If you've recently tried to install the free version of CCleaner utility to clean and optimize your PC, you might have noticed that Microsoft Defender is now detecting it as a potentially unwanted application (PUA). The company has quietly updated its malware encyclopedia site to indicates that Microsoft Defender flags some CCleaner installers that bundle third-party products (via Bleeping Computer).
Microsoft has detailed four third-party software on its site that have been found bundled with certain installers for free and 14-day trial versions of CCleaner, including Google Chrome, Google Toolbar, Avast Free Antivirus, and AVG Antivirus Free. "While the CCleaner installers do provide an option to opt out, some users can easily inadvertently install these bundled applications," the company explained.
To be clear, Microsoft Defender should only flag the free version of CCleaner if users have already enabled the protection against PUAs in Settings. While Microsoft isn't preventing Windows users to use CCleaner if they really want to, the company has been recommending users to avoid them for quite some time. A support page dedicated to registry cleaning utilities explains:
Some products such as registry cleaning utilities suggest that the registry needs regular maintenance or cleaning. However, serious issues can occur when you modify the registry incorrectly using these types of utilities. These issues might require users to reinstall the operating system due to instability. Microsoft cannot guarantee that these problems can be solved without a reinstallation of the Operating System as the extent of the changes made by registry cleaning utilities varies from application to application.
In a statement to BleepingComputer, Microsoft clarified that Microsoft Defender only flags the free version of CCleaner because it comes with "bundled offers." "Our potentially unwanted application protection aims to safeguard user productivity. We detect instances anytime software offers to install other software that is not developed by the same entity or not required for the software to run, no matter the third party," Microsoft explained.
David Peterson, General Manager at CCleaner, told BleepingComputer that he was surprised by Microsoft Defender's sudden change of behavior regarding CCleaner. "We discovered this classification on Tuesday, after reports from our customers of difficulties installing CCleaner with Windows Defender. We believe this is a "false positive" - we are in discussions with Microsoft and expect a resolution to this matter soon," Peterson said.