Back to Blog
What Happened to CCleaner? How a Beloved Tool Got Ruined

What Happened to CCleaner? How a Beloved Tool Got Ruined

119 views
By Lounes Hareb
ccleaner

For 15 years, CCleaner was the universal recommendation. Every "must-have free software" list included it. Every tech-savvy friend installed it on your parents' computer. It was the brand name for cleaning up a Windows PC.

In 2026, recommending CCleaner is something experienced users actively warn against. The decline didn't happen all at once. It was a slow series of decisions, acquisitions, and incidents that hollowed out one of the most trusted names in free software.

This article documents exactly what happened, year by year, with sources and specifics. If you've ever wondered "is CCleaner safe to install in 2026" or "what happened to CCleaner", this is the complete answer.

Quick Answer

CCleaner was created in 2003 by Piriform, a small British company, and became the dominant free Windows cleaner by 2010. In July 2017, Piriform was acquired by Avast, the antivirus company. Within two months, CCleaner suffered a major supply-chain malware attack that infected 2.27 million users. Over the next eight years, the software accumulated telemetry, ads, nag screens, bundled software, and forced features. As of 2026, Microsoft's built-in Windows tools handle most of what CCleaner originally did, and security experts no longer recommend installing it.

The Original CCleaner: 2003 to 2017

CCleaner stood for "Crap Cleaner" when it was first released in September 2003 by Piriform, a software company based in London. The original purpose was simple: scan a Windows PC, find temporary files, browser caches, log files, and registry leftovers, and delete them safely.

For roughly a decade, CCleaner was almost universally praised. It was:

  • Genuinely fast

  • Free with no nag screens

  • Lightweight (early versions were under 5 MB)

  • Effective at what it did

  • Updated regularly

  • Free of bundled software (in its early years)

By 2010, CCleaner had been downloaded over 1 billion times. By 2016, that number exceeded 2 billion. It was, by raw download numbers, one of the most popular pieces of software in the world.

Piriform also developed other tools (Defraggler, Recuva, Speccy) but CCleaner remained the flagship. The company had a reputation for being small, focused, and user-respecting.

That changed in July 2017.

The Avast Acquisition: July 2017

On July 18, 2017, Avast Software announced the acquisition of Piriform for an undisclosed sum. Avast was already known as a major antivirus company, but had also developed a reputation in privacy circles for aggressive bundling practices and questionable data collection.

The acquisition was framed as positive: more resources, broader reach, continued development. The CCleaner blog assured users that nothing would change for the worse.

This assurance did not age well.

The 2017 Supply Chain Attack

In September 2017, less than two months after the Avast acquisition, CCleaner became the victim of one of the most significant supply-chain attacks in software history.

What happened: unknown attackers compromised CCleaner's build environment. They modified the official CCleaner installer to include a backdoor. This malicious version was distributed through Piriform's own legitimate distribution channels, signed with Piriform's valid certificate, between August 15 and September 12, 2017.

The numbers:

  • 2.27 million users downloaded the infected version

  • The malware specifically targeted technology companies (Cisco, Microsoft, Intel, Samsung, Sony, VMware, Akamai, Linksys, and others)

  • A second-stage payload was delivered to 40 specific tech companies

  • The attack is widely attributed to APT 17, a Chinese state-sponsored group

The discovery came not from Piriform or Avast, but from Cisco's Talos security research team. Cisco notified Avast on September 13, 2017. The infected version had been distributed for nearly a month before discovery.

Avast's response was technically competent (they pushed updates and notified affected enterprises) but the incident permanently damaged trust. The company that had just acquired one of the most-installed pieces of software on Earth had failed to detect a backdoor in its own build pipeline.

The Slow Decline: 2018 to 2020

After the supply chain incident, CCleaner's character began to change. Each individual change seemed small. Cumulatively, they transformed the software.

2018: CCleaner introduced an "active monitoring" feature that runs in the background by default. Users had previously been able to launch CCleaner only when they wanted to use it. Now it always ran. This was framed as a feature, but it was also additional surveillance surface and additional opportunity to nag users about upgrades.

Late 2018: an update silently re-enabled telemetry that users had disabled. Avast acknowledged this as a "bug" after community outrage. The fact that the bug pushed in the direction of more data collection (rather than less) was noted by skeptics.

2019: increasingly aggressive prompts to upgrade to CCleaner Professional ($24.95/year) appeared throughout the free interface. The free version began nagging users multiple times per session.

2020: the Jumpshot scandal. This was the bigger story.

The Jumpshot Scandal: January 2020

In January 2020, a joint investigation by Motherboard and PCMag revealed that Avast had been selling extremely detailed user browsing data through a subsidiary called Jumpshot. The data included:

  • Google searches

  • Locations and GPS coordinates on Google Maps

  • Visits to specific LinkedIn pages

  • Specific YouTube videos watched

  • Visits to porn websites with dates, time, and content type

This data was being sold to major corporations (reportedly including Google, Microsoft, Pepsi, Home Depot, and others) for what investigators described as millions of dollars in revenue.

The data was technically "anonymized" but security researchers demonstrated that individual users could be re-identified from the browsing patterns. The data came from Avast's free antivirus, but it also came from CCleaner.

The fallout:

  • Avast announced the shutdown of Jumpshot on January 30, 2020

  • Avast was fined by the FTC and required to pay $16.5 million in 2024

  • Mozilla and other organizations removed Avast browser extensions from their stores

  • Trust in Avast products, including CCleaner, took a permanent hit

The Jumpshot scandal demonstrated definitively that "free" Avast products were monetized through user data sale. This was the business model. The cleanup tools and antivirus were the surface; the data collection was the product.

The Bundling Years: 2021 to 2023

Throughout this period, CCleaner installers became increasingly aggressive about bundling additional software. The pattern was familiar to anyone who had used 2010s-era free software:

  • The default installation option included Avast Antivirus, Avast Secure Browser, Avast SecureLine VPN, or some combination

  • Opting out required clicking "custom install" and unchecking specific boxes

  • The unchecking boxes were sometimes placed in non-obvious locations

  • Bundled software would auto-install if users clicked "next" without scrutinizing

These practices weren't illegal. They were a standard "monetization" approach for free Windows software. But they crossed the line from "useful free tool" to "vector for distributing other Avast products."

The 2023 Data Breach

In June 2023, Piriform notified some users of a data breach. The breach affected users who had registered CCleaner accounts. Personal information including names, contact details, and partial payment information was potentially exposed.

The breach was disclosed late. Affected users were not always notified individually. The full scope was never publicly clarified.

Coming six years after the supply chain attack, this incident reinforced a pattern: CCleaner, under Avast and then under Avast's parent company Gen Digital, had repeated security failures.

Avast Becomes Gen Digital: 2022

In September 2022, NortonLifeLock completed its acquisition of Avast for $8 billion, creating Gen Digital. This added another layer of corporate ownership between CCleaner users and the original Piriform team.

Gen Digital now owns:

  1. Norton Antivirus
    Avast Antivirus
    AVG Antivirus
    Avira
    CCleaner
    LifeLock
    And other security/privacy products

This consolidation matters because it created a single corporate entity that owns most of the consumer security software market. Trust failures at the parent level affect every product.

What CCleaner Became by 2025

By 2025, CCleaner had accumulated a long list of behaviors that distinguished it from the lightweight tool it once was:

Telemetry: extensive data collection enabled by default, with opt-outs sometimes silently reset by updates.

Real-time monitoring: background process always running, even when CCleaner wasn't actively in use.

Account requirements: certain features began requiring an Avast/Gen Digital account.

Subscription nagging: free users see multiple upgrade prompts per session.

Bundled software: continued aggressive bundling of other Gen Digital products.

AI features: in late 2024, CCleaner added AI-based "system optimization" features. The features were primarily marketing, the AI scoring was opaque, and the functionality was tied to cloud services.

Performance concerns: the original CCleaner ran in seconds on weak hardware. Modern CCleaner is noticeably heavier and slower.

The software still works as a Windows cleaner. It can still delete temp files and registry entries. But it does so while collecting data, nagging for upgrades, running background services, and trying to install adjacent products.

Is CCleaner Safe to Install in 2026?

The honest answer: it depends on your definition of "safe".

Will CCleaner give you a virus? No. Despite the 2017 incident, current CCleaner is not malware in any normal sense.

Will CCleaner collect data about you? Yes. By default, it sends telemetry to Gen Digital. Some of this can be disabled in settings, though changes have historically been reset by updates.

Will CCleaner pressure you to buy things? Yes. The interface is designed to upsell.

Will CCleaner install other software you didn't want? If you're not careful during installation, yes.

Will CCleaner do meaningful work for you? This is where it gets interesting. In 2026, Windows' built-in tools handle most of what CCleaner does.

What Windows Already Does for Free

Modern Windows includes capabilities that didn't exist or weren't good when CCleaner became popular:

Storage Sense: built into Settings > System > Storage. Automatically deletes temporary files, empties recycle bin on a schedule, and removes downloaded files that haven't been touched in 30+ days.

Disk Cleanup: the classic tool, still available, handles system files, old Windows installations, update caches, and more.

Windows Update cleanup: automatic in current Windows, no third-party tool needed.

Browser cache cleanup: every modern browser (Edge, Chrome, Firefox) includes built-in cache management.

Startup management: Task Manager's Startup tab handles what CCleaner used to do for startup programs.

Privacy controls: Windows' privacy settings handle most of what users wanted from third-party "privacy" features in CCleaner.

For 95% of users, Windows' built-in tools cover everything CCleaner originally did, without telemetry, ads, or upsells.

Better Alternatives to CCleaner

If you genuinely want a third-party Windows cleaner (some users prefer dedicated tools), here are the actually-good options:

BleachBit: open source, no telemetry, was originally developed for whistleblowers and journalists who needed verifiable cleaning. Now general-purpose. Free forever, no nagging, no bundling.

PrivaZer: less famous, still independent, focused specifically on privacy-respecting cleaning. Free tier is generous. Owned by a small independent developer.

Windows built-in tools: as covered above, sufficient for almost everyone.

None of these are Gen Digital products. None of them will be acquired tomorrow because they're either open source or run by independent developers without VC pressure.

What This Story Tells Us

The CCleaner story is not unique. It's a template that has repeated across free software:

  1. A small, focused team builds genuinely useful software

  2. The software becomes popular due to its quality

  3. A larger corporation acquires the project

  4. The new owner adds telemetry, ads, bundling, subscriptions

  5. The original audience leaves, slowly, often without realizing they should

  6. The brand name persists for years on momentum alone

  7. New users still install the software because of historical reputation

This pattern has played out with CCleaner, with Avast itself, with several formerly-trusted password managers, with various media tools, and with countless mobile apps.

The general lesson: when free software gets acquired by a venture-backed or publicly-traded corporation, the clock starts ticking on its quality. Not always. Not immediately. But often enough that you should pay attention to ownership changes.

Frequently Asked Questions

Is CCleaner still free?

A free version of CCleaner still exists, but it includes ads, nag screens, telemetry, and bundling. The paid version (CCleaner Professional) costs $24.95 per year. The "free" experience has degraded significantly from the original.

Did CCleaner get hacked?

CCleaner suffered a major supply-chain attack in September 2017, less than two months after being acquired by Avast. Approximately 2.27 million users downloaded an infected version distributed through official channels. A separate, smaller data breach affecting CCleaner accounts occurred in 2023.

Who owns CCleaner now?

CCleaner is owned by Gen Digital, the company formed by the 2022 merger of NortonLifeLock and Avast. Gen Digital also owns Norton, Avast, AVG, Avira, and LifeLock.

Should I uninstall CCleaner?

For most users in 2026, yes. Windows' built-in cleanup tools (Storage Sense, Disk Cleanup) handle the same tasks without telemetry or upsells. If you specifically want a third-party cleaner, BleachBit or PrivaZer are better choices.

Is CCleaner malware?

CCleaner is not malware in the traditional sense as of 2026. However, it collects telemetry, displays advertising, attempts to bundle additional software, and has had multiple security incidents. Some security researchers classify it as PUP (potentially unwanted program) in certain configurations.

Did Avast sell my data?

Avast sold detailed browsing data through its Jumpshot subsidiary from 2014 to 2020. The data came from Avast antivirus and CCleaner users. Avast was fined $16.5 million by the FTC in 2024 for this practice. Jumpshot is no longer operating.

What is the best free alternative to CCleaner in 2026?

The Windows built-in tools (Storage Sense, Disk Cleanup) cover most needs. For a dedicated third-party cleaner, BleachBit is the recommended open-source option. It has no telemetry, no ads, and no bundled software.

The Bottom Line

CCleaner was once a genuinely excellent piece of software, made by a small focused team, distributed freely without strings. That version of CCleaner stopped existing around 2017.

The current product, owned by Gen Digital, is a different thing wearing the same name. It still cleans your computer. It also collects your data, tries to sell you subscriptions, bundles other products, and runs background services you didn't ask for.

In 2026, you don't need it. Windows handles the cleaning. If you want extra, use BleachBit. If you don't want extra, don't install anything.

CCleaner had a 22-year run. It earned its legendary status. The brand kept living after the soul of the original product was gone. Eventually, brands like this fade. Recognizing that this one already has is the first step.

Share this article

L

Lounes Hareb

Author

Passionate about free software and helping developers find the best tools.

Related Articles

Why I Stopped Paying for Microsoft Office

Why I Stopped Paying for Microsoft Office

May 21, 2026
49 views
Best Free VPN Services: Which Ones Are Actually Worth Using?

Best Free VPN Services: Which Ones Are Actually Worth Using?

May 21, 2026
61 views
Best Free Password Managers: Bitwarden vs KeePassXC vs Proton Pass

Best Free Password Managers: Bitwarden vs KeePassXC vs Proton Pass

May 21, 2026
122 views

Popular Articles

Essential Free Tools for Web Developers in 2026
1

Essential Free Tools for Web Developers in 2026

1,706 views
Oct 19, 2025
10 Best Free Video Players for Windows 11 in 2026
2

10 Best Free Video Players for Windows 11 in 2026

413 views
Feb 2, 2026
PearOS: A macOS-Inspired Linux Distribution Built on Arch
3

PearOS: A macOS-Inspired Linux Distribution Built on Arch

313 views
Jan 18, 2026

Subscribe to Newsletter

Get the latest articles and free software recommendations delivered to your inbox.