Privacy News CCleaner Disregarding Settings and Forcing Update to 5.46

LASER_oneXM

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Content source
https://www.bleepingcomputer.com/news/software/ccleaner-disregarding-settings-and-forcing-update-to-546/
Reports are coming in that Piriform is forcing CCleaner to update to the latest 5.46 version even when users had configured the program to not perform automatic updates. To make matters worse, once the users were upgraded to the latest version, their privacy settings were reverted to default, which is to allow anonymous usage data to be sent to Avast/Piriform.

This was first reported on September 6th at Piriform's forum, where users stated that their installed versions of CCleaner were being updated to 5.4.6 even after disabling automatic updates. This was later confirmed in a post to our forums.
Click to expand...
As a test, I downloaded and installed the Slim version of CCleaner 5.37 that we host at BleepingComputer.com.

During the setup procedure, I configured the program to not automatically check for new updates. Even with that setting disabled, CCupdate.exe was automatically executed by the installer and CCleaner was updated to version 5.46 before I could even start the program. This is illustrated in the video below.
...
....
....
Click to expand...
How to disable CCleaner automatic updates

As CCleaner is ignoring a users preferences and forcing updates to be installed, if you want to disable updates you need to delete an executable called CCUpdate.exe that is installed along with CCleaner.

When CCleaner is installed, it will install a file at C:\Program Files\CCleaner\CCupdate.exe that is used to install updates to CCleaner. This program is then configured to automatically run every day by a Scheduled Task called CCleaner Update.
..
....
Click to expand...
 
  • Like
Reactions: SumTingWong, XhenEd, plat and 11 others
F

ForgottenSeer 58943

I admit, I still use Ccleaner, even though I feel there are better solutions I like to run a scan with it's registry cleaner to be sure.

How I do it is, I utilize an older version that I took the time to carefully log, evaluate and monitor before coming to this decision. The first pre-req was it had to be before Avast took over, and it had to be before any known compromises or other issues. Then I disable auto-updates. You really don't ever need to update Ccleaner for the most part.

The version I settle on to deploy w/updates and monitoring disabled is 5.26.5937 Released: 17 Jan 2017.

There is nothing for Avast to 'force' with that one, as they have zero control over it. (Taint) CCUpdate.exe doesn't even exist in the version I recommend.

CCleaner 5.26.5937
 
  • Like
Reactions: SumTingWong, oldschool, Gandalf_The_Grey and 6 others
F

ForgottenSeer 58943

stepseven84 said:
That's not good.
I think that the user should see respected his choice.
Click to expand...

avast.png
 
  • Like
Reactions: CodaPG, oldschool, Gandalf_The_Grey and 3 others
A

AriDfoix

Level 3
Verified
Sep 2, 2018
125
No one of you ever thought about all the security incident was created ad-hoc in order to acquire the company and make the transition in theory more secure?

I hope the security incident wasn't a market plan... :eek:

I have that idea in my mind from months :)

Even if I red the paper and saw a video illustrating what happened, I have still many doubts.

 
  • Like
Reactions: oldschool, vtqhtr413 and Gandalf_The_Grey
P

plat

Level 29
Top Poster
Sep 13, 2018
1,793
Did anyone read the first comment immediately following the BleepingComputer article? He wrote about CCleaner's creating a new backdoor in his Glasswire firewall every time he blocks the updater there. Apparently, he is using an older version; that is one's right to do that. Like I said, what is wrong with these people? Every other month, something new.
 
L

Local Host

plat1098 said:
Did anyone read the first comment immediately following the BleepingComputer article? He wrote about CCleaner's creating a new backdoor in his Glasswire firewall every time he blocks the updater there. Apparently, he is using an older version; that is one's right to do that. Like I said, what is wrong with these people? Every other month, something new.
Click to expand...
I use GlassWire and CCleaner hasn't created any backdoor, is blocked in the Firewall as always.
I did notice the process CCupdate.exe trying to connect to the Internet (but was instantly blocked, due to my strict Firewall rules).
So far only Microsoft has been creating backdoors in my Firewall for their APPs (which I instantly delete).
 
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
    • Wow
Updates for classic Windows versions? Windows Update Restored has you covered
Replies
1
Views
623
News Archive
NormanF
N
BigWrench
    • Thanks
    • Like
Unlimited Giveaway Driver Booster Pro 11 Free License (subscription until end of the year)
Replies
0
Views
2,442
Giveaways, Promotions and Contests
BigWrench
BigWrench
silversurfer
    • Like
    • +Reputation
    • Applause
Microsoft ends printer driver installations and updates via Windows Update
Replies
1
Views
507
News Archive
Sorrento
Sorrento

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top