Jump to content
Piriform Community Forums
Ron2017

Piriform Personal Security Concern with CCleaner Latest v. 5.45.6611

Recommended Posts

I have noticed two things with CCleaner latest version (5.45.6611)

1.) Under ""Options" then "Privacy" setting, Piriform, has removed the option to NOT collect information when using CCleaner off of users computers.

You are now forced to allow Piriform to collect data from your system, and there is no way to stop this, unless you remove the application.

2.) I also noticed that now CCleaner dose not shut down/close when you exit out of the application, it still shows the application to run, and there is no way to stop the latest version from constantly monitoring/running unless you forcibly terminate the application.

This also is a change in the functionality of CCLeaner, and Users have not be notified when installing the latest version, that Piriform will be constantly monitoring your systems, and collecting data.

Both of these aspects, are a change in the CCleaner v. 5.45.6611, compared to the previous versions, which one could stop either of these processes from running, and not allow Piriform to collect data from your computer constantly.

 

Basically Piriform needs to Notify Users, when they initially install the latest version of CCleaner, or it will continue to monitor and track what you are doing on the computer.

 

This day and age, with issues like Facebook data leak, and such other types of incidents with personal information.

Piriform is violating users trust, by allow the application to continually run, even after it has be closed, and to forcibly collect users information, by removing the option in the latest version to Turn on/ off of the Privacy setting. Forcing people to give up their privacy, in the latest version, is not good policy, AND should be announced when a user first installs CCleaner.

 

 

I recommend, that Piriform makes some changes to their process for CCleaner, or you may get your self into legal trouble, and also lose the trust of users of CCleaner.

 

 

Share this post


Link to post
Share on other sites
1 hour ago, Ron2017 said:

I have noticed two things with CCleaner latest version (5.45.6611)

1.) Under ""Options" then "Privacy" setting, Piriform, has removed the option to NOT collect information when using CCleaner off of users computers.

You are now forced to allow Piriform to collect data from your system, and there is no way to stop this, unless you remove the application.

2.) I also noticed that now CCleaner dose not shut down/close when you exit out of the application, it still shows the application to run, and there is no way to stop the latest version from constantly monitoring/running unless you forcibly terminate the application.

This also is a change in the functionality of CCLeaner, and Users have not be notified when installing the latest version, that Piriform will be constantly monitoring your systems, and collecting data.

Both of these aspects, are a change in the CCleaner v. 5.45.6611, compared to the previous versions, which one could stop either of these processes from running, and not allow Piriform to collect data from your computer constantly.

 

Basically Piriform needs to Notify Users, when they initially install the latest version of CCleaner, or it will continue to monitor and track what you are doing on the computer.

 

This day and age, with issues like Facebook data leak, and such other types of incidents with personal information.

Piriform is violating users trust, by allow the application to continually run, even after it has be closed, and to forcibly collect users information, by removing the option in the latest version to Turn on/ off of the Privacy setting. Forcing people to give up their privacy, in the latest version, is not good policy, AND should be announced when a user first installs CCleaner.

 

 

I recommend, that Piriform makes some changes to their process for CCleaner, or you may get your self into legal trouble, and also lose the trust of users of CCleaner.

 

 

I tottaly agree. This is just happening cause of Avast has bought CCleaner. Also i'm having trouble with CCleaner using Kaspersky Total Security installed. Very strange, very suspicious

Share this post


Link to post
Share on other sites

I'll have a go at explaining it, seeing how Piriform have made such a poor job of it.

1) Remember that this option was only ever added to comply with GDPR in Europe, it was never a legal requirement in the rest of the world.

They have previously been collecting this data anyway, they just weren't telling you about it until GDPR.

Piriforms' latest privacy statement says that the software is not collecting Personal Data from users.
https://support.piriform.com/hc/en-us/articles/360004083951-What-changes-have-you-made-to-ensure-compliance-with-GDPR-

If this is true then they do not have to offer the opt out under GDPR in Europe. (And never had to in the rest of the world).

Quote

You might notice that the ‘Allow usage data to be shared with 3rd parties for analytics box’ has recently disappeared. As GDPR covers personal data, and we do not collect any personal data to share with any parties, we have removed this box to avoid confusion.

It is usually correct that if the data cannot identify you personally then it is not an individual data protection concern and so is not covered by data protection law. (Although it may be covered by other laws).
Of course that all depends on just what is being collected and if it could identify you, or your personal device, in any way.

Piriform say that the only personal data held is in connection with payments made for the 'Professional' versions.
This is subject to GDPR in Europe and you can make a request to see just what they hold about you by means of a Subject Access Request.
In the rest of the world you should have your own Data Protectction laws to cover this.


2) This constant monitoring crap is probably going to be the last straw for many previously loyal users.
AV's (Avast) get away with it by saying that they have to monitor constantly to keep you safe from viruses, but a file cleaner does not need to be constantly monitoring.

Share this post


Link to post
Share on other sites

After reading this

https://www.ccleaner.com/about/privacy-policy 

I fail to see how Avast/Piri/CCleaner is NOT collecting data.

I don't want any of my data collected.

I don't want a program monitoring what I install, browse and look at automatically.

I don't want the new 'heartbeat' feature that allows Avast to target my machine with bugs fixes and updates when it wants to (It has to know my location, build and usage to do that ..data?)

The fact that I use the free version still doesn't stop some collection of data (nothing will change my mind on that)

I just want the software that allows me to get rid of the rubbish that  I don't want.

This is why I am on an older build , as are a lot of people I know.

 

Share this post


Link to post
Share on other sites

I agree hazelnut,

They (and others) freely admit that they are collecting data.

Their privacy statements that you link to are disjointed, and statements made there and elsewhere conflict with each other.

The question of importance is if that data that could identify you (or your device) individually or not?

Piriform/Avast (and others) seem to be relying on the reply that they are not collecting your name, address, email, etc. what is known as "Classical Personal Data".

This is not sufficent under GDPR, any information at all that could identify an 'individual' has to be protected and explicit consent obtained to collect it in the first place.

This includes "Digital Personal Data" and means anything that could identify an individual - not just a 'named' individual.
If any organisation collects your device identifiers (MAC/EMEI/even a dynamic IP address), location, etc. then that identifies you as an individual and is subject to GDPR.
https://eugdprcompliant.com/personal-data/

It doesn't matter that you are an 'anonymous' individual.

Quote

The GDPR considers any data that can be used to identify an individual as personal data. It includes, for the first time, things such as genetic, mental, cultural, economic or social information.

Especially if it is then linked to your viewing or shopping habits which can easily be extracted from analyising cookies etc. on your device, and then used to send targeted ads to that individual device.
It does not matter if what is being offered is paid for or free, or even if you are just being 'monitored':

Quote

The GDPR will also apply to the processing of personal data of data subjects in the EU by a controller or processor not established in the EU, where the activities relate to: offering goods or services to EU citizens (irrespective of whether payment is required) and the monitoring of behaviour that takes place within the EU.

As I've said elsewhere I'm sure that their legal advisors understand all this. (I can and I'm not a lawyer).

But the sales and marketing guys won't/don't like it and will resist.
It's what they have been relying on to make money for a number of years now.
It's partly because of the (dodgy) way that they (some of them) have been doing this that GDPR has been enacted in the first place.

PS. Again as I've said before; using an older build will not stop data collection, - all software companies have been doing it for years, but didn't have to clearly tell you about it until GDPR came into force, before that they could just hide it in layers of small print.

That's what this is all about, they haven't suddenly started doing it, but they now have to tell you about it.

Share this post


Link to post
Share on other sites

Been worried about the program ever since 5.42: 

 

Hell, even since the security issue where somehow someone infiltrated their servers to change the programs to be malware infested.

Seems like ever since Piriform joined Avast, they've fast gone downhill.

Well, suppose we can be glad this program is designed in a way in which we can add our own filter cleaning rules and not get force updated.. but still, never a good sign when yet another company starts to fall over because they get so big.

Share this post


Link to post
Share on other sites
Quote

Legal

  • Added a check to prevent the use of the application in embargoed countries

Another new feature added to the list.

I'm pretty much done with any newer versions, but this makes me wonder if I should be done with the company altogether.

I understand GDPR is a mayor sudden pain for many software and websites. Also for people within the EU, as they're slowly being separated from the rest of the world.

But heck, embargoing countries? I'm not even sure anymore why it's still called a privacy tool.

Share this post


Link to post
Share on other sites

I think that the "embargoed countries" bit is more about recent developments in places like India and (with Trump?) China.

GDPR is giving the rest of the world a much needed wake up to what some big data processing/data mining concerns are doing with everybodys private data.

Love it or hate it - it's going to change things.

Share this post


Link to post
Share on other sites

After discovering these issues/ concerns I have removed CCleaner off all my systems and revered back to an earlier version, Its not to say they weren't data harvesting, without our knowledge on those versions.

 

Its sad, and one would think that this day and age that Periform, would have at least put up a notice, when installing the latest version, to give people the option to say yes or no, to the data harvesting. But no, they just thought they could sneak this one by everyone.

 

Lots of lost confidence in the company, and its products.

And, there is no excuse for them not to have a Notice, warning/notifying people when installing the newest version, of the changes in policy.

 

This is Facebok X2

Share this post


Link to post
Share on other sites
3 hours ago, nukecad said:

GDPR is giving the rest of the world a much needed wake up to what some big data processing/data mining concerns are doing with everybodys private data.

Living in the EU myself I'm personally seeing an awful lot of similarities between GDPR and the beginning of "The Great Firewall of China".

Tinfoil hat aside, for now I'm sticking with version 5.40 portable, of which I can mostly see what it sends. And I hope both Piriform and Avast will open up more about their relationship together and what exactly it is they want, or are forced into as they did in some of the most recent topics.

Share this post


Link to post
Share on other sites
10 hours ago, DAOWAce said:

Well, suppose we can be glad this program is designed in a way in which we can add our own filter cleaning rules and not get force updated.

It's endlessly extensible if someone knows how to write their own winapp2.ini cleaners for it even if using an older version, however allot of people aren't going to know how to create their own cleaners.

Using and old version it's important to disable it's ability to nuke the system like Win10 for example by making exclusions for Font Cache and Windows.old so that it can't clean those areas even by accident.

Share this post


Link to post
Share on other sites

I will not be renewing my paid subscription if this is left as it is.

I want the application to close when I close it - completely. And I want it to not collect any data unless I accept that.

Resorting to Task Manager to properly close an application is unacceptable. There isn't even an "EXIT" option one the Tray icon.

Share this post


Link to post
Share on other sites
Guest

I have asked this before, but does anyone know if "heartbeat" calls home when using a portable version of CCleaner? And, what if CCleaner (portable) is run while being totally disconnected from the Internet during the run of CCleaner?

Share this post


Link to post
Share on other sites

Well if you are disconected then obviously nothing can phone home.

That only leaves the question of if it saves something to send home when you do reconnect.

If it does save something, say in a log file, then you could clear it before reconnecting.

Maybe use that well respected CCleaner? (Tounge in cheek).

Share this post


Link to post
Share on other sites

After a recent upgrade of my Pro version I noticed the CCleaner icon sitting in the system tray and tried and failed to turn it off.

I have found that:

  • If the CCleaner monitoring startup link is disabled in "CCleaner/Tools/Startup" it is re-enabled.
  • If the CCleaner monitoring startup link is deleted in "CCleaner/Tools/Startup" it is replaced and re-enabled.
  • Any direct edits to the registry are ignored / reset upon boot.

So CCleaner now takes steps to BYPASS ITS OWN FUNCTIONALITY and enforces always on monitoring despite the user knowingly and deliberately trying to stop it.

I have only ever used CCleaner where I just run it occasionally, when I want to, to clean out any crud that has accrued. I have never needed it always on and watching.

I am now a bit concerned that it is not possible to prevent CCleaner from always running and monitoring systems upon which it is installed. Also (in the free version) there is no user control or consent over what data this permanent monitoring collects and sends home.

Does anyone have any idea what is going on here? Is this apparently "mandatory" monitoring related to software bugs or is this edging towards spyware-like activity?

Share this post


Link to post
Share on other sites

Hi all,

Thanks for your feedback. We value your input and want to acknowledge your concerns around the changes to active monitoring (heartbeat).

The new CCleaner heartbeat reports only non-personal, absolutely non-identifiable usage information for the purpose of improving CCleaner. This could be, the percentage of users who have experienced a crash, or are using scheduled cleaning.

First and foremost, being able to detect usage patterns across our entire user base allows us to act more quickly when things go wrong. Gathering information via this forum, support tickets or social media is helpful but with such a huge quantity of users, is not a small undertaking. The new 'heartbeat' delivers quantifiable, representative data, quickly, so when things go wrong, we can rectify the situation sooner. In the long term, having some insight into how our users use CCleaner allows us to improve it.

The heartbeat has been added to an existing CCleaner process called 'CC Monitor'. That process is controlled via the Enable Active Monitoring checkbox. This option covers both checking for updates and the new heartbeat. It has two other optional features: 'System Monitoring' and 'Browser Monitoring'. System Monitoring triggers an alert when you have a lot of junk to clean. Browser Monitoring is a paid feature that gives you intelligent cleaning options when you close your browsers.

After listening to your concerns, we have reviewed how this feature has been implemented and we agree that there are areas for improvement.

Please bear with us while our product and development teams work on this. We will update you as soon as we can. In the meantime, to disable all monitoring, please close all CCleaner processes via the Task Manager.

Thanks for your patience while we work towards a resolution.

Share this post


Link to post
Share on other sites
12 hours ago, jagga said:

I have asked this before, but does anyone know if "heartbeat" calls home when using a portable version of CCleaner? And, what if CCleaner (portable) is run while being totally disconnected from the Internet during the run of CCleaner?

Hi jagga:

I normally run the portable version of CCleaner Free on my 32-bit Vista SP2 machine from a USB thumb drive.  I've been testing CCleaner Portable v5.45.6611 for a few days and don't see any obvious evidence that the portable version continues to monitor my system after the program is closed.  I can't see anything associated with CCleaner in my startup items or Windows Task Scheduler, and I've confirmed that the settings at Options | Monitoring | Enabled Active Monitoring and Options | Settings | Inform me of updates to CCleaner are both disabled by default and remain disabled after CCleaner is closed and restarted and/or my system is re-booted.  According to employee Paul Piriform's comment <above> the new "heartbeat" data will not be collected as long as Options | Monitoring | Enabled Active Monitoring remains disabled, and if that's correct then that would suggest that heartbeat data is not being collected on my system with my current settings.

One thing I noticed is that the CCleaner icon shown in the image below appears in my system tray when the CCleaner interface is minimized.  If I disable the setting at Options | Settings | Show CCleaner in the Windows notification area (which is enabled by default) that icon does not appear in the system tray when CCleaner is minimized, but unfortunately if you do disable that setting then you have no way of opening the CCleaner interface again and the executable stays loaded in memory as a running process without any way to stop it (unless you kill the process in Task Manager or re-boot your system). I'll have to play around with this setting a bit more but that might be a bug in CCleaner Portable v5.45 that needs to be fixed.

5b5b9b5f94482_CCleanerv5_45SystemTrayIcon27Jul2018.png.54dd18640e574a2c133c308baf61ed38.png

Instead of disconnecting from the internet every time you run CCleaner,  it might be easier to create a program rule that will block all incoming and outgoing traffic for the CCleaner executable through your firewall so that CCleaner can't send data back to the Avast/Piriform servers.  Unfortunately that would also mean that checks for CCleaner updates probably wouldn't work so you would likely have to download new versions and install them manually.  I use the two-way Norton Smart Firewall that comes bundled with my Norton Security antivirus and preventing 32-bit ccleaner.exe traffic through my firewall would be relatively simple:

5b5b9d9ded147_CCleanerv5_45NortonFirewallAllow_Block27Jul2018.png.f9027672427f3e380a9c963d00265e45.png

-----------
32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Premium v22.14.2.13 *  CCleaner Portable 5.45.6611

 

Share this post


Link to post
Share on other sites

Hello,

Never posted here before (or about any software for that matter), but after this version was released (6611) I feel I have to rant because this software was once a great utility and now its been turned into damaged goods....

13 hours ago, Paul Piriform said:

In the meantime, to disable all monitoring, please close all CCleaner processes via the Task Manager.

#1 Seriously? Are u kidding? Every time I run it? (and I run it often) Why even have the check boxes in the options tab to disable monitoring if they don't actually DISABLE MONITORING? Even if I uncheck all monitoring boxes, close all Ccleaner processes in task manager, and disable or delete the Ccleaner monitoring entry in startup.ini, then restart the PC, it still reappears if I open Ccleaner, again monitoring when I don't want or need it to. I am perfectly capable of determining when I need to clean my PC, as are most users who have half a brain.

#2 Better yet, there isn't even an "exit" menu option included on the taskbar icon, which is absurd. Every program I've ever installed on PCs since Windows 95 at least has the option to either close/quit/exit from the taskbar icon, except this one.

#3 There was no information provided on the version history page before I updated to this version from the previous that "monitoring" would now be enabled full-time. Only the information below was provided:

"v5.45.6611 (24 Jul 2018)
-Removed Windows.old cleaning rule
-Fixed a crash in Disk Analyzer
-Added more detailed reporting for bug fixes and product improvements"

#4 It seems this version has been "dumbed-down" for the masses that can't figure out how to clean their PC by themselves....users who need a babysitter to warn them that their computer is clogged and it runs for them. Those users don't even know that Disk Cleanup in Windows even exists much less that Ccleaner exists & how to effectively use either one of them. I know some power users may want it to clean automatically and thats perfectly fine, but I think most of us would rather not have another icon & open program running in the taskbar, especially if your short on RAM to begin with. At last look, it was using 9772k of memory on my PC. That is more than my Malwarebytes is using. For some, there is a noticeable difference in performance if programs are running in the taskbar or not. Everyone does not have the latest & greatest PCs, and I think developers forget that because they probably do have them and test software like this on them without noticeable performance losses.

I'm sorry, but this is unacceptable and poor software "development". Its more like software regression. I'll be uninstalling this version and not returning if/until these items are resolved in a future version.

PS Oh, I almost forgot. The pop-up from the taskbar (in the previous version before 6611) telling us about your sale on software every time we open it is annoying and makes me less likely to buy anything.....once or twice during the sale period is sufficient, not every time I use it. The last thing all of us need is more advertising in our daily lives.

Thank You

Share this post


Link to post
Share on other sites
Guest

Thanks Imacri for your thorough reply, and thanks to the others, as well. I'll use this information to help guide my usage of CCleaner (portable-only), should I keep using it at all. I knew that nothing could be sent during a run of CCleaner (portable), if run while offline, but did not know if something could be placed to “call home” afterward – when connected again. I have used it for many years, and had put my trust in it, thru all those years. These "helpful" programs (IMHO), shouldn't be dropping surprises into their trusted products. Although, to CCleaner's credit, it does appear they hear that the "heartbeat"/call home (by default), has raised the attention and aroused some dissatisfaction (suspicion), among its loyal users, and they state (in this forum), that they will look to improve the implementation (An "Opt-In" button, perhaps?). Again, “Thank you”, Imacri – very helpful.

Share this post


Link to post
Share on other sites

I still dont understand why you block CCleaner in firewall. I want disable monitoring because is another still running process, which can cause longer system bootup etc.

So if you let him already running, so there is no reason block it in firewall. It send useful data to Piriform which they can use for bug fixing. If you bloick it in firewall, your process run completely useless.

 

Share this post


Link to post
Share on other sites

I agree with 66intheSky,  I will cease using cc cleaner unless the 'Exit' command is restored. 

It is ridiculous to force the program to always run.

 

Thanks for trashing a previously useful program. 

 

ANGER!@

Share this post


Link to post
Share on other sites
On 7/27/2018 at 17:41, lmacri said:

Hi jagga:

I normally run the portable version of CCleaner Free on my 32-bit Vista SP2 machine from a USB thumb drive.  I've been testing CCleaner Portable v5.45.6611 for a few days and don't see any obvious evidence that the portable version continues to monitor my system after the program is closed.  I can't see anything associated with CCleaner in my startup items or Windows Task Scheduler, and I've confirmed that the settings at Options | Monitoring | Enabled Active Monitoring and Options | Settings | Inform me of updates to CCleaner are both disabled by default and remain disabled after CCleaner is closed and restarted and/or my system is re-booted....

Hi jagga:

Just a caveat to my previous post.  I just read arensky's 28-Jul-2018 post in Cleaner Free 5.45.6611 64 Bit : Active Monitoring Issue and they noted that the problem with the Enabled Active Monitoring setting re-enabling itself after the program is closed only occurs on their machine with the 64-bit CCleaner (ccleaner64.exe) but not with 32-bit CCleaner (ccleaner.exe).  Since I tested with the 32-bit version of CCleaner Portable v5.45 I can't guarantee that a 64-bit version of CCleaner Portable v5.45 would behave the same way and leave Enable Active Monitoring (and hence the new "heartbeat" submissions) disabled like my 32-bit version.
-----------
32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Premium v22.14.2.13 *  CCleaner Portable 5.45.6611

Share this post


Link to post
Share on other sites
Guest
12 hours ago, lmacri said:

Hi jagga:

Just a caveat to my previous post.  I just read arensky's 28-Jul-2018 post in Cleaner Free 5.45.6611 64 Bit : Active Monitoring Issue and they noted that the problem with the Enabled Active Monitoring setting re-enabling itself after the program is closed only occurs on their machine with the 64-bit CCleaner (ccleaner64.exe) but not with 32-bit CCleaner (ccleaner.exe).  Since I tested with the 32-bit version of CCleaner Portable v5.45 I can't guarantee that a 64-bit version of CCleaner Portable v5.45 would behave the same way and leave Enable Active Monitoring (and hence the new "heartbeat" submissions) disabled like my 32-bit version.
-----------
32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Premium v22.14.2.13 *  CCleaner Portable 5.45.6611

Hi Imacri -

Thanks for the updated information (re: 32-bit vs. 64-bit use), and please excuse the long posting. I’ve decided to not use CCleaner at all, until the heartbeat implementation is fully addressed by CCleaner in a completely open manner (with user-options easily controlled). I’ve also read of several bugs in the 5.45.6611 version… this is another reason for me to avoid this release. Out of protest, I’ll avoid all CCleaner versions for now, and will use an alternative (portable) “cleaner” I’ve recently found. I’m too old to be annoyed, and played with – and taken for granted by software makers. There are alternatives. MicroSoft tried to force-feed Win10 on me – with all its “telemetry features”. So, I bought a laptop with Linux pre-installed. By the time my Win7 is no longer supported, I’ll know all I need to know about the Linux “Terminal”. I had paid for (at least) five versions of XARA programs, over the years, but they were bought out by Magix (just as CCleaner was bought by Avast), and have since deserted their once-loyal base. They, too, have lost my support. The only way to get what we deserve, is to avoid those who don’t deserve our support. In fairness to CCleaner, I’ll say I have not paid for CCleaner, but they offered “free” versions, and I accepted their offers. Now (to me), their free version isn’t worth using, if I pay thru loss of privacy. I realize heartbeat is not a concern to some, but to many of us, things like this is a "privacy concern". Unlike XARA/Magix, CCleaner seems to be willing to (at least) address their user’s concerns – so I’ll watch – and will be very happy to return, and to (again) recommend CCleaner to others, who may purchase a CCleaner license. One more thing – I used Avast for years also, but dropped them when they began using those annoying popups, trying to get me to buy the paid version. I didn’t “need” it. Again, there were alternatives… there are always alternatives. Thanks, Imacri for your input, and follow-up; it’s good to know there is help and guidance “out there”. So, I’ve said my piece – I do hope I can again, use CCleaner… so I’ll watch.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×