What software really does

The CCleaner installer collects 21 SMBIOS hardware identifiers, system specs, and behavioral telemetry. A Shepherd configuration request containing tracking identifiers fires before the user consents. All data goes to analytics.avcdn.net. No Google Analytics or third-party sharing, but the hardware fingerprinting is aggressive — reading serial numbers from motherboard, CPU, RAM, disks, battery, and power supply.

The Avast installer is significantly more aggressive than CCleaner (same parent). It integrates Google Analytics with a hardcoded API secret in plaintext, performs IP geolocation before consent, fires 5+ pre-consent network requests, and once installed deploys kernel-level DNS-over-HTTPS interception and deep packet inspection across 17 protocol handlers. The FTC fined Avast $16.5M in 2024 for selling 8+ petabytes of browsing data through its Jumpshot subsidiary.