CCleaner Updates Itself Without Notifying Users

(Image credit: CCleaner)

After several controversies earlier this year, Avast-owned CCleaner has brought yet another upon itself. This time the controversy is about the CCleaner software auto-updating without notifying users and even updating in spite of users disabling the auto-updating feature.

According to multiple user reports, CCleaner auto-updated to the latest 5.46 version, even though they had auto-updates disabled. Furthermore, the users weren’t notified that the software would update itself prior.

The main changes in 5.46 seem to revolve around Piriform renaming its monitoring features. For instance, it renamed the "Monitoring" feature to "Smart cleaning," the "Browser monitoring" one to "Enable automatic browser cleaning" and so on. The reporting of anonymous data usage has been separated into another different feature (it was previously controlled by the "Active monitoring" checkbox).

Piriform has also argued that this forced update was required in order to better comply with GDPR requirements. A previous GDPR-ready version was released this spring, but the company said that more changes were needed to fully comply. Piriform believes that this was a "critical" privacy-focused update for users, and this is why it updated everyone to the latest version.

Reading between the lines, it sounds like Piriform was worried that it may be legally liable under GDPR unless all users used this more GDPR-compliant version.

Past CCleaner Controversies

This isn’t the first time CCleaner has updated itself without users’ permission, frustrating many users in the process. Some of the reports date back to 2012, while the most recent ones are from earlier this spring. The now Avast-subsidiary and maker of CCleaner, Pirifom, has promised to give users more control and transparency over automatic updates in the future, but so far its track record on following these promises hasn’t been that good.

Just last month, Piriform had to retract a CCleaner update after many users were outraged with the app’s expansion of data monitoring and user tracking features. Piriform had to revert all installs of CCleaner 5.45 back to 5.44.

Last year, CCleaner was also affected by a hack that compromised Piriform’s update servers. The attackers were able to insert a backdoor in the latest version of CCleaner. Despite Piriform having been recently acquired by antivirus maker Avast, it took another antivirus company to discover the backdoor and alert both Avast and the public about the issue.

Some users also haven’t been too happy with Avast’s general handling of Piriform’s handling, as the company has been attempting to better monetize the applications with more ads.

Keeping CCleaner Updates In Check

CCleaner continues to gather downloads from users, recently reaching over 2.5 billion downloads since it was first created (note: it doesn't necessarily mean 2.5 billion users). For now, CCleaner continues to remain a popular Windows application, despite Microsoft recently issuing a warning against similar products that promise to clean up Windows.

Even though CCleaner is able to ignore user's preferences for auto-updates, there is still a way to stop all updates, if that's what you want. You can delete the CCUpdate.exe file from C:\Program Files\CCleaner\CCupdate.exe, as well as the CCleaner Update scheduled task. If you want to update to a new version later on, you can do so by installing it manually from the website, the old fashioned way.

Lucian Armasu
Lucian Armasu is a Contributing Writer for Tom's Hardware US. He covers software news and the issues surrounding privacy and security.
  • Peter Martin
    it's more malware disguised as anti-malware, and it ruins systems. i do not recommend it's use for any reason.
  • bloodroses
    It looks like CCleaner 'crap cleaned' itself again... lol
  • zxccxzasd
    Do not delete the update.exe, just rename it .xxx and rename back if you want to update. Deleting and reloading is a waste of time plus the new update will (probably) have the new update.exe, which needs to be renamed.
  • stdragon
    21339733 said:
    it's more malware disguised as anti-malware, and it ruins systems. i do not recommend it's use for any reason.

    That's a bit harsh. But, I can't disagree that they've been rather shady with how they are handling security and not being up-front with their intentions of the software already installed. So while not malware, it's definitely become adware for sure.

    Personally, if I'm going to use CCleaner, it's to install with customization, run the program to do the job, then shortly thereafter I uninstall it. Essentially, I just use it as a one-off temporary utility if needed.
  • humorific
    My solution is to enter windows firewall rules to block all network access for the updater and all executables. It should need any of it to do its job
  • Peter Martin
    Course if you never install it you’ll never have to worry
  • anghellic
    if people are still using this after the incident a few years ago then you deserve what you get for not being up to date
  • Christopher1
    My solution is to just realize that these things are getting harsh with the auto-updating to fix flaws and to stop wigging out when they simply autoupdate. Now if they autoupdate and put something malicious on your system?

    Then we have a problem!
  • ravewulf
    I stuck with the last update of version 4 because I didn't like the UI changes in v5. It may not be the latest and greatest under the hood but it still does what I need it to do.
  • popatim
    So how was deleting the CCUpdate executable and stopping the update task confirmed as a fix for this issue?

    Seems easy enough to have a C&C routine built right into the main app.

    Shame on Piriform for not understanding that No means No. Having a way to force an update opens a doorway for hackers to force one too once they analyze how this was done.

    This makes me wonder what else they are secretly doing...
    And who else is doing crap like this...