CCleaner 5.44 comes with advertising popups
If you run the free version of the popular temporary file cleaner and system tool CCleaner for Windows, you may have noticed that it has started to display advertising popups on the system.
I noticed the behavior after installing CCleaner 5.44 on a Windows 10 Pro system; it is possible, however, that older versions of CCleaner display the advertisement as well.
The advertisement appears as a popup message in the lower right corner of the screen. It highlights a Summer Sale and a discount for CCleaner Professional.
You can upgrade to the professional version of CCleaner for 50% off.
It reads:
Summer Sale: Get 50% off!
Treat your computer to automatic cleaning for a stress-free summer
The offer ends on July 7.
Note that the popup is displayed when you run the portable version or the version that gets installed on the system.
The popup message disappears after a few seconds but you can open the upgrade option in the CCleaner interface to display the offer again.
There you may notice that the 50% may not have been accurate. On my system, it displayed a discount of €10 from €24.95 to €14.95 which is less than 50%.
The reason why there is a discrepancy is that a click on the "upgrade & save" button opens a page on the CCleaner website. There you find the offer for €12.49 instead of $14.95.
It is rather strange that Piriform/Avast would display two different upgrade offers to users of the program. You can open the Summer Sale page directly here.
CCleaner Professional adds features such as priority customer support, automatic cleaning, and additional cleaning options to the application.
There is no option in the program to disable the advertising popup. In fact, there is no option at all to prevent this kind of behavior.
What you can do is block CCleaner's Internet access. If you disallow the program to connect to the Internet. for example with TinyWall or Windows Firewall Control, it seems that you won't get the advertising popup.
The one downside to this is that you will have to download new versions manually to install them, at least until the July 7 deadline is reached.
There is no telling, however, whether the popup won't be used to advertise other Avast products such as Avast antivirus products.
CCleaner has been in the news recently quite a bit. Avast acquired CCleaner's parent company Piriform in 2017, and servers were compromised in 2017 shortly after the acquisition. The company added privacy options to CCleaner in 2018 which caused initial confusion as well.
Closing Words
I have to admit that I don't mind reminders like the one that CCleaner displays. What I dislike about it is that there is no option to turn it off and that the popup is displayed frequently and not just once or on user request.
Users who dislike the practice may want to check out alternatives such as Bleachbit.
Now You: What is your take on this?
From the website:
This is a yearly subscription product. After 12 month(s), a yearly fee of €24.95 is due starting with the next billing cycle.
i.e. it is not a lifetime license :/
@nnm
You need to read the information on the CCleaner site.
USE THE FREE, PORTABLE, VERSION. :) :)
To other posters, sorry for “shouting”.
If you read the Piriform forums on CCleaner Suggestions, other users have tried using the portable version and they still get the intrusive popup ad. Avast has ensured you will see their popup ads.
Annnndddd CCleaner is now gone!
@ John
Annnndddd that is a pretty dumb comment.
@Gary D
That seems like a legit comment to me, yet rather old news now. What seems dumb to me is spending any more time with the free version of CCleaner.. But alas, I guess some geeks sadly have OCD where they just can’t let go.
Annnnnndddddd the POS freeware is displaying this popup after July 7th. Revenue junk ad, but you get what you pay for.
Martin, the latest version of Ccleaner is 5.44 not 5.54.
I installed the portable version yesterday.
As with a lot of other programs, I use Windows Firewall Control (WFC) to block Ccleaner phoning home.
The worst offender for trying to phone home is Windows Explorer. It is always trying to connect to Akaimei and other mysterious unidentifiable remote sites. I use WFC to block Explorer with NO detrimental effect on my laptop’s performance.
Before Shannana (and most of the other posters) in your article of May 24th start having mass hysterics about Ccleaner gathering personal data, they need to take a reality check.
Do they use Chrome, Gmail, Twitter, Facebook, etcetera ? If so, then they have a LOT more to worry about regarding data slurping.
NB I did donate $10 dollars to the WFC author to be able to use all the program’s features.
Thanks, corrected.
Thankfully, I don’t use any of those, and I’ve just replaced CCleaner with Bleachbit.
@Gary D
Hmm, why would you think I would be involved with mass hysterics?
You say I need to take a reality check before doing something I haven’t done yet. That is silly, ha.
Fair enough, yet perhaps your prejudice is misguided?
Regardless, I will take your remark as a compliment, is it implies my opinions wield some notable power, ha.
As for “data slurping” (AKA privacy), that’s not my main concern. My main concerns with software involve my time and security.
In short, I don’t like to fuss with software, and I found CCleaner’s free version was too much to fuss with, so I moved on for now.
Is that so hard to accept without vitriol?
@Gary D, the it’s OK because others do is not a valid defense, we don’t allow people to get away with something morally unacceptable just because someone else did it so why should companies be given a free pass?
Gary D wrote: “The worst offender for trying to phone home is Windows Explorer. It is always trying to connect to Akaimei and other mysterious unidentifiable remote sites.”
Certificate Revocation Lists are often hosted on Akamai servers due to the amount of requests. Blocking this just makes your computer less secure.
CCleaner currently only on v5.44, not v5.54.
Thank you!
As if that wasn’t expected. I have Avast anti-virus, and their advertising pop-ups are annoying enough that I don’t need another basic maintenance program behaving similarly.
Not only are Avast pop-ups s-s-slow to appear and difficult to make disappear (you have to click on them repeatedly like a madman with a hammer), but they are grossly misleading when they try to push paying updates (your PC is going to explode ! your hair is going to fall off !), and they are unwieldy as hell when they are related to the anti-virus operation.
Anyway, long before C-Cleaner was acquired by Avast, their strategy of frequent updates served no obvious aim, apart from forcing you to decline each time the “upgrade” to the paying version. Hang on preciously to the previous executables you might have kept.
Speaking of hammers, I have a few (a few too many, actually), and I have never felt the need to “update” them periodically to add new “features”.
Avast, Avira, AVG, Bitdefender have all gone the way of the malware they are allegedly supposed to be stopping. I don’t run an AV anymore and haven’t been infected in the past 6 six years or so. But for users who don’t know what they’re doing they still need something and these AV companies are exploiting their ignorance.
No CCleaner 5.44 (freeware) advertising pop-up here. I have no idea which of my system-wide privacy settings prevents this particular pop-up. I do have ‘ipm-provider.ff.avast.com’ blocked by my HOSTS file and all .exe files in the CCleaner install folder blocked (in&out) by Windows 7 Firewall … no idea, really.
@Tom Hawack: assuming you use HostsMan, or something similar, how do you keep ipm-provider.ff.avast.com as a permanent entry in the hosts file? I have my HM settings are set to overwrite the old entries with new ones, which means ipm-provider.ff.avast.com would get overwritten each time, and you would have to re-add it manually.
@klaas,
The user may include in HostsMan sources (‘Manage sources’ / ‘Add source’) a local file with ‘Select file’ : that way, when HostsMan’s filters are updated, manually or automatically, and with overwrite as you do the filters from my local file are never removed.
This said, I use now HostsMan as a base for the Acrylic application. I update HostsMan filters as before, then set HostsMan’s Hosts File to disabled which creates a Hosts.ehm file that I use together with home-made filters for Acrylic (Acrylic uses therefor Hostsman filters whilst the hosts file is disabled). Acrylic allows to write filters the hosts file would refuse, such as :
127.0.0.1 >avast.*
equivalent to 127.0.0.1 *.avast.*
The Hosts file doesn’t understand *.avast.com nor avast.* when Acrylic does.
Acrylic allow much more, includes a performing cache … nice app which brings the hosts concept to what it should/could be, even if HOSTS originally was intended for speeding up dns requests not for blocking them selectively.
@Tom: thanks for your quick reply. Very useful to be able to select your own file. What type of file does one need to use, just a .txt file?
If so, I can just create a file, add the text ipm-provider.ff.avast.com and save it as e.g. avast.txt – is that right?
As for Acrylic (I assume you mean Acrylic DNS Proxy), that sounds like a nice solution, although somewhat complicated. A quick look at the website shows Acrylic uses its own Hosts file, so I assume you have configured Acrylic to use that Hosts.ehm file.
Acrylic’s config file looks overwhelming.
@klaas,
— For HostsMan local user file : a simple txt file but of course respecting the hosts standard which is, depending on your Hostsman options,
127.0.0.1 example.com
or
0.0.0.0 example.com
Of course if you’ve set Hostsman to modify 127.0.0.10.0.0.0 then you can set either 127.0.0.1 or 0.0.0.0 for your personal list.
— Concerning Acrylic, yesy I was referring to the ‘Acrylic DNS Proxy’ application. It’s not complicated in fact. My story is that I’ve abandoned the ‘DNSCrypt-proxy’ which appeared to handle correctly (I mean in terms of speed) only foreign encrypted dns servers (I’m in France) which started bothering me. I nevertheless kept running DNSCrypt-proxy because of its ability to handle blocklists in a way Hosts file cannot. When I discovered ‘Acrylic DNS Proxy’ i decided to make the move as above described.
Acrylic is not complicated, just settle your primary, secondary DNS resolvers (Acrylic can handle up to 10 of them!) in the AcrylicConfiguration file and your hosts in the AcrylicHosts file (which allows to include sources) — No problem.
“Of course if you’ve set Hostsman to modify 127.0.0.10.0.0.0 then you can set either 127.0.0.1 or 0.0.0.0 for your personal list.”
means
Of course if you’ve set Hostsman to modify 127.0.0.1 TO 0.0.0.0 (or vice-versa) then you can set either 127.0.0.1 or 0.0.0.0 for your personal list.
@Tom: I have downloaded Acrylic and got it up & running. 1 question that does not seem to be answered in their instructions:
I have added that avast address as follows to the Acrylic hosts file:
0.0.0.0 ipm-provider.ff.avast.com
Is that OK? The instructions only mention 127.0.0.1.
I have set my PC’s DNS to 127.0.0.1, as you mentioned.
@klaas, indeed Acrylic documentation mentions only 127.0.0.1 but I’ve switched all my hostips to 0.0.0.0 and it is much faster. Maybe is 127.0.0.1 required if you use the logging feature (unset by default).
And remember to set your system DNS to 127.0.0.1 (Network Properties / TCP/IPv4 (or TCP/IPv6) / Properties OR a DNS tool such as DNSJumper), and to set it back to whatever it was before if you stop or uninstall the service.
Concerning your Hosts file managed by HostsMan, no need to use it if you reference it to Acrylic, which is the thing to do considering hosts management is the very purpose of Acrylic. You may proceed as I mentioned above :
“This said, I use now HostsMan as a base for the Acrylic application. I update HostsMan filters as before, then set HostsMan’s Hosts File to disabled which creates a Hosts.ehm file that I use together with home-made filters for Acrylic (Acrylic uses therefor Hostsman filters whilst the hosts file is disabled).”
Of course you can continue running the Hosts file actively with Hostsman if you intend to use Acrylic for a bunch of hostnames only. Hosts enabled or not, I’d advise to have its hostips set to 0.0.0.0 as well, with or without Acrylic.
@Tom: sorry for my late reply.
I have hostips set to 0.0.0.0 as well.
Yesterday during the Acrylic set-up I implemented the Acrylic service too to get Acrylic running. Today with starting up my PC (I switch it off every night) I checked and found the Acrylic service running, which is great.
Before, I had HostsMan to start up with Windows, but I disabled that yesterday too.
But here’s the thing: since HostsMan was not running after my PC start-up, there was no Hosts.ehm file. The .ehm file is created when HM is disabled, but when it is enabled the .ehm file disappears.
Therefore, since there is a reference in Acrylic to the.ehm file like so
@ C:\Windows\System32\drivers\etc\HOSTS.ehm
I had to start up HostsMan, then disable it.
Now that to me is a long way round to get Acrylic to use the HostsMan hosts file.
So my question is: is this the way you have configured Acrylic and HostsMan too, or do you automatically launch HostsMan with Windows start-up *and* disable it automatically too to create that .ehm file? If so, how do you disable HostsMan automatically?
@klaas, you must enable/disable the Hosts file via HostsMan by clicking on the big green icon : when green it means HOSTS is enabled, when red it means HOSTS is disabled and HOSTS.ehm is created : this is independant of HostsMan running or not, hence no need to have it start with Windows as you’ve understood.
Have you managed to link HOSTS.ehm to Acrylic? It’s all explained in File / Open Acrylic Hosts /
“For easier maintenance of entries coming from multiple sources it is also possible to “include” external HOSTS files using the following syntax (the line must start with a ‘@’ character followed by a space and then by a relative or an absolute file name):”
Feel free to ask anything appearing as unclear.
@Tom: I already knew how to disable HostsMan. But my point is that the .ehm file does not continue to exist after I switch off my PC, and when I switch it back on, and HM is still disabled, there will still be no .ehm file.
Are you telling me that on your PC the .ehm file is still present even after switching your PC off then back on with HM continuing to be disabled? If so, please tell me how you achieve that.
I have referenced the .ehm file as follows in Acrylic:
@ C:\Windows\System32\drivers\etc\HOSTS.ehm
Isn’t that right?
@klaas, I’m sorry, I hadn’t understood you correctly
@ C:\Windows\System32\drivers\etc\HOSTS.ehm is correct
I’ve just powered-off the system, restarting, HostsMan not running (no start with Windows) and my HOSTS.ehm hasn’t been removed, whilst yours has…
I have to figure out your issue.
I may have an explanation, here goes:
Please check in HostsMan / Options / General / Enable Hosts on exit : is it checked? If yes, uncheck it. When checked it means that if you’ve disabled (as you did) the Hosts file (Button is red) this Hosts file is automatically re-enabled once you close Hostsman … which means that HOSTS.ehm is removed and HOSTS re-initiated.
Please confirm this explanation, otherwise I’ll dig deeper.
@Tom: many thanks for your help and advice. That aspect was enabled indeed, so I unchecked it. Will close down and restart later on & will report back.
@klaas, no need to poweroff/reboot to check. If you leave ‘Enable Hosts on exit’ checked, exit HostsMan, you’ll notice when reopening HostsMan that Hosts file is enabled, and not if you uncheck ‘Enable Hosts on exit’.
What must have happened is that you noted HOSTS.ehm as present while HostsMan was opened. You closed Hostsman, powered off and discovered that HOSTS.ehm had vanished : nothing to do with closing the computer, it was only due to the fact the Host file had been reset when you closed HostsMan because ‘Enable Hosts on exit’ was checked.
By the way there’s an updated version of HostsMan available at http://www.abelhadigital.com/hostsman/ — The site is presently inaccessible but latest version (downloaded here 2018-06-21) is HostsMan 4.8.106 (the site mentioned an older version but the downloaded installer was 4.8.106). No major changes, optimized code only.
@Tom: your analysis re the .ehm file is right.
Thanks for indicating the new version of HostsMan. Like you said, the old number is still shown on the website but the download is for 4.8.106. Surprising the site is up & running again, for a while it was completely offline, I even seem to remember a comment that it had been sold or closed down or something like that. Luckily that is not the case.
I use the portable version, and what amazes me is that I don’t have to do anything to 4.8.106, it just adopts the settings from 4.7.105, which is surprising for a portable version.
@klaas, like John “Hannibal” Smith, the A-Team character: … and his often spoken line “I love it when a plan comes together” :=)
HostsMan 4.8.106 indeed is only an improved version, no new options. To be frank I’d be unable to spot what has been improved!
Well, now you and I are ‘Acrylics’ … ‘Acrylicers’? Well, you get the idea!
@klaas, I forgot to mention the following, but you must know that already:
Every time anything is changed in AcrylicConfiguration or in AcrylicHosts you must restart the Acrylic Service. But also when the HOSTS is updated (if Hosts file is disabled the update occurs normally but is sent to HOSTS.ehm rather than to HOSTS).
I presume you update your HOSTS manually since you don’t start HostsMan automatically anymore as I’ve understood it. Anyway, Acrylic runs with the HOSTS it started with, so if HOSTS.ehm is updated you need to restart the Acrylic service from :
Acrylic UI / Actions / Restart Acrylic Service.
Just in case you wouldn’t have been aware of this.
Have a nice week-end (tomorrow France vs Argentina!).
@Tom: you are right, I don’t start HM automatically anymore, I will run it manually to check for updates. Thanks for the reminder to restart the Acrylic service.
As for restarting the services when something has changed in the hosts list or configuration, I noticed Acrylic reminds you of that itself when you close those files :-)
Since there are undoubtedly quite a few HostsMan users among the Ghacks readers, it would be useful for them if Martin ran an article on Acrylics; he could even use your constellation as an example.
@Tom: well, I can now report that after switching off & back on, keeping HostsMan disabled, Horsts.ehm still exists !!
So, I am all set to use Acrylic with Hosts.ehm as a filter without having HostsMan running.
I want to thank you again for your help and of course your time replying to me.
I now say goodbye, till next time. Salut !
@Tom Hawack
Just want to ask a question hoping you can verify something for me. Because you’re using 0.0.0.0 as your local IP, I’m thinking you never use the Browser Toolbox (CTRL+SHIFT+ALT+I) with debugging enabled in FF. I have to use 127.0.0.1 for the toolbox to work. Just curious if you use it or not and if my being unable to use 0.0.0.0 in my hosts file is normal for others. Using Win7 x64.
@Richard Allen,
1- 0.0.0.0 is not my local IP, 127.0.0.1 is. 0.0.0.0 is only the hostsnames’ IP I use for the HOSTS file and with Acrylic DNS Proxy.
127.0.0.1 localhost is included in the HOSTS file whatever the hostnames’ IP chosen (here 0.0.0.0). To be noted : remains implicit with HostsMan that is: unless explicitly stated localhhost is 127.0.0.1 … that’s how I understand it here with Win7 x64. I admit an are of uncertainty regarding this localhost. I know it doesn’t appear in my HOSTS file managed by HostsMan but that — if a hosts source includes it — it is not removed as well.
2- You are right, I never use the Browser Toolbox …
3- Post-answer (!) : I use latest ‘Policies Templates’ for Firefox (https://github.com/mozilla/policy-templates) and I had included
“DisableDeveloperTools”: true
in order to disable the very Developer Tools… until I realized that the ‘HTTPS Everywhere’ Firefox extension required it, at least to display its toolbar button popup menu… so I removed that Policy Template even if, indeed, I never call any of the developer tools …
@Richard Allen ,
I forgot to ask you what I first had in mind when reading your comment:
“I have to use 127.0.0.1 for the toolbox to work.”
– What do you mean by using 127.0.0.1? Do you mean setting your HOSTS’ file hostnames IPs to 127.0.0.1 rather than 0.0.0.0?
– Where in the FF toolbox do problems appear? i’m missing something.
Thanks, I appreciate your response and I apologize for misspeaking. Instead of local IP I should have said ‘localhost’ IP address as in what is used in the hosts file. What a maroon! :)
I personally could not give up the dev tools, the horror, not that I’m an expert or anything, still learning. When using 0.0.0.0 debugging will not work. I use the dev tools for network requests, page load times, cookies, the browser console, and to find the ID for webpage elements and to see live results of my changes on those elements. With the Browser Toolbox, with debugging enabled, I can find the ID for “Firefox UI elements” and change the color, font and other things temporarily and see the results live. I can also disable popup auto-hide for FF panels and extension toolbar icons so that I can get my fingers dirty playing with those items. I’ve always only used the built-in dark theme on Quantum and have made a crapton (scientific term – jk) of changes.
I’ve changed the menu panels to use a darker grey background and:
The fill color on the bookmarks star button:
#star-button { fill: #999 !important; }
Font size and opacity of the zoom button, normally bigger and brighter:
#urlbar-zoom-button { font-size: 8pt !important; opacity: 0.5 !important; }
The OpenSearch badge on the searchbar search button is too bright, dialed it down a bit:
.searchbar-search-button { opacity: 0.7 !important; }
Privacy Possum badge too bright:
#woop-noopscoopsnsxq_jetpack-browser-action{ opacity: 0.7; }
Status panel that shows the URL when hovering a link, changed font size and flipped the colors to look better with dark theme:
#statuspanel { font-size: 12pt !important; filter: invert(100%) !important;}
My changes are almost endless and a work in progress. I’ve even been using the “Floating Scrollbar” which can be seen in the screenshots.
https://s22.postimg.cc/ii0pyedpd/Browser_Toolbox.png
https://s22.postimg.cc/elne2f85d/ID_Element.png
https://s22.postimg.cc/edzr60cn5/Toolbax_fails_to_open_when_using_0.0.0.0.png
“can include what dozens of lines would require in the hosts file”
With Hostsman you can optimize the hosts file to use up to nine entries on each line. I’ve been doing that forever. I’ve personally never seen an improvement in ping times when using 0.0.0.0. instead of 127.0.0.1 on my Win7 computers, just saying. A couple changes I’ve made in regards to using a hosts file is that I changed the system DNS cache to only be saved for 8 hrs, instead of the default of 24, I’ve been thinking of changing that to 4 hrs but haven’t yet. And I bumped up the FF DNS cache to use 10 minutes instead of 1. Which seems to be working fine, so far.
And thanks again, I’m always curious what others are seeing and doing with their browsers.
Peace!
@Richard Allen, I understand now your interest for the Developer Tools even if I lack computing knowledge to understand the correlation between using 0.0.0.0 as a HOSTS’ file hostnames IPs and Firefox’s devtools/debugging validity.
I tweak Firefox a lot myself, including the UI. As you know not with the browser’s devtools but with userChrome (essentially) and userContent.
I’ve added userChrome.js support to Firefox with just userChrome.css :
https://gist.github.com/Sporif/db6b3440fba0b1bcf5477afacf93f875
By pasting the content of this userChrome.css to the end of my own [FIREFOX PROFILE]\chrome\userChrome.css (don’ replace if you user userChrome.css already exists!) the moz-binding allows me from there on to perform many, many tweaks, far more than simply modifying colors. I can for instance define my very own newtab with a userChrome script such as ‘NewTab_Custom Page’ at https://luke-baker.github.io/
I run presently 9 userChrome scripts and thses allow to circumvent many Firefox limitations introduced with Quantum.
But that doesn’t answer why using 0.0.0.0 as a HOSTS’ file hostnames IPs and Firefox’s devtools/debugging validity…. I just don’t know!
Thanks Tom. I’m not sure why the dev tools needs the localhost address of 127.0.0.1 for the ‘browser’ UI debugging to work. Maybe because 127.0.0.1 is the default loopback address in Windows and that’s what it expects. To use the dev tools on browser UI elements, remote debugging, along with browser chrome and addon debugging has to be enabled.
For me, using the dev tools to modify the browser UI, and webpages is a must. I’ve created userStyles for over a dozen websites. Most are simple with just a small handful of rules but then the style I use for gHacks has around 40-50 rules. I’m using Stylus in Chromium and FF based browsers. My userChrome file has dozens of rules but my userContent file is small with only four. On a side-note, with FF v61, being able to differentiate unread tabs is no longer possible as far as I can tell. Seriously bummed about that because I often open links in a background tab. Closest thing I’ve come up with is .tabbrowser-tab[pending] which really only works when restoring a previous session. I’m hoping someone comes up with a js file for that, haven’t been able to find one that works.
Appreciate you sharing that link. I’ve already, had to as a matter of fact, make use of the restart js file. Yippee ki-yay, …s! I missed having restart. ;)
I don’t know if you’ve tried the Floating Scrollbar, I’ve been using it for 2-3 weeks. I’ve modified the width, padding, colors, radius and transition time. I’m a huge fan of this scrollbar. I don’t know why I put up with having to use the default scrollbar but at least I had made it a little smaller using the system settings.
“https://old.reddit.com/r/firefox/comments/8quqmh/how_to_install_the_smooth_scrollbars/e0mqjv2/”
We are guilty of being tweakers! LoL
@klaas, you wrote
”
I have added that avast address as follows to the Acrylic hosts file:
0.0.0.0 ipm-provider.ff.avast.com
”
will do no more than the traditional hosts file.
If you wish, i.e. block all of avast you could write this:
0.0.0.0 >avast.com
That would include avast.com and *.avast.com
Or, less tight,
0.0.0.0 >ff.avast.com
which would include *.ff.avast.com (ipm-provider.ff.avast.com in this case would of course be treated).
It’s up to you, but with acrylic one line of 0.0.0.0 >domain can include what dozens of lines would require in the hosts file, not to mention anything related to a dirty domain not yet handled by the hosts source (though be careful with that, some abc.example.com sites may be dirty but not efg.example.com).
@Tom: thanks, I changed it to 0.0.0.0 >ff.avast.com
BTW, what is the “ff” bit?
@klaas, I use Acrylic with 0.0.0.0 as well as I mentioned it yesterday. Nevertheless to be sure there is no contraindication I emailed this morning to the developer to have his word about it.
What is the ‘ff’ bit? I don’t know, but your setting will apply to ipm-provider.ff.avast.com of course and to any other *.ff.avast.com, which seems reasonable if the aim is to preserve access to Avast whilst blocking anything to do with its tracking features. Would be a problem if a valid Avast url was of the form ‘valid.ff.avast.com’, at least for Avast users. Not sure on this level because here I’ve set 0.0.0.0 >avast.com … globally blocked therefor. If you use Avast products and encounter a problem you can always revert to 0.0.0.0 ipm-provider.ff.avast.com (or 0.0.0.0 >ipm-provider.ff.avast.com though that wouldn’t have much sens provided *.0.0.0.0 ipm-provider.ff.avast.com is unlikely)
EDIT, “provided *ipm-provider.ff.avast.com is unlikely”
@Tom: 1 further question re one’s own file to be added as a source.
There is a website that is blocked in the Hosts file by one of the sources, but I want it unblocked. So, each time the Hosts file is updated I got into the HostsMan Editor to unblock it.
If I were to add this website to my home-made file, would that keep that website unblocked?
Edit: this is a stupid question I asked because the personal file is also meant to block sites, not to unblock them. Apologies for my stupidity :-((
@klaas (on June 28, 2018 at 12:45 pm), ok.
Your personal file guarantees your hostnames will always be included in the hosts file whenever an update and overwrite
HostsMan’s exclusion list guarantees that hostnames you include in that list will never be added to the Hosts file.
Regarding ‘Acrylic DNS proxy’ as well as ‘DNSCrypt-proxy ‘ I forgot to mention that both require the user’s DNS to be set to 127.0.0.1 (Network Properties / TCP/IPv4 (or TCP/IPv6) / Properties OR a DNS tool such as DNSJumper).
@klaas, there is a Hostsman option to remove given hostnames from the Hosts file :
Edit / Exclusion list … it states ‘Prevents specified hostnames from being added to Hosts file’
Keep default ‘Wiildcards’ and add your Hosts file entry (host name, not the leading 127.0.0.1 of course) : whatever you feed to the Hosts file (via HostsMan) that/those exceptions will be removed.
@Tom: as usual, many thanks for your valuable advice & ideas Tom ;-)
My pleasure, klaas. As we say in French regarding culture but here i’ll apply it to knowledge as a whole : “knowledge is like jam, less you have more you spread it” :=)
I don’t know much and less even in computing (no false modesty) so the little I know i share it, like many of us in their respective affinities.
@Tom: ça fait du bien de savoir que tu es Français, ma femme est française aussi. Néanmoins, elle avoue qu’elle ne connait pas l’expression
“La culture, c’est comme la confiture : moins on en a, plus on l’étale”.
A la prochaine.
@klaas, tu t’exprimes parfaitement bien en français (à moins que ce ne soit ta femme qui t’ai aidé ?!).
“La culture, c’est comme la confiture : moins on en a, plus on l’étale†est une expression que j’ai toujours connue même si elle est peut-être un peu vieillotte, peu usité, voire en voie d’extinction. Les jeunes ont d’autres références ce qui explique peut-être que ton épouse l’ignore. En tous les cas l’expression s’avère juste bien souvent :=)
@Tom: c’est moi qui a écrit ça, bien que je ne sois pas français. A+
VirusTotal now shows 5 threats, when usually shows none or maximum 1.
@klaas, what CCleaner files have you tested with VirusTotal?
Here, (CCleaner 5.44 of course) CCleaner64.exe : 0 threats and CCleaner.exe : 1 threat
EDIT, sorry : indeed ccsetup544.exe analyzed by VirusTotal shows 5 threats : https://preview.tinyurl.com/y9vmrpfz
Agreed. I assume those 5 threats are do to the advertising.
Just stay of CCleaner v5.40, no pop-ups, no ads, no privacy concerns, no evil Avast!
typo > 54
https://www.ghacks.net/2018/06/28/ccleaner-5-54-comes-with-advertising-popups/
Article NameCCleaner 5.54 comes with advertising popups
5.32 is the last sane version from Piriform. Stick with it or die from Avast sh#t flow.
In Kaspersky:
Go to Protection> Application Control> manage applications> Piriform:
CCleaner and CCleanerx64: Network> Decline for both applications.
Only problem: In this anti-virus the pc Cleaner menu, indicates that CCleaner has not been used for more than 4000 days ……
We pay enough for Kaspersky so why don’t they have a replacement?
Hmmm, weird, my copy of >>>WISE<<< Disk Cleaner (along with Registry Cleaner and the other shenanigans they have) doesn't come with advertisements popups, I guess I'm lucky…
Martin, the link you provide in the article points in the US to a CCleaner price reduced from $24.95 to $12.50, which is less than 50% by a few cents. I hope their programmers are more accurate in their programming than their marketers ability to promulgate their price.
As a former user of Avast Internet Security (even though still licensed) I think I used Autoruns to kill off their other product popups, but I cannot confirm this for sure now.
Not sure what the “news” is here; anyway, CCleaner is a rather mild utility compared to WiseCare 365 Pro or Glary Utilities Pro–both of which are found as free one year or lifetime licenses on various sites such as Chips or AskVG. Even the older Toolwiz or Puran programs responsibly clean more clutter from a machine than CC. I’ve found BleachBit or Privazer or RegSeeker to be notable in wiping far too many areas in the Windows system which results in poorer response times and curious system instabilities.
What is the URL for Chips? Where do you find a legitimate (legal) free one-year license for Glary or WiseCare 365 Pro on Chips or AskVG?
I wrote here previously that I had encountered no advertisement pop-up with CCleaner Free 5.44.6575.
On the other hand I’ve just encountered an odd issue.
Running CCleaner from its GUI is flawless;
I run CCleaner from a command-line : C:\Program Files\CCleaner\CCleaner64.exe /AUTO
This now leads to a CCleaner crash (without the cleaning having been performed : crash is first).
The strangest thing is that this issue didn’t appear as soon as CCleaner 5.44 was installed (I ran it with the command-line this very morning, flawlessly) but appeared just a moment ago.
Uninstalled CCleaner 5.44.6575 and installed previous CCleaner 5.43.6522 : no command-line issue.
I don’t know what CCleaner/Piriform/Avast is up to. I experience an issue with latest CCleaner 5.44.6575, I notice that VirusTotal indicates 5 threats for this application’s installer … and I start wondering if I’m not going to send all Piriform applications to the garbage, which might not be reasonable if I consider my little interest for radical solutions’ way of thinking and schemes. But I’m seriously starting to deeply doubt.
@Tom Hawack
Do what you think is best for you. Personally, I could be wrong, but as you know I don’t trust CCleaner/Piriform as I fear the dopey marketers are running things now, driven by greed.
Also, I see nothing radical in trying other software solutions. It’s not like you are considering a one-way ride to Mars, ha.
That said, I could say “I told you so”, but then again, I guess I just did, ha.
BTW, I watched Gran Torino, bravo, thanks for the mention.
I used Firewall App Blocker to block the ccleaner portable and works thanks martin
https://www.sordum.org/8125/firewall-app-blocker-fab-v1-6/
Same here on Earth, for all ccleaner executable files as well as for many other applications. Stunning the number of applications which phone home for other reasons than update checking. It’s become a normal behavior I guess, like cookies, like storage, everywhere even when not at all required for the site. In fact my belief is that disdain for ethics is the way of many companies’ life, and maybe, for the most modest of them, the only ticket for survival : if you can’t beat them, join them.
We’ll have to do with it. Fortunately honest people and companies exist, but is it me alone to feel such basic virtue as fresh air considering the very few?
I still use CCleaner Free v5.31.6105 (64 bit)
In was addition, I did use Bleach-bit along with CCleaner, for more comprehensive cleaning, and it worked fine, until, I launched LiveTcpUdppWatch and noted, (while connected to Wi-Fi) that bleach-bit was sending my cleaning data home. CCleaner v5.31 was not.
I have heard the newer versions of CCleaner does send cleaning data. If you use cleaners, disconnect Wi-Fi or wired connection, before launching any cleaner these days.
Martin, it would be interesting to see if the “slim” version has the popup as well.
They usually post it over at https://www.ccleaner.com/ccleaner/builds several days after a new version is released.
Where can I download 5.43.6522 portable from?
https://filehippo.com/download_ccleaner/history/
But I don’t think you’ll find the portables there.
I’ve returned to CCleaner version 5.32.0.6129 (the last version produced by Piriform before the Avast buyout) because of frustrating stalling problems with the Avast versions and because i despise advertising popups harassment.
Version 5.32.0.6129 is faster, lighter and better in all aspects IMO. I keep it from calling home so I’m not hassled by upgrade messages. Perfect for me.
The popup closes itself after 10 seconds if you don’t.
I only see it once…when starting CCleaner.
With all the benefit I’ve gotten out of the free version of CCleaner over the years, I don’t begrudge them trying to make a buck.
Not worth any time to me to try and block it.
I would rather spend the time hardening my network security, or making sure my backups are good.
I’ve said this several times in the past and I’ll say it again: CCleaner version 5.32 was the last good version of the program before Piriform was acquired by that so-called antivirus company on July 19, 2017.
5.33 was “accidentally” bundled with malware. More bloat and advertisements have been added with recent updates.
You can’t defend this one Avast shills and apologists.
This is exactly why I stopped upgrading as soon as Avast bought CCleaner. I used to use their anti-virus and all the popups just became too much. Not just “great offers” but news stories and other crap. Pretty annoying even when you’re not gaming or something. Plenty of good free antivirus programs out there that don’t do that crap.
V. 5.4 doesn’t pop ads but be sure you look at the install screens to uncheck what you don’t want. It does install an update task which can be disabled in task manager. I still use it because it’s the easiest way to disable all those lame windows apps.
A few years ago CCleaner rescued a laptop from a windows reinstall; that’s when I began using it. I don’t like piriform, they took avast, at one time rated the best, junked it up with begging while ignoring its protection capabilities. It may be OK now but wasn’t for a long time; I dropped it.
BTW, this is very useful if you’re not hesitant to mess with files and reg settings if your Win 10 machine loses a functionality. Default settings for windows features. Yes, they’re old but can avoid a reinstall:
http://servicedefaults.com/10/
Oh, yeah, CCleaner needs a block in your firewall, checking the “don’t update” option won’t stop it from calling home.
Maybe I’ll “upgrade” to 5.32!
So I ran a Wireshark packet trace while using CCleaner 5.44 and saw no evidence of any malicious activity.
If anyone has any proof, I would like to see it.
Easy way to turn the popup off (worked on my install)…
Go to Options > Settings and uncheck “Inform me of updates to CCleaner”.
After 3 or 4 executions of CCleaner, the popup returns.
Quoting from another board:
If you remove the cookie “ipm-provider.ff.avast.com” from Options>Cookies>Cookies to keep with the arrow (Privacy (new menu in v5.43) and no problems.
Doesn’t work in 5.44.
There is actually no cookie…the URL is embedded in the executable.
If you remove the cookie from Options>Cookies>Cookies to keep with the arrow (Privacy (new menu in v5.43) and no problems.
PREVIOUS POST FIXED!
sorry no way to post the right text i wanted for some reason!
“CCleaner 5.44 comes with advertising popups” – by Martin Brinkmann
Thank you, Martin. The following is a message from an archive. I will no longer use this program.
“Beginning with version 533, ccleaner now belongs to another company.
While it still exists at it’s original location on the web, it should
be noted that it may be crippled or modified in such a way where it
is not worth using/trusted. It has also been reported that the install
silently collects sensitive system information and sends it to Google.
Now whether or not previous versions did this or not, is another story.
Version 532 is retained here in a separate subdirectory just for the
heck of it and just in case development ceases or becomes poisoned
for some reason. While version 532 is the last version released before
a company took control over the project, it still may collect sensitive
system info to send to Google, I don’t know. Version 532 was a July 2017
release.”
If BleachBit is good enough for Hilary, “LIke with a cloth or something” – maybe we should give it a try? – https://www.bleachbit.org/ –
I have used CCleaner since Windows XP days, and am disappointed that Avast has taken it over and messed with it. Ads stink.
If this is keeping up then Xp is sudden the ideal candidate for free a malware advertising OS :)
Piriform, er, Avast modified the latest version of CCleaner to puke out popup ads when you load the program. CCleaner became adware in version 5.44. This was a change from version 5.43. However, Avast slipped in a tracking cookie (ipm-provider.ff.avast.com) in version 5.41. CCleaner will list the cookie (an oversight that Avast will fix later) but not delete it. The latest non-adware non-tracking of CCleaner is version 5.40.
CCleaner and other Piriform products are NOT security programs. At best, CCleaner can be considered a privacy tool but it is primarily a cleanup tool. Avast acquired Piriform not because Piriform’s programs were security tools but because of the huge userbase of Piriform. Avast bought into a huge market they could spam. Avast uses their free anti-virus program to spam. Periodically they will flip on the switch when they have a marketing campaign, their AV goes quiescent for awhile, and they spam again. Avast is now turning the Piriform programs into adware platforms, too.
Buying other programs to roll into Avast is nothing new. They’ve done it with their Web Reputation extension (that they renamed), VPN baitware (it’s lureware to a subscription), some junk cleaner (forgot what it was originally called when Avast acquired it), and so on. They’ll roll CCleaner into Avast as yet another module. Might as well roll all their adware into one bundle.
Time to stop recommending CCleaner and dump it for something else (maybe Bleachbit). Since Avast turned CCleaner into adware, they’ll do the same with the other the other Piriform products: turn them into adware platforms. Time to also find alternatives for Recuva, Speccy, and Defraggler.
That clearly summarizes the CCleaner odyssey and Avast’s policy.
My hope is that other Piriform products won’t be affected the same way as CCleaner. I have in mind Defraggler, Recuva and Speccy.
The blind confidence I’ve had for years in Piriform is over, the strong suspicion I’ve had about Avast ethics is confirmed.
Replaced it with Wise ever since it autoinstalled Avast in my system without opt-out or any announcement whatsoever. Coulnt’t even uninstall it after, had to rollback the system. Good riddance, never looked back.
The Windows Firewall Control is installed on all my Windows boxes (and those of my customers); it has been set to block CCleaner (amongst many other software) from ‘phoning home for several years. All machines remain on version CC 5.32.0.6129 (with CCEnhancer 4.5.2). That having been said, it may now be time to to experiment with BleachBit. Sigh.
I’m an older person & don’t understand all the tech stuff but this new CCleaner pop up is driving me crazy. I don’t want to upgrade Why won’t it stop? It’s so annoying i think I should uninstall ccleaner?
@joy, I’d advise to install a previous version of CCleaner, either
– CCleaner 5.40.6411 – latest non-adware non-tracking
– CCleaner 5.43.6522 – latest popup-free (with nevertheless tracking)
Both (and other versions) available at https://filehippo.com/download_ccleaner/history/
Better, IMO, to uninstall CCleaner before installing an older version.
Thanks, I was looking for this. I went with the 5.40 version and blocked it from connecting to the internet with windows firewall just to be safe. If anyone else wants to do this: Type ” firewall ” in the search box to the lower left of the screen in Windows 10. Click firewall > advanced settings > inbound rules > (right click) computer cleaner update> select properties> uncheck> “allow connection” check> “block connection” > click apply and ok. After that box is closed, to the right there’s a list, under computer cleaner click “enable rule” to enable the “block connection” setting.
I vowed never to install CC Cleaner ever again. It is banished from my PC forever. All this popularity about CC Cleaner is because they did their marketing publicity aggressively but it is far from the best cleaning app.
I am currently using a free “full version” software from Germany that is superior than CCCleaner but as in all software there might be better apps lurking somewhere. This software does the job of 3 CCCleaner sister application that you have to install separately. Try this it is really free, no ads pop ups or other annoyance. https://www.ashampoo.com/en/usd/pin/5106/system-software/Ashampoo-WinOptimizer-2018
FYI I’ve just installed CCleaner v5.44.6575 Slim Setup (Setup without optional third-party software) and NO ads pop-ups at all !
Well that is quite surprising news. As far as I’m concerned I have to deal with a persistent interest for CCleaner’s core features together with a lost of confidence in versions following the latest non-adware non-trackink version which was 5.40.6411, with which I’ll stick.
Thanks for sharing.
Deleting or renaming the ccupdate.exe file also gets rid of the popup ads as I did this myself with CCleaner Free 5.44
Wound up here because two of my Windows 7 Pro 64-bit desktops were forcibly updated — without my knowledge or consent — to CCleaner 5.46.6652.
(This is also surprising, as I keep reading that latest version is supposedly v 5.44.xxxx)
Also, I have only been running the free version of CCleaner on all my computers, and always have my options set to NOT automatically check for updates. Besides, the free version isn’t supposed to even be able to automatically update itself.
Apparently, CCleaner installed an “emergency updater,” beginning with v 5.36.xxxx, and can trigger an update whenever it chooses to:
https://forum.piriform.com/topic/49067-ccleaner-v536/
Here’s the best part.
I started looking into this today, 2018-09-11, because on one of my computers the CCleaner program began intermittently crashing. Then, I find that it had installed v 5.46.6652 without notice of any kind.
I’ve never trusted Avast. And, in tracking this all down, I find out that they are a “Czech multinational cybersecurity software company headquartered in Prague, Czech Republic.”
Opt out/don’t check for updates options in the new v 5.46.6652 have been altogether removed, and cookies for Avast (note: now for Avast, not CCleaner) were added to the “keep” list.
Furthermore, reading Avast’s new EULA and Privacy policies scared the shit out of me.
FWIW, the forced updates seem to have occurred yesterday, 2018-09-10.
Seems to me that CCleaner (Avast) is turning “spyware” on us. And, that’s spyware from a former Eastern block country (with God knows what possible Russian involvement there may be). Last year’s security breach (i.e. v 5.33.xxxx), frankly, does not fill me with confidence that this is going to end well.
Is BleachBit the way to go?
I dislike the behaviour of Piriform company, they started becoming more commercial and while they already made a bunch of money from Ccleaner, they want to focus on monetizing the tool even more and now resorted to pretty intrusive ads, harming their reputation.
I am starting to get less and less sympathy for CCleaner developers, for some reason this move gives me a sense of their arrogance.
The aggressive pop-up advertisements were engineered to cover the “Clean now” button entirely, on startup of the program. Atleast is the case now with “Black friday sale” ad on CCleaner 5.49.. so closing the ad before running the cleaner is neccesary. They hope to annoy loyal users who want to get rid of the ad by buying the paid version, but I think all it does is scare them away from CCleaner or retreat to older versions with less commercial focus.
Shame we gotta get rid of ccleaner today all because of these intrusive popups. What on earth possessed them to do something so stupid?
well Bobby, the company behind Ccleaner (Piriform) has been bought by Avast, as you can read on https://press.avast.com/avast-acquires-piriform-maker-of-ccleaner
It seems to me that Avast is focussed only on the money. They don’t have the same spirit as the original Piriform directorate.. they still were in touch with their users. This whole take-over is 100% commercial profit maximisation
It’s very ironical that the maker of a known antivirus, would turn Ccleaner into a PUP (Potentially Unwanted Program) by these intrusive ads, after aquiring it. And yes, Avast obviously doesnt detect CCleaner as a PUP!
Back to the ads: it doesn’t seem they care, so they will have to find out the hard way (user loss).. we can’t change anything!