Windows 10 Declares War On Popular CCleaner App, And Why Firefox Users Should Steer Clear

Windows CCleaner
Microsoft is fed up with CCleaner, a popular utility that has been around for a decade and a half. Originally called "Crap Cleaner," CCleaner aims to do a better job at removing files and programs than Windows does on its own, with the promise of making PCs run faster. However, Microsoft has updated its Windows Defender security scanner to recognize CCleaner as a PUA, or potentially unwanted application.

To be clear, a PUA is different from a virus or outright malware. On the surface, Microsoft's issue with CCleaner is that the free and trial-based paid versions come bundled with applications that are not required or even produced by Piriform, the company that developed the utility.

"While the bundled applications themselves are legitimate, bundling of software, especially products from other providers, can result in unexpected software activity that can negatively impact user experiences. To protect Windows users, Microsoft Defender Antivirus detects CCleaner installers that exhibit this behavior as potentially unwanted applications (PUA)," Microsoft explains.

It is worth noting that Avast bought Piriform in 2007, and subsequently bundled some of its wares in CCleaner. Since being acquired, CCleaner has come under criticism at times—users had complained about a previous version getting rid of a privacy setting to prevent the utility from sending anonymous usage data back to Piriform, and another version had a bug that was causing it to fetch updates even when disabling automatic updates.

This might all be playing a role in Microsoft's hard-line stance against CCleaner. Adding the utility to its list of PUAs is just the latest move by Microsoft to dissuade Windows users from running the program, and not the only one. Last year, Microsoft added a filter to its Community forums that effectively banned links to CCleaner (the filter has since been removed).

In general, Microsoft is not a fan of third-party programs that muck around in the Registry. Deleting entries is of dubious benefit to performance, and runs the risk of breaking things. One of the things that can get a program labeled as a PUA is if it makes "misleading or inaccurate claims about files, registry entries, or other items on your PC."

For now, Microsoft is only identifying the free version of CCleaner as a PUA.

"Our potentially unwanted application protection aims to safeguard user productivity. We detect instances anytime software offers to install other software that is not developed by the same entity or not required for the software to run, no matter the third party," Microsoft told BleepingComputer.

Piriform also offered up a comment to the site, saying it believes the classification is a "false positive" and that it is "in discussions with Microsoft and expect a resolution to this matter soon."

In somewhat related notes, TechDows reports that CCleaner is wiping Firefox extension settings. According to the site, this is due to a new storage sync setting in Firefox 79, which is tripping the utility up. Users reported this to Piriform in July when Firefox 79 was still in beta, but it does not seem to be resolved now that it has been launched to the general public.

Update
A spokesperson for Avast reached out to us after publishing this article and provided the following the statement:

"We are in the process of engaging with Microsoft to understand why CCleaner was recently detected as PUA. We surmise the issue appears to be around bundling, and we believe we have addressed this so that our product is now no longer flagged."