Jump to content
CCleaner Community Forums
ArchAngle

5.46 Latest Version Unwanted and Problems

Recommended Posts

On 9/14/2018 at 09:38, Andavari said:

How difficult is it to just have a dialog box pop-up via CCleaner asking the user Yes or No to download the newest version? 

Some sort of notification is essential, especially when the user specifically configured CCleaner not to update.

I had the free/standard version (5.43) installed and had update checking disabled so naturally when I noticed that it updated my initial concern was that it was something malicious.

Share this post


Link to post
Share on other sites

sorry Ben but I think I may have missed some important point with GDPR....

I thought your legal requirement was to provide a compliant version NOT to force that update on users.
Just because you have the means, gives you no authority to abuse that trust and do the upgrade without permission, warning or consent.
I have the means to drive my car 200kph down the highway - doesn't make it legal.

Please correct me where I wrong here.

Share this post


Link to post
Share on other sites

Can anyone please confirm that they're free version of CCleaner was auto-updated without having Avast installed? It sounds like there were a few but confirmation would be appreciated.

(I did not have Avast installed but was auto-updated from 5.43 (the free/standard version) to 5.46 on September 10)

Thanks!

Share this post


Link to post
Share on other sites
31 minutes ago, Pamperlang said:

Can anyone please confirm that they're free version of CCleaner was auto-updated without having Avast installed? It sounds like there were a few but confirmation would be appreciated.

(I did not have Avast installed but was auto-updated from 5.43 (the free/standard version) to 5.46 on September 10)

Thanks!

Doesn't matter anymore. After reading Ben's reply, from my understanding, all versions except portable should be considered untrustworthy.

Share this post


Link to post
Share on other sites
37 minutes ago, Pamperlang said:

Can anyone please confirm that they're free version of CCleaner was auto-updated without having Avast installed? It sounds like there were a few but confirmation would be appreciated.

(I did not have Avast installed but was auto-updated from 5.43 (the free/standard version) to 5.46 on September 10)

Thanks!

Yes the devs sent out a version through the "emergency" updater. Some of us are a Bit unhappy about that.  It shouldn't happen on a regular basis but on the other hand this shouldn't have been an emergency to upgrade to .46 so make of that as you want.

Share this post


Link to post
Share on other sites
19 minutes ago, Nergal said:

Yes the devs sent out a version through the "emergency" updater. 

Thanks for confirming Nergal! :)

I was pretty sure I was updated via "CCUpdate.exe" (emergency updater) but since I had the free version of CCleaner installed (I always thought only the paid versions get silent auto-updates) and did NOT have Avast installed (I use MBAM) I couldn't help but be a little worried about malware and such :)

Thanks again!

Share this post


Link to post
Share on other sites
On 15/09/2018 at 00:20, mta said:

sorry Ben but I think I may have missed some important point with GDPR....

I thought your legal requirement was to provide a compliant version NOT to force that update on users.
Just because you have the means, gives you no authority to abuse that trust and do the upgrade without permission, warning or consent.
I have the means to drive my car 200kph down the highway - doesn't make it legal.

Please correct me where I wrong here.

Well GDPR regulates the collection, storage, and use of data/information.

So while forcing an update on people is not good practice it's not actually covered by GDPR.

If that update then collects any information/data then that is covered by GDPR.

The 5.46 update is still not GDPR compliant, because the 'privacy' tickbox is still pre-ticked after a new install.
GDPR clearly states that tickboxes like this should not be pre-ticked.

As I have been told in the past that Piriform being a large organisation knows better than I do, I'll give a couple of quotes from the ICO website to back that up:

https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/consent/how-should-we-obtain-record-and-manage-consent/

Quote

The GDPR does not specifically ban opt-out boxes but they are essentially the same as pre-ticked boxes, which are banned. Both methods bundle up consent with other matters by default, and then rely to some extent on inactivity. They also increase the likelihood of confusion and ambiguity.

https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/consent/what-is-valid-consent/
Right at the bottom of the page gives (among a long list of invalid consent methods):

Quote

In summary, you do not have valid consent if any of the following apply:

  •     you use pre-ticked opt-in boxes or other methods of default consent;

 


    

 

Share this post


Link to post
Share on other sites

I am really confused now.  I got my Windows 7 laptop out this afternoon (normally use Windows 10 desktop).   I hardly ever use the laptop except for with my scanner but it has wi-fi so it connects to the internet and updates Windows and Windows Defender as soon as it's switched on.  It hasn't been online or switched on for months.

I now find I've got the latest CCleaner on there - and I can't see any option to switch off updates to this 5.46 version.

My laptop is underpowered and so I like to have as little running on it as possible - I'm just a little bit annoyed that I can't find a way to switch off updates on this version which I didn't want anyway - CCleaner keeps stopping responding after a couple of tabs. 

It looks like I'll have to uninstall and reinstall an older version where I CAN switch off updates.   This is totally out of order.   I can't believe the people who develop this product think this is anything like acceptable.

Share this post


Link to post
Share on other sites
8 minutes ago, abc10 said:

I am really confused now.  I got my Windows 7 laptop out this afternoon (normally use Windows 10 desktop).   I hardly ever use the laptop except for with my scanner but it has wi-fi so it connects to the internet and updates Windows and Windows Defender as soon as it's switched on.  It hasn't been online or switched on for months.

You were probably auto-updated via the update task in Task Scheduler (CCupdate.exe) soon after you switched the laptop on. It appears that most people who is not on the latest version (5.46) is silently getting updated to 5.46 through CCupdate.exe.

Share this post


Link to post
Share on other sites

But this is wrong - there is no official auto update on the free version.   I've now uninstalled and gone back to 5.39 and blocked CCleaner in the firewall until they stop being so intrusive and unethical.

Share this post


Link to post
Share on other sites

Since I'm extremely security conscious I decided to do an experiment to establish with absolute certainty that my 5.43 (free) CCleaner install was updated by CCUpdate.exe to 5.46 (and not by something malicious) even though I was already 99.999% sure it was (thanks to this thread). But my OCD was eating at me so ...

I have an older machine with Win 7 Pro on it that I use as an HTPC. It only has Windows 7 Pro and Malwarebytes on it. Nothing else. No Avast software has ever been installed on it. I copied over the exact same 5.43 (free version) installer I used 3-4 months ago (I save the installers for everything I install to a USB drive) and ran the installer. After running the installer I checked the Control Panel and verified that it said 5.43. I opened CCleaner and verified it said 5.43. I unchecked monitoring and "check for updates" and closed CCleaner. Literally 1-2 minutes later I refreshed the Control Panel and lo and behold it now said 5.46 ! I opened CCleaner and yeap, I now had 5.46. So it literally updated itself from 5.43 to 5.46 mere minutes after I installed it. 

FWIW I checked the SHA256 fingerprint of the ccsetup543.exe file I used against the SHA256 posted in the Announcements forum and they're exactly the same. So basically, installing any version older than 5.46 is probably pointless at this time since it will likely get auto-updated almost immediately to 5.46 (silently, without notification or warning) unless you disable your internet connection or something.

Share this post


Link to post
Share on other sites
On 9/12/2018 at 14:13, Andavari said:

I knew that would eventually happen, didn't even take a year.

I, too, could see the writing on the wall and stopped updating quite some time ago.

On 9/6/2018 at 07:36, ArchAngle said:

Yesterday I noticed that even though I had Firefox open when I used CCleaner it had "Skipped" all Firefox cleaning without prompting me to close the browser.

Did anybody else notice that CCleaner is no longer a cleaner for the Free Version?  If you look at the landing page for updating there is an X for cleaning.

( https://www.ccleaner.com/ccleaner/download?upgrade

Share this post


Link to post
Share on other sites

I think that plenty of people would notice if the free CC didn't clean. The free version cleans for the current user, where the paid versions can clean for all users.

Share this post


Link to post
Share on other sites

I created a forum account just to post about this issue.  I had the free v5.37 installed on a myriad of computers and found they all updated to v5.46 without permission or notification.  I had auto-update disabled in-program as well as system & active monitoring but the UAC Bypass was still enabled and the CCupdate tool was in scheduled tasks.  The scheduled task is set like it should run once daily and at startup but task scheduler reports it as never having been run.  I stuck with the 5.37 version because of the UI changes in the newer versions and Avast's propensity for software bloat in their other products.  Due to this incident and requisite lack of transparency any trust I had in Piriform and Avast has been erased.  I ended up uninstalling the free CCleaner from all of the PCs I had it on - some clients, and all of the family and friends that I have remote access to with this command line.

"C:\Program Files\CCleaner\uninst" /S && rmdir "C:\Program Files\CCleaner" /s /q

There's a post on this issue at Born's Tech and Windows World blog as well: https://borncity.com/win/2018/09/12/ccleaner-forces-update-from-v5-38-to-v5-46/

Off to look for another simple and effective tool to replace CCleaner with.  It won't be easy because it was so simple to use and worked very well.

Regards,
-felipe

Share this post


Link to post
Share on other sites
5 hours ago, mta said:

and that forced update, back-door process is wrong on so many levels.

Agreed. The whole thing feels "back-door"-ish ... there is literally zero notification that it got updated so initially thought it was malicious. Ugh!

When I did my test yesterday, after installing the free version of 5.43 and opening it up for the first time I was greeted with the usual "there's a newer version, do you want to download it" dialogue which I declined. I then disabled checking for updates and closed it. Two minutes later I had 5.46 anyway. Let's pause here for a second and think about this. Most people who aren't aware of this forum and this thread would, at that point, probably think they downloaded a bad/malicious installer because it silently and automatically did something (i.e. updated to 5.46) that you specifically told it not to do just 2 minutes ago when you installed it. 

 

Share this post


Link to post
Share on other sites

Piriform have freely admitted that they have done, and are still doing, this.

On 12/09/2018 at 09:29, Ben Piriform said:

Hi All, apologies for the slightly late response.

Since the release of v5.46 we have updated some users to this version

For "some users" read everyone who has an older version, and who hasn't already blocked/deleted their 'emergency' updater.

Once again though it's the big issue of lack of communication with users that is annoying everyone.

  • the lack of any announcement that they would start to do this.
  • the lack of any option to decline the update.
  • the lack of any notification that they had force updated your version.

Once again it took a raft of complaints on the forum before the deigned to respond with a (misleading and incorrect) statement.

Piriform/Avast seem intent on a slow suicide for CCleaner. (I have my own suspicions about just why).

Share this post


Link to post
Share on other sites
46 minutes ago, nukecad said:

For "some users" read everyone who has an older version, and who hasn't already blocked/deleted their 'emergency' updater.

Yeah it's definitely not just "some users", at the very least it's "most users" but I'm pretty sure it's basically everyone not on the latest version (as you stated).

Share this post


Link to post
Share on other sites
7 hours ago, nukecad said:

Once again though it's the big issue of lack of communication with users that is annoying everyone.

that's the aspect of all things Piriform does that bothers me the most - the insanely limited, under-utilised, communication pathway they have with their user base on this forum whose actual existence is designed to give them that exact, direct avenue to their customers.

Share this post


Link to post
Share on other sites

Their silence on this emergency updater issue is deafening.

Have they learn't nothing from the last issue they had?

Stop treating CC users like information fodder, respect their CC settings, and for goodness sake... SAY SOMETHING.

EDIT.. The comments by users under that Bleepcomputer article are worth a read.

Share this post


Link to post
Share on other sites
2 hours ago, hazelnut said:

Have they learn't nothing from the last issue they had?

and the one before that....
and that one before that one...
and.....

It's the mug-users I feel sorry for as ultimately it is us, their loyal users, that haven't learnt anything from the last issue!
(well, most of us have but there are still the die-hards)

Share this post


Link to post
Share on other sites

For a while I've been of the opinion that the alienation of the CC userbase is being done deliberately.

I now even have a reasonable theory of why it is being done in this way, one that could make sense of it.
I've no proof of course, it's a theory that I can't share openly on the forum, but it is compelling.

 

Share this post


Link to post
Share on other sites
18 minutes ago, nukecad said:

(But if my suspicions are correct then it's working, and I even support it).

I wondered what you meant by this then I realised (I think) as if you have erm 'the other software' present or have seen it, then its not that difficult to actually speculate... I can see some logic in it.

Share this post


Link to post
Share on other sites

I redacted that bit but it's quoted now, fair enough.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...