Privacy News CCleaner Disregarding Settings and Forcing Update to 5.46

LASER_oneXM

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Forum Veteran
Feb 4, 2016
2,516
15,625
3,578
53
Germany / Poland
Content source
https://www.bleepingcomputer.com/news/software/ccleaner-disregarding-settings-and-forcing-update-to-546/
Reports are coming in that Piriform is forcing CCleaner to update to the latest 5.46 version even when users had configured the program to not perform automatic updates. To make matters worse, once the users were upgraded to the latest version, their privacy settings were reverted to default, which is to allow anonymous usage data to be sent to Avast/Piriform.

This was first reported on September 6th at Piriform's forum, where users stated that their installed versions of CCleaner were being updated to 5.4.6 even after disabling automatic updates. This was later confirmed in a post to our forums.
Click to expand...
As a test, I downloaded and installed the Slim version of CCleaner 5.37 that we host at BleepingComputer.com.

During the setup procedure, I configured the program to not automatically check for new updates. Even with that setting disabled, CCupdate.exe was automatically executed by the installer and CCleaner was updated to version 5.46 before I could even start the program. This is illustrated in the video below.
...
....
....
Click to expand...
How to disable CCleaner automatic updates

As CCleaner is ignoring a users preferences and forcing updates to be installed, if you want to disable updates you need to delete an executable called CCUpdate.exe that is installed along with CCleaner.

When CCleaner is installed, it will install a file at C:\Program Files\CCleaner\CCupdate.exe that is used to install updates to CCleaner. This program is then configured to automatically run every day by a Scheduled Task called CCleaner Update.
..
....
Click to expand...
 
  • Like
Reactions: SumTingWong, XhenEd, plat and 11 others
I admit, I still use Ccleaner, even though I feel there are better solutions I like to run a scan with it's registry cleaner to be sure.

How I do it is, I utilize an older version that I took the time to carefully log, evaluate and monitor before coming to this decision. The first pre-req was it had to be before Avast took over, and it had to be before any known compromises or other issues. Then I disable auto-updates. You really don't ever need to update Ccleaner for the most part.

The version I settle on to deploy w/updates and monitoring disabled is 5.26.5937 Released: 17 Jan 2017.

There is nothing for Avast to 'force' with that one, as they have zero control over it. (Taint) CCUpdate.exe doesn't even exist in the version I recommend.

CCleaner 5.26.5937
 
  • Like
Reactions: SumTingWong, oldschool, Gandalf_The_Grey and 6 others
stepseven84 said:
That's not good.
I think that the user should see respected his choice.
Click to expand...

avast.png
 
  • Like
Reactions: CodaPG, oldschool, Gandalf_The_Grey and 3 others
No one of you ever thought about all the security incident was created ad-hoc in order to acquire the company and make the transition in theory more secure?

I hope the security incident wasn't a market plan... :eek:

I have that idea in my mind from months :)

Even if I red the paper and saw a video illustrating what happened, I have still many doubts.

 
  • Like
Reactions: oldschool, vtqhtr413 and Gandalf_The_Grey
Did anyone read the first comment immediately following the BleepingComputer article? He wrote about CCleaner's creating a new backdoor in his Glasswire firewall every time he blocks the updater there. Apparently, he is using an older version; that is one's right to do that. Like I said, what is wrong with these people? Every other month, something new.
 
plat1098 said:
Did anyone read the first comment immediately following the BleepingComputer article? He wrote about CCleaner's creating a new backdoor in his Glasswire firewall every time he blocks the updater there. Apparently, he is using an older version; that is one's right to do that. Like I said, what is wrong with these people? Every other month, something new.
Click to expand...
I use GlassWire and CCleaner hasn't created any backdoor, is blocked in the Firewall as always.
I did notice the process CCupdate.exe trying to connect to the Internet (but was instantly blocked, due to my strict Firewall rules).
So far only Microsoft has been creating backdoors in my Firewall for their APPs (which I instantly delete).
 
You must log in or register to reply here.

You may also like...