lmacri
-
Posts
385 -
Joined
-
Last visited
Posts posted by lmacri
-
-
Does anyone know why the portable build of Speccy v1.32 (spsetup132.zip) is not posted on the builds page at https://www.ccleaner.com/speccy/builds? Has Avast stopped offering the portable build or are the links on the builds page currently missing?
I tried the download link for the the portable build on MajorGeeks at https://www.majorgeeks.com/files/details/speccy.html but that link is currently downloading the incorrect "standard" installer (spsetup132.exe). I eventually found an copy of the correct portable build (spsetup132.zip) archived on Softpedia site at https://www.softpedia.com/get/PORTABLE-SOFTWARE/System/System-Info/Speccy-Portable.shtml but when I post download links for other users in help forums I prefer to direct them to the original manufacturer's site.
-----------
64-bit Win 10 Pro Ver 1903 Build 18362.356 * Firefox ESR v68.2.0 * McAfee LiveSafe v16 (R20) / VirusScan v22.6.156 * Speccy Portable v1.32.740
Dell Inspiron 5584, Intel i5-8265U@1.60/1.80 GHz, 8 GB RAM, Intel UHD Graphics 620 -
1 hour ago, Dave CCleaner said:
The advantages of having a "Big Uncle" who is a security company - we're a harder target than we were back in 2017.
Hi Dave CCleaner:
According to the 21-Oct-2019 Avast blog entry Avast Fights Off Cyber-Espionage Attempt, Abiss that hazelnut referenced <above>:
Quote"...When analyzing the external IPs, we found that the actor had been attempting to gain access to the network through our VPN as early as May 14 of this year.
After further analysis, we found that the internal network was successfully accessed with compromised credentials through a temporary VPN profile that had erroneously been kept enabled and did not require 2FA....
...On September 25, we halted upcoming CCleaner releases and began checking prior CCleaner releases and verified that no malicious alterations had been made. As two further preventative measures, we first re-signed a clean update of the product, pushed it out to users via an automatic update on October 15, and second, we revoked the previous certificate. Having taken all these precautions, we are confident to say that our CCleaner users are protected and unaffected...."
If I understood that article correctly, hackers managed to access Avast's internal network several times over a four-month period using stolen login credentials and somehow managed to attain domain admin priviledges before these incursions were detected. They might not have managed inject malware into the CCleaner installer as they did in 2017 (see the BleepingComputer article Avast Clarifies Details Surrounding CCleaner Malware Incident for more information about a 2017 supply chain attack where the CCleaner v5.33 installer was infected with a Floxif trojan and released to users) but it sounds to me like "Big Uncle" still has room for improvement when its comes to securing their network access.
-
Thanks to both Dave CCleaner and hazelnut for their replies and links to blog entries that include further details about this internal network breach.
-
Does anyone have further details about the "important security updates" in CCleaner v5.63.7450 (released 15-Oct-2019) and whether this update is being pushed out via the CCleaner Emergency Updater to users who do not have automatic updating enabled? Was there a change to the security certificates, or is there an exploitable vulnerability in versions v5.57 and higher that has an associated CVE number?
From Ben CCCleaner's official product update announcement <here> :
Quote"In this release we have included some important security updates and minor UI improvements and bug fixes.
General
- Users on versions v5.57 through to v5.62 have been automatically updated to the new version to take advantage of its enhanced security and improved performance. Users will not notice any change to any of their product settings and can continue to use it as normal
- Minor UI changes and bug fixes..."
-
21 hours ago, Dave CCleaner said:
I am pleased to announce that the shiny new Speccy server is now finally operational! ...
Hi Dave CCleaner:
Thanks for the status update. I was able to publish a system snapshot to the new server this morning, and the URLs for my older snapshots (httx://speccy.piriform.com/results/ ...) seem to be working as well.
-----------
32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Deluxe v22.15.2.22 * Speccy Portable v1.32.740 -
1 hour ago, nukecad said:
There are a lot of Norton FPs being reported this week. Unconfirmed speculation is that they are pushing a new 'protection' product.
Hi nukecad:
My Norton Smart Firewall block isn't new to CCleaner v5.59, at least with the Norton Security v22.15.2.22 (the legacy version for Win XP and Vista) I use. I tested the previous CCleaner Portable v5.58.7209 and the screenshot I posted back on 17-Jun-2019 in the Norton Tech Outpost <here> shows the 32-bit ccleaner.exe v5.58 executable triggers a similar "suspicious online activity" block with my Norton Smart Firewall.
I sent Symantec a detailed false positive report (submitted at https://submit.symantec.com/false_positive/) on 17-Jun-2019 but the email I got back that same day stated "Having reviewed the information provided we are unable to reproduce or confirm the issue described."
I'm not sure if you mean the "new" Norton 360 v22.17.x Standard / Deluxe / with LifeLock Select products that are currently being sold to US customers only with extra features like Norton Secure VPN, PC SafeCam and Norton Data Protector (see the product comparison chart <here>) but as far as I know all Norton v22.x products use the same protection definitions [e.g., SDS (virus) Definitions, Intrusion Prevention Definitions, etc.] and I don't recall seeing an unusual number of false positive reports for malware detections in the Norton community in the past week. I would agree, however, that some of the new features in recent releases of Norton v22.17.2.x and v22.17.3.x (Win 7 SP1 and higher) have been quite buggy and should have undergone more beta testing before they went into wide release.
-----------
32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Deluxe v22.15.2.22 * Malwarebytes Free v3.5.1-1.0.365 * CCleaner Portable v5.47.6701
HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS -
2 hours ago, Dave CCleaner said:
@NFern: Thanks for the additional information. Were you able to send the crash report? Also, for your Presario, which service pack for Windows Vista are you using?
Hi Dave CCleaner:
Could you please explain why my posts were deleted from this thread? I don't believe I violated the forum rules, and I think my comments were relevant to this topic given that my screenshots showed that the Easy Clean feature for CCleaner Portable v5.58 and v5.59 do not cause a CCleaner crash on my own 32-bit Vista SP2 machine like they do for the OP NFern.
I tried publishing a Speccy snapshot of my system specs in one of my earlier posts in this thread so NFern could compare the configuration of our 32-bit machines, but Speccy's publishing server still hasn't been fixed even though Avast/Piriform employee Ben Piriform posted <here> on 13-May-2019 that the new server would be "up and running in the next few days".
-----------
32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Deluxe v22.15.2.22 * Malwarebytes Free v3.5.1-1.0.365
HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS -
1 hour ago, Andavari said:
This may be issue you're noticing:
https://forum.piriform.com/topic/54255-invalid-digital-signature-v559-slim-free/Hi Andavari:
I posted additional comments about my Norton Smart Firewall "suspicious activity" blocks in nikki605's thread <here> since I don't know if the problem NFern reported with Easy Clean is actually related to their antivirus. It was just an idea I wanted to throw out since my Norton AV seems to be constantly blocking the execution of recent versions of CCleaner Portable v5.58 and v5.59 on my 32-bit Vista SP2 machine unless I explicitly allow the execution.
-----------
32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Deluxe v22.15.2.22
HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS -
Hi nikki605:
Just an FYI that I was testing the 32-bit version of CCleaner Portable v5.59.7230 (i.e., after I upzipped the Portable build ccsetup559.zip on my USB thumb drive and tried to launch the 32-bit ccleaner.exe executable). My ccleaner.exe executable is also Untrusted by Norton and I have to explicitly allow this file to launch and then access my Norton Smart Firewall to prevent execution from being blocked. I don't know if it's relevant, but my v5.59 executable came bundle with a beta version of the Software Updater feature (signified by a yellow dot on the Tools panel).
My case is slightly different from yours but both our problems are likely related to the fact that our executables are Untrusted by Norton. You had a problem launching the v5.59 slim installer ccsetup559_slim.exe and Norton flagged your installer as having an invalid signature. In my case the problem is with the 32-bit program executable ccleaner.exe that launches the interface, and my Norton Smart Firewall block is triggered by suspicious activity.
VirusTotal reports my 32-bit ccleaner.exe v5.59 is clean (0/69 detection - see the report at https://www.virustotal.com/gui/file/ad9b2e0d70061b0f66f3a2ed640913dea805e34421094c9a22154bac9d16b7d7/detection) and Symantec is listed as one of the AV engines used to scan the file, so in my case it appears to be a heuristic (behavior-based) problem or issue with the poor reputation in the wider Norton community and not because the SHA256 hash hasn't been whitelisted yet.
Just another FYI that I normally use an older CCleaner Portable v5.47.6701 (i.e., before Feature Preview / forced beta testing of new features was introduced) on my Vista machine. I just got fed up having to deal with all the pop-ups, background network activity, firewall blocks, bugs, etc. every time I updated to a new version of CCleaner.
-----------
32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Deluxe v22.15.2.22 * Malwarebytes Free v3.5.1-1.0.365
HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS -
Hi NFern:
I ran a test today with CCleaner Portable versions 5.58.7209 and 5.59.7230 (i.e., the 32-bit ccleaner.exe run from a USB thumb drive) on my 32-bit Vista SP2 machine and didn't have any issues viewing the results of the Easy Clean analysis. I didn't actually click the Clean All button to see what would happen if I tried to clean all the detected trackers and junk files. I can't tell you if the "standard" installed versions behave the same way.
What antivirus program are you using on your computers? I normally use an older CCleaner Portable v5.47.6701 (i.e., before Feature Preview / forced beta testing of new features was introduced) and I noticed that my Norton antivirus is flagging the v5.58 and v5.59 ccleaner.exe executables as Untrusted when i try to run them from my USB thumb drive. I don't know if it's relevant, but my v5.58 and v5.59 executables both came bundle with a beta version of the Software Updater feature (signified by a yellow dot on the Tools panel) and I had to explicitly allow the ccleaner.exe v5.58 and 5.59 executables to launch and then access my Norton Smart Firewall to prevent them from being blocked by my antivirus.
-----------
32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Deluxe v22.15.2.22
HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS
-
I encountered this same problem today (15-Jun-2019). I haven't tried to publish a Speccy profile since 14-Mar-2019 so I don't know if it's a temporary glitch or if the server has been down since Killermaco reported this problem in early May 2019.
-----------
32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Deluxe v22.15.2.22 * Speccy Portable v1.32.740 -
3 hours ago, Andavari said:
Are any of you using any 3rd party disk defragmenting software?...
Hi Andavari:
No, I don't have any third-party defraggers like Piriform's Defraggler or Auslogics Disk Defrag installed and both defrag tasks in my Norton Security antivirus (Settings | Task Scheduling | Automatic Tasks | Disk Optimization and Settings | Administrative Settings | Idle Time Optimizer) are disabled.
I actually stopped using Piriform's Defraggler several years ago because it started wiping all my system restore points - see my 2014 thread Full Defrag Wipes All Restore Points. I eventually found a workaround (i.e., enable the option to Replace Windows Disk Defragmenter, close Defraggler, and disable the option again) but this bug was never fixed and I got fed up having to remember to toggle this setting every time I updated Defraggler .
From the last post <here> in my 2014 thread:
Quote"Piriform Support have also been running test defrags with Vista. Their results show Used Shadow Copy disk space increasing over the course of a Defraggler full disk defrag even when VSS is disabled, and that the number of restore points deleted at the end of the defrag depends in part on the max. space allocated for restore points (which can be adjusted with a command similar to "vssadmin resize shadowstorage /For=C: /On=C: /MaxSize=40GB"). Test results have been passed on to the developers and Piriform Support's last e-mail stated that 'hopefully we will be able to have this fixed in a future version'. "
-----------
32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Deluxe v22.15.1.8 * Malwarebytes v3.5.1-1.0.365 * CCleaner Portable 5.35.6210 -
On 1/25/2019 at 11:31, glenmarshall said:
After updating to the new Norton 360 version, CCleaner aborts when launched....
Hi glenmarshall:
When you say the "new" Norton 360, do you mean you recently purchased or were upgraded to Norton 360 Standard or one of the the new N360 offerings described at https://us.norton.com/n360?inid=hho_nortoncom_softlaunchredirect_360? If so, you might want to follow Paul Buettner's thread 360 Recent Up-Date and CCleaner in the NIS/N360/NAV board of the Norton forum while you're waiting for Piriform to release a bug fix.
As I noted in Paul Buettner's thread, Norton began offering these "new" Norton 360 products to select users about a month ago as part of a beta test - see tzon's 14-Dec-2018 thread Is this a new product? Norton 360 as well as Norton employee Gayathri_R's 19-Dec-2018 product announcement Have you seen new offerings on Norton.com? It’s a beta test!. At the moment we have no idea if these "new" N360 products are still in beta or whether users can downgrade back to their "old" N360/N360P products with their current product key if they wish to do so.
------------
32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Deluxe v22.15.1.8 -
13 hours ago, PCFYTV said:
Unfortunately, rolling back to v5.35 didn't solve the problem.
Not sure what's causing it, but a little research suggests it's pretty common — and very difficult to solve...
Hi PCFYTV:
One hint about your troubleshooting.
As I noted <here> on 04-Jul-2018, my system restore points are intermittently wiped when my system tries to create a system restore point (SRP) and a volsnap error occurs after newer versions of CCleaner are run (i.e., not while CCleaner is running). I'm still not certain of the cause, but it almost seems like newer versions of CCleaner reset a configuration setting / registry entry or run a background task that triggers a volsnap errors the next time my system tries to create a SRP. That means that if I'm testing a particular CCleaner version (e.g., CCleaner Portable v.5.35) I have to run that same Cleaner version for a few weeks or so and monitor whether my SRPs are being deleted. According to Tomasz Szynalski's old blog post What You Should Know About Volume Shadow Copy/System Restore in Windows 7 & Vista (FAQ):
Quote"With the default settings, there is no guarantee that shadow copies will be created regularly. In particular, Windows 7 will only create an automatic restore point if the most recent restore point is more than 7 days old. On Windows Vista, the minimum interval is 24 hours, but remember that the System Restore task will only run if your computer is on AC power and idle for at least 10 minutes, so it could take days before the conditions are right, especially if you run a lot of background processes or do not use your computer frequently."
That blog post also states that "if you use your machine every day on AC power and nothing prevents it from entering an idle state, you can expect automatic restore points to be created every 1-2 days on Windows Vista and every 7-8 days on Windows 7". Other conditions will trigger the creation of a SRP (e.g., before Windows Update applies a system update), but it might take to a long period of testing to figure out exactly what's deleting the SRPs on your Win 7 SP1 machine.
I can't say with 100% certainty that newer versions of CCleaner are responsible for my volsnap errors but I haven't been able to correlate anything else so far (e.g., a Malwarebytes Free Threat Scan, Norton Security Automatic LiveUpdate, etc.) with my volsnap errors. By default, scheduled SRPs are normally created during system idles on my Vista SP2 machine so I have always suspected that some background task that runs during a system idle is the culprit.
-----------
32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Deluxe v22.15.1.8 * Malwarebytes v3.5.1-1.0.365 * CCleaner Portable 5.35.6210 -
On 10/28/2018 at 22:08, Aethernaut said:
I noticed that when CCleaner was running (monitoring was supposedly switched off and I'd supposedly opted out of everything else) my machine constantly contacted:
ip-info.ff.avast.com
shepherd.sb.avast.com
analytics.ff.avast.comThere appears to be nothing at ip-info.ff.avast.com but a search for the URL found a reference to http://ip-info.ff.avast.com/v1/info in an Avast support forum. This does work and going to the address displays accurate data under each of the below headings:
ip address - continent - continentCode - country - countryName - City - timezone - latitude - longitude - isp* - asnNumber* - asnOrganization* - organization* - postalCode
Headings marked * relate to my ISP, the rest are personal (including lattitude, longitude and postcode).
I have not determined what data the other URLs are after, however I notice that analytics.ff.avast.com is included in tracking blocklists.
Now uninstalled and the whole avast.com domain is blocked outgoing until I am happy it has actually gone.
Getting back to Aethernaut's original question about location and IP address tracking, have the v5.49.6856 (12 Nov 2018), v5.50.6911 (29 Nov 2018) or v5.51.6939 (13 Dec 2018) updates given users any additional control over how this data is collected? If not, does Avast have any plans to include a setting in a future release to allow users to opt out of this type of tracking?
My understanding is that the new update settings in v5.50.6911 now allow users to disable the CCleaner Emergency Updater that was introduced back in v5.36.6278 (see the AskVG article [Tip] Customize and Control CCleaner Automatic Updates Settings) but I can't see any new settings to disable the collection of tracking data that Avast employee Stephen Piriform discussed in his 29-Oct-2018 post <here> in this thread.
After reading employee Stephen Piriform's response, I still don't understand the justification for collecting this type of location tracking data with CCleaner - it's a disk cleaning utility, not a real-time antivirus program.
------------
32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Premium v22.15.1.8 * CCleaner Portable v5.47.6716 -
On 10/26/2017 at 20:01, lmacri said:
...According to Martin Brinkmann's ghacks.net article CCleaner 5.36 Emergency Updater this new feature is likely based on the Avast Antivirus Emergency Updater introduced in 2012.
I agree with c627627 that Piriform should add an option to the CCleaner settings to give users a simple way to permanently disable this new Emergency Updater. CCleaner is a disk cleaner - not a real-time antivirus protecting my system from malware attacks - and users like myself who have already disabled the option to Automatically Check for Updates to CCleaner might not want CCUpdate.exe launching at boot-up and connecting to a remote server every day to check for "emergency" updates...
According to the AskVG article [Tip] Customize and Control CCleaner Automatic Updates Settings, the Emergency Updater introduced in v5.36 can be disabled in v5.50 (released 29-Nov-2018) by disabling Options | Updates | Important Updates (highly recommended). Could someone please confirm this is correct, and that disabling this setting actually disables the Windows scheduled task CCleaner Update?
-----------
32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security v22.15.1.8 * CCleaner Portable v5.47.6716 -
I'm thoroughly confused. The v5.48 release notes at https://www.ccleaner.com/news/release-announcements/2018/10/25/ccleaner-v5486834 state that "in the future we will add support for opting out of feature previews, so if you’re not interested in potentially being selected for this, you can remain on version 5.47 for the time being."
The v5.50 release notes posted today at https://www.ccleaner.com/news/release-announcements/2018/11/29/ccleaner-v5506911 state in part:
QuoteSoftware Updates
Based on your feedback this version offers more control and transparency over when updates are performed. More information on these changes can be found on the CCleaner Blog.- Added new menu: ‘Options’ > ‘Updates’
- Moved ‘Inform me of updates to CCleaner’ setting to the ‘Updates’ menu
- Replaced ‘Enable silent background updates’ setting with separate settings for automatic product updates and product update notifications
- Added new settings to control important updates and their notifications
- Automatic product updates are now enabled for anyone upgrading to CCleaner Professional (these can be disabled in the ‘Updates’ menu)
I read today's blog entry Introducing New and Improved CCleaner Update Settings! and still have no idea if Feature Previews would fall into the category of "Important Updates (highly recommended)" or "Product Updates (recommended)" - or perhaps neither.
-----------
32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security v22.15.1.8 * CCleaner Portable v5.47.6716 -
On 10/25/2018 at 12:07, Aelson said:
I read about " Feature Previews" on https://www.ccleaner.com/news/release-announcements
But didn't find anything about it in the CCleaner v5.48 after installing it.
On 10/26/2018 at 04:39, Aelson said:...As they mentioned on the link, at this time users randomly get selected for "feature previews".
"In the future we will add support for opting out of feature previews, so if you’re not interested in potentially being selected for this, you can remain on version 5.47 for the time being."...
Hi Aelson:
Just an FYI that I unzipped the portable build of CCleaner v5.49.6856 (rel. 12-Nov-2018) on a USB thumb drive and can't see any new setting in the GUI that would allow users to opt out of the Feature Previews added in v5.48. There's also no mention of an opt-out setting in the v5.49 release announcement at https://www.ccleaner.com/news/release-announcements.
I'll guess be sticking with the old CCleaner v5.47.6716 until someone from Avast/Piriform can clarify what's going on with Feature Previews and the possibility of unexpected (forced) product updates for beta-testing.
-----------
32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security v22.15.1.8 * CCleaner Portable v5.47.6716 -
This could be related to the issue reported on 03-Oct-2018 in dstaggs' thread CCleaner Disk Analyzer - reported file sizes are large and wrong.
-
1 hour ago, Stephen Piriform said:
The changelogs for 5.47.6701 and 5.47.6716 are identical, except the latter has a bugfix for a checkbox in the Privacy menu that we felt was essential to fix.
You should be getting v5.47 on the download now.
Hi Stephen Piriform:
Today's change log for v5.47.6716 at https://www.ccleaner.com/ccleaner/version-history does not mention the bug fix "Calling the Windows 'ping' function is now done explicitly from the /system32/ directory (fixes a potential vulnerability)" that is included in the original list of bug fixes for v5.47.6701 in Vishal Gupta's 18-Sep-2017 askvg.com article CCleaner 5.47 Now Available for Download.
Was this vulnerability left unpatched to expedite the release of the new v5.47.6716?
-----------
32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * NS v22.15.1.8 * CCleaner Portable v5.47.6716 -
I'm not exactly sure what's going on but it appears that CCleaner v5.47.6701 was released to the public yesterday (18-Sep-2018) at https://www.ccleaner.com/ccleaner/download and then quickly pulled because of a bug where Options | Privacy | Help Improve CCleaner by Sending Anonymous Usage Data would automatically re-enable itself at the next launch after being disabled by the user. See patrickdrd's 18-Sep-2018 post in the thread CC 5.44.6575: /Auto and Trash Bin Context "Run" No Longer Works and Stephen Piriform's response <here> about v5.46 being re-posted to the update servers.
Can any of the beta testers reproduce this bug with beta version CCleaner Beta v5.47.6700, or was this "bug" introduced in v5.47.6701?
-----------
32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * NS v22.15.1.8 * CCleaner Portable v5.46.6652 -
2 hours ago, cliftonprince said:
Am I correct in understanding that 5.46 still phones home even if certain settings are chosen which should not only (a) make it unnecessary but also (b) preclude it from doing so? Am I correct in understanding that 5.46's improvements to the problematic monitoring in 5.45 are, therefore, only half-improvements? I have tried to gather what information I could, from reading threads such as this one, but I'm not yet convinced that I should adopt 5.46 over 5.45....
Hi cliftonprince:
If you disable Options | Settings | Inform Me of Updates to CCleaner, Options | Privacy | Help Improve CCleaner by Sending Anonymous Usage Data and Options | Monitoring | Enable Active Monitoring in v5.46 , my understanding is that v5.46 will still be collecting limited data and phoning home - see the table in the new Data Factsheet at https://www.ccleaner.com/about/data-factsheet. The previous v5.45 was even more intrusive than v5.46 because the CCleaner executable would continue to run after the program interface was closed in v5.45 even if you disabled Active Monitoring and you would have to manually kill the ccleaner.exe (or ccleaner64.exe) process in your Windows Task Manager to stop the collection of "heartbeat" data - see Avast employee Paul Piriform's 27-Jul-2018 post in the thread Piriform Personal Security Concern with CCleaner Latest v. 5.45.6611.
I would also suggest using the portable build of CCleaner that does not require installation on your hard drive. Just download the zipped file (e.g., ccsetup546.zip) from the builds page at https://www.ccleaner.com/ccleaner/builds and save it to a folder on a removable USB thumb drive (e.g., F:\CCleaner). Then unzip that file on your USB thumb drive and double-click the correct executable (ccleaner.exe for 32-bit OSs; ccleaner64.exe for 64-bit OSs) to run the program. I've tested with CCleaner Portable v5.46 and I can't see any trace of the Emergency Updater (i.e., no bundled ccupdate.exe and no scheduled tasks associated with CCleaner created in my Windows Task Scheduler) - at least on my 32-bit OS. As a precaution I've blocked all traffic for the CCleaner executable through my firewall, but as you noted in a previous post, that only prevents me from running a check for available program updates on the Avast/Piriform servers.
Quote...Right now, due to the issues with CCleaner version 5.45, I have retro-graded to 5.32, which I understand to be the last version released by Piriform before Avast took over. I think I'm staying with 5.32 ... or is 5.46 now "safe"?
The v5.32 you're currently using might eventually cause problems because this version has out-of-date digital signatures (e.g., it might be flagged as a possible threat by your antivirus). If you want to minimize the amount of collected data being sent back Avast/Piriform I wouldn't advise rolling back any further than v5.35.6210 released on 20-Sep-2017 since the v5.35 executables are signed with newer digital signatures (i.e., it was released after the bundled Floxif malware of v5.33 and old digital signatures of v5.34 but prior to the Emergency Updater of v5.36). Just keep in mind these earlier versions of CCleaner were optimized for older versions/builds of your Windows OS and browser and might not work correctly if you use v5.35 to clean the current software installed on your system.
-----------
32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Premium v22.15.0.18 * CCleaner Portable 5.35.6210 -
48 minutes ago, arensky said:
...Interestingly, I loaded this release onto a new Windows 10 PC (using Windows Defender by default) and, without asking, the installer loaded the Avast Anti-Virus; this is most inappropriate. I had then to uninstall the AV as, a friend, the ultimate user of this PC, prefers another AV that they're supplying next week. I do trust that this isn't indicative of a new direction for Ccleaner under its new management....
Hi arensky:
See APMichael's screenshot in kiddac's thread Avast Hidden Install as well as Martin Brinkmann's Nov 2017 article Avast Bundles CCleaner with Avast Free Antivirus on ghacks.net. If you are using the standard installer (i.e., rather than the slim installer or portable build at https://www.ccleaner.com/ccleaner/builds) to perform a new CCleaner installation you must ensure the checkbox to install the bundled Avast Free Antivirus is disabled in the installation wizard.
It might be advisable to run the Avast uninstall utility (available at https://www.avast.com/uninstall-utility) to ensure any orphaned registry entries and files left behind after the Avast Free Antivirus uninstall are wiped off your friend's computer so these remnants don't interfere with their preferred AV.
-----------
32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Premium v22.15.0.88 * CCleaner Portable v5.35.6210 -
On 7/11/2018 at 08:45, lmacri said:
Further to my post <here> of 08-Jul-2018, I have more evidence that this problem could be associated with CCleaner v5.44.
I ran CCleaner v5.44 the mornings of 08-Jul-2018 and 09-Jul-2018. I had ~98 GB of used disk space the morning of 10-Jul-2018 but when I checked again in the evening my used disk space had dropped by about 10 GB to 88 GB, there was another volsnap error in my Event Viewer, and the vssadmin list shadowstorage command showed 0 GB of my allotted 33 GB of disk space for restore points (RPs) was being used (i.e., all my RPs had been wiped)....
I have no idea if any Piriform/Avast employees are monitoring this thread, but I felt I should post another update now that v5.45 has been pulled from the download servers and v5.44 (i.e., the version that wipes my restore points) is now the "recommended" version.
I haven't had any further volsnap errors logged in my Event Viewer since I stopped using CCleaner Portable v5.44 on 10-Jul-2018. The vssadmin list shadowstorage command shows I've continued to accumulate restore points since then and I maxed out my allotted 33 GB of reserved disk space on my C:\ drive some time around 12-Aug-2018...
..and my current CCleaner Portable v5.35 shows I currently have 15 restore points dating back to 26-Jul-2018. As expected, my oldest restore point is deleted before a new restore point can be created now that I've maxed out my allotted disk space for saving restore points.
Just an FYI that I decided to roll back all the way to CCleaner Portable v5.35.6210 (rel. 20-Sep-2017) using a ccsetup535.zip file I found on my external backup drive. This version was released after the bundled Floxif malware of v5.33 and has newer digital signatures than v5.34 but does not include unwanted features like the Emergency Updater of v5.36, intrusive pop-up advertisements of v5.44 or the Active Monitoring that runs continuously in the background (even when disabled) of v5.45.
-----------
32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Premium v22.15.0.88 * Malwarebytes v3.5.1-1.0.365 * CCleaner Portable v5.35.6210
HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS
Can't Find Speccy Portable v1.32 Download Link on Builds Page
in Speccy
Posted
Hi hazelnut:
Thanks for the heads up. It's concerning, though, that Avast/Piriform has known since 10-Oct-2019 that the download links to the Slim and Portable versions of these three utilities are broken and still haven't fixed them. When I'm helping someone troubleshoot a problem and ask them to publish a Speccy snapshot of their system, running Speccy Portable from a USB thumb drive is sometimes their only viable option.
-----------
64-bit Win 10 Pro Ver 1903 Build 18362.356 * Firefox ESR v68.2.0 * McAfee LiveSafe v16 (R20) / VirusScan v22.6.156 * Speccy Portable v1.32.740