After several controversies earlier this year, Avast-owned CCleaner has brought yet another upon itself. This time the controversy is about the CCleaner software auto-updating without notifying users and even updating in spite of users disabling the auto-updating feature.
According to multiple user reports (opens in new tab), CCleaner auto-updated to the latest 5.46 version, even though they had auto-updates disabled. Furthermore, the users weren’t notified that the software would update itself prior.
The main changes in 5.46 (opens in new tab) seem to revolve around Piriform renaming its monitoring features. For instance, it renamed the "Monitoring" feature to "Smart cleaning," the "Browser monitoring" one to "Enable automatic browser cleaning" and so on. The reporting of anonymous data usage has been separated into another different feature (it was previously controlled by the "Active monitoring" checkbox).
Piriform has also argued that this forced update was required in order to better comply with GDPR requirements. A previous GDPR-ready version was released this spring, but the company said that more changes were needed to fully comply. Piriform believes that this was a "critical" privacy-focused update for users, and this is why it updated everyone to the latest version.
Reading between the lines, it sounds like Piriform was worried that it may be legally liable under GDPR unless all users used this more GDPR-compliant version.
Past CCleaner Controversies
This isn’t the first time CCleaner has updated itself without users’ permission, frustrating many users in the process. Some of the reports date back to 2012 (opens in new tab), while the most recent ones are from earlier this spring (opens in new tab). The now Avast-subsidiary and maker of CCleaner, Pirifom, has promised to give users more control and transparency over automatic updates in the future, but so far its track record on following these promises hasn’t been that good.
Just last month, Piriform had to retract a CCleaner update after many users were outraged with the app’s expansion of data monitoring and user tracking features. Piriform had to revert all installs of CCleaner 5.45 back to 5.44.
Last year, CCleaner was also affected by a hack that compromised Piriform’s update servers. The attackers were able to insert a backdoor in the latest version of CCleaner. Despite Piriform having been recently acquired by antivirus maker Avast (opens in new tab), it took another antivirus company to discover the backdoor and alert both Avast and the public about the issue.
Some users also haven’t been too happy with Avast’s general handling of Piriform’s handling, as the company has been attempting to better monetize the applications with more ads.
Keeping CCleaner Updates In Check
CCleaner continues to gather downloads from users, recently reaching over 2.5 billion downloads since it was first created (note: it doesn't necessarily mean 2.5 billion users). For now, CCleaner continues to remain a popular Windows application, despite Microsoft recently issuing a warning against similar products that promise to clean up Windows.
Even though CCleaner is able to ignore user's preferences for auto-updates, there is still a way to stop all updates, if that's what you want. You can delete the CCUpdate.exe file from C:\Program Files\CCleaner\CCupdate.exe, as well as the CCleaner Update scheduled task. If you want to update to a new version later on, you can do so by installing it manually from the website, the old fashioned way.