good reason to continue using it. There are alternatives.
I had used CCleaner for years with no issues but I will drop them like a hot potato for this kind of shenanigans.
BleachBit works just fine.
Reverting to an older version is the very worst thing you can do. This should not even be mentioned as an option.
Older versions are “older” because bugs and updates have been applied.
If you run older software you could very well cause more harm than good … especially with the registry cleaner.
Of course, it is your choice. Be prepared with a solid backup if you decide to stick with that older version.
“Reverting to an older version is the very worst thing you can do.”
Not as a general rule. All depends of course of what constitutes a new version; in the case of CCleaner there have been ups and downs but the downs were sufficiently severe to consider an older version as a better choice.
I think the rule when it comes to updates is to have none and to consider only what a new version is made of. Is it more efficient, does it cover a wider array to deploy itself, or does it bring very little or nothing good but considers as enhancements a developed arsenal of tracking features? In the latter case I’d consider progress is behind.
I usually don’t like forced automatic updates, however CCleaner should be maintained up to date as soon as possible because Windows 10, Firefox and Chrome sometimes have new features and some things are not cleaned properly. Also some bugs are fixed and this contribute Cleaner to work better with more accuracy and stability. The problem is when privacy is in risk like in the past with CC 4.57, most ridiculous stepforward ever. By the way, Microsoft also has ‘forced’ updates, and imho the MS attitude towards users is more disturbing than minor programs self updating choices.
@John G., CCleaner’s updates have always been detailed by the developer as including enhanced cleaning features but the truth is most efforts once the company sold to Avast focused on what could possibly be done with CCleaner to make it a brilliant tracking tool, and since then, if you llok closely at the cleaning filters, very little has been added to their quality. Before Avast, yes, there was a genuine effort towards a fine tuning of cleaning filters, but not since, or really imperceptible.
Truth is what we all know, a brilliant application at one time which has become literally handicapped by the requirements of Avast. from there on some decide to uninstall all Piriform applications, some others to remove CCleaner only, and the remaining as myself to keep running a clean version of CCleaner.
Remove Ccleaner. Install Wise Care 365 or Bleachbit.
Seriously, I wonder why anyone would still want to use Ccleaner.
This is why I uninstalled it. If you block recent versions with a firewall, it shuts down after a few minutes with “Sorry, critical error occurred…” or similar. Maybe those versions would run offline, not sure, don’t care. Adios, Piriform, you distribute malware now.
CC is great for disabling those kiddie apps windows installs and the junk that browsers come with, super easy interface. However, I’ve never understood the huge list of cookies on computer it displays even if browsers are set to delete cookies at shutdown. They show up nowhere else.
I guess from what’s been posted here and elsewhere 5.32 is the last clean version. I downloaded a portable 5.32 and may use it. Otherwise, I’ve learned how to do all the stuff these cleaners do, but man, what a royal pain!
Tech companies continue to take advantage of customers’ ignorance of software and hide their actions in nonsense explanations.
“However, Iâ€™ve never understood the huge list of cookies on computer it displays even if browsers are set to delete cookies at shutdown. They show up nowhere else.”
Firefox for instance has hidden cookies that the user cannot clear at all from the browser, they live in a special cookie jar. One of their uses is to allow Google to identify and track you when you update your safebrowsing database every 30 minutes. Seriously disgusting. That’s one of the reasons cleaning software can be useful.
Where are they? Never been able to find them and they never display on any similar utility. I’d imagine edge, which is really part of the OS does the same, maybe not?
Chrome chases you with drones…. :)
“Chrome chases you with dronesâ€¦. :)”
Chrome is not the Google product that does it.
“Google was working with the United States Department of Defense on drone software called “Project Maven” that could be used to improve the accuracy of drone strikes.”
Those “cookies” are in fact HSTS supercookies all in one file, SecurityServiceState.txt, in the user’s profile. Delete the file and supercookies vanish, CCleaner won’t add them to its cookies analysis, but they’ll be created again depending on the sites visited, unless …
How to prevent HSTS tracking in Firefox : https://www.ghacks.net/2015/10/16/how-to-prevent-hsts-tracking-in-firefox/
“Those â€œcookiesâ€ are in fact HSTS supercookies all in one file”
Not only. The hidden Google safebrowsing tracking cookies I’m talking about, that one can’t remove from inside Firefox, are traditional cookies :
Maybe they are in cookies.sqlite like other cookies, I didn’t test. You can use this to explore all those data treasure chests .sqlite files in your Firefox profile :
It’s also very possible that Mozilla uses its own hidden tracking cookies for its own services, and who knows who else, once the Pandora’s box is opened there’s no stopping the party.
I tossed it a while back. I’m not certain what it’s good for if we accept that the registry does not benefit from ‘cleaning.” Their claim that browser caches and logs are garbage and shouldn’t exist is just insulting.
Avast’s claim in their endless AV pop-ups, that unused registry entries and so-called junk files are slowing my computer, which buying the pro version will of course fix, does not inspire confidence. I installed their free AV because independent reviewers praised its performance highly but they do not seem a terribly ethical company overall.
Trust proprietary software?
This is what you get, over and over and over again. You get fucked.
It’s 2018 and open source is everywhere.
LEARN FROM YOUR MISTAKE AND MOVE ON.
I stopped using CCleaner last year after it forced Chrome into my system when I -clearly opted- out. I had screenshots, contacted them, no joy.
Avast forced updates on me too.
I had -all- updates disabled and it kept updating.
I used Avast for over a decade.
It turned into crapware that choked my system and turned creepy by following me around the web and then showing pop-ups realted to the pages that I was on.
Find an alternative to Avast.
If you are on W10, best alternative to Avast could be Windows Defender, and monthly scan with Malwarebytes and Spybot Search & Destroy. No single problem for me since near four years.
Try webroot, it’s almost invisible. Otherwise using the built in stuff with malwarebytes occasionally is a good option. Defender is slow, though. Good idea to earn to use windows firewall, it’s not difficult but cryptic at first. Most of what you’d do is in Advanced Settings. Many AV suites just modify the windows firewall anyway but provide a better interface.
Used free avast for years, got a rootkit, then tried kaspersky>slow. Then Bitdefender, was great for a few years but occasionally destroyed itself and there’s no way to delete the blocked sites list, faster than Kaspersky. On to Avira, a 32 bit AV, really slow. Now webroot, best so far.
Webroot has no free option, though. 30 $ / year is the starting point, for a single device.
>Whatâ€™s the best CCleaner alternative?< What kind of question is that? Is this meant rhetorically or really realistically?
IMHO there is only one, because logical, answer: The so-called proprietary ecosystem under and behind MS-Windows prevents it from using a really useful alternative to CCleaner & Co. now and in the future. One that is conceived in the interest of the user and the protection of his data and thus does justice to his personal rights as an individual, as a responsible citizen. The unintentional and intentional weaknesses and backdoors of this operating system are the exorbitant cause. The only realistic consequence would be to generally use only open source software. That is, starting with the basis of digital data processing, Windows is replaced by Linux, e.g. by Debian, LinuxMint, ubuntu, openSUSE or Mandriva. By the way, these 5 OS examples are professionally developed and maintained operating systems, which are additionally supported by a worldwide community. opensource just! Data garbage, manipulations and reorganization of the OS, to name just a few aspects, are absolutely not an issue in Linux because they do not exist or are structurally impossible. Viruses, malware, ransomware etc. pp. therefore have almost no chance in Linux! Tens of thousands of important user programs can of course also be used under Linux as usual under Win. Yes, there are more every day, also by an emulator for linuxoide OS called "Wine" (winehq.org). ERGO – a so-called dual-boot installation is absolutely logical and recommended for Windows users. Dualboot means that a second OS, e.g. LinuxMint or ubuntu , is installed on the PC in addition to the Win-OS that have been used so far. This is no witchcraft these days. The OS LM/U & Co. can easily access and use the Win data. Win can do the opposite with additional software. As the old Archimedes said: Try makes wise! The Linux community is very big, so it is more than realistic that you know a Linux nerd. Ask him or her if you need help. Most of the Linux community are nice, helpful people. A (then) relaxed time and have fun!
Translated with http://www.DeepL.com/Translator
Microsoft and Google running the Linux Foundation, the recent Linus Torvalds debacle, the recent Google/NSA kernel hack, no real office or email alternative, no gaming (no doubt Steam will include some sort of telemetry after Proton).
Don’t know who said it first, but the grass is always greener on the other side of the fence.
Well, it’s not quite what you say.
For me, the grass is green on both sides of the fence, because as an IT system technician I am in charge of Win and Linux distributions. So I know the strengths and weaknesses of this OS. Yes and the Linux Foundation is not run by MS and Google, no, they are members among 500 others worldwide. The LF also has the status quo of charity. More about it here: https://en.wikipedia.org/wiki/Linux_Foundation and https://de.wikipedia.org/wiki/Linux_Foundation
One should have a software firewall that blocks all programs connections that aren’t explicitly allowed. It helps a lot and cuts out a lot of these programs phone home functionality.
FWIW, Just tested CCleaner version 5.46.6652 64bit Portable, and found way down in settings>options>privacy is the pre-checked option to:
“Help Improve CCleaner by sending anonymous usage data”
Nirsoft tool LiveTcpUdpWatch tool shows that CCleaner portable immediately calls home, whether the above option is checked or not.
I use CCleaner 5.28.6005 (installed) with “Automatically check for updates to CCleaner” un-checked so it does not call home. If it is checked however, it immediately calls home & offers the newest version for upgrade.
BTW, Wise Care 365 also calls home.
Lots of programs phone home…
Checking for updates, connecting to cloud databases for AV protection, license verification, etc.
One way to find out what is being sent over the wire is to download and run a packet analysis tool like Wireshark.
Otherwise, without facts, it’s just spreading FUD.
FYI : latest CCleaner Slim 5.47.6716 available for download at https://www.ccleaner.com/ccleaner/download/slim
CCleaner 5.47.6716 has just been released:
I still use Avast products and my trust in them has never been tarnished. In fact, after hearing the news, I just bought a year subscription to the pro-edition of CCleaner and couldn’t be happier. My computer runs so smooth now.
That other people spy on users too is not an excuse to do it, especially when there are ethical alternatives like BleachBit that don’t do it. Besides, Avast misbehavior is not limited to privacy. People should stop with this new trend of calling “fake” the news that they merely do not like.
After utorrent went rogue and started bundling crapware and spyware and bitcoing mining shits and after having used it for 6-7+ years, I ditched it and looked for a client that would suit my needs and work somewhat as utorrent with the same feature set. Qbittorrent fitted that bill perfectly.
I think it might be time to start looking for a good free or paid alternative of crap cleaner and never look back again.
Thankfully, I have the old versions and have not updated it in a long time.
@martin: Any good free or paid app you would recommend?
You could try Bleachbit or Privazer.
Privazer looking good albeit a bit slow. Finds much more crap than crap cleaner
“One way to find out what is being sent over the wire is to download and run a packet analysis tool like Wireshark.”
Are you running Wireshark 24/7? Can you decrypt encrypted payloads?
What if a proprietary program were instructed to only send everything and anything they want at a predefined date? What if this date was updated/changed in each new version? It would also be simple enough for a program to do whatever it wants during updates and/or other online activity, especially if they encrypt.
Let us not forget, if you use Windows and/or MacOS, you are trusting your private data to proprietary Operating System(s) and programs!
Reasons not to use Microsoft
Reasons not to use Apple
Reasons not to use Google
Reasons not to use Intel
Reasons not to use Discord
I strongly recommend everyone switch to free and open source software.
With all of the “reasons” you’ve listed, your best course of action is to not be online.
I mean, come ON people! What better way to “give users more autonomy and transparency over their privacy settings” than to ignore their privacy settings?
I use CCleaner v.5.47.6701 and new release is v.5.47.6716 but my version is not updated. It’s blocked by Host File Editor, great portable tool for telemetry shit (Microsoft, Adobe, CCleaner and more).
Just go to Tools – Block CCleaner Servers and save your Host file.
Also, use FAB portable (File – Add folder contents) to create firewall rules for all .exe files or for any process.
I just installed v5.48 that was released today.
What are recommendations?
Why it is advised not to install CCleaner anymore?
Didn’t CCleaner correct things that made people uninstall it?
To all those still hanging onto CC in the “faith” they are behaving in our best interest …
Scroll down to “Addendum: CCleaner security issues” … portable and installer CC are a risk, however you want to dress it up (or down)
I was a long term CC enthusiast … not any more. A shame it “was” a good tool.
Whether one can trust the latest CCleaner update/ apology remains dubious at best. What is disturbing is to read deep into the fine print of the Licensing Agreement we all click without a second thought. As of last week it still states that because they own the software, they can exercise their right to download updates as they desire, without further permission from the user, and without even notifying the user of this; most egregious, is that if the user attempts to thwart such updates, this constitutes a breach of contract, and the user is in violation. Financial liability would be basically zero, the price we paid for it, but the insult is disgustingly arrogant yet consistent in the Win 10 era of coerced “driverless PCs.” Nothing is going to drive more towards the Linux alternative faster than more cases of user privacy and data compromise, particularly when it comes from a product once touted as a trusted means of securing one’s computer.
@ Suspicious Mind
That’s a gem you found here. A rotten, smelly one, but a gem nonetheless. I’m not aware of any software with such an EULA. Must be a first.