Jump to content

siliconman01

Experienced Members
 View Profile  See their activity

  • Posts

    1,117

  • Joined

  • Last visited

 Content Type 

Posts posted by siliconman01

    Winapp2.ini additions

    in CCleaner

    Posted

    Modified entry

     

    [DisplayFusion TroubleShooting Log*]
LangSecRef=3024
Detect=HKCU\Software\Binary Fortress Software\DisplayFusion
Default=False
FileKey1=%AppData%\DisplayFusion|DisplayFusion.log
FileKey2=%AppData%\DisplayFusion|DebugInfo.html
FileKey3=%AppData%\DisplayFusion|DebugInfo.txt

     

    Added FileKey2 and FileKey3 to [DisplayFusion TroubleShooting Logs*]

    Winapp2.ini additions

    in CCleaner

    Posted · Edited by Nergal
    added code tags

    I assume everyone is aware of the useful little tool named CCDump.exe at the link below.

     

    http://singularlabs....cleaning-rules/

     

    Here is some code to remove the 4 files from the CCleaner folder when you are through examining them.

     

    [CCDump.exe files*]
LangSecRef=3024
DetectFile=%ProgramFiles%\CCleaner\CCDump.exe
Warning=This removes files winapp.ini, winsys.ini, winreg.ini and regkeys.output.txt from the CCleaner folder.  These files are retrieved from CCleaner.exe via tool CCDump.exe.
Default=False
FileKey1=%ProgramFiles%\CCleaner\|winapp.ini
FileKey2=%ProgramFiles%\CCleaner\|winreg.ini
FileKey3=%ProgramFiles%\CCleaner\|winsys.ini
FileKey4=%ProgramFiles%\CCleaner\|regkeys.output.txt

    Winapp2.ini additions

    in CCleaner

    Posted

    New entry for Ashampoo Burning Studio 12 which will be released on 14-Nov-2012

     

    [Ashampoo Burning Studio 12*]
LangSecRef=3024
Detect=HKCU\Software\Ashampoo\Ashampoo Burning Studio 12
Default=False
FileKey1=%AppData%\Ashampoo\Ashampoo Burning Studio 12|backupmetainfo.xml
FileKey2=%AppData%\Ashampoo\Ashampoo Burning Studio 12\Log|*.xml
FileKey3=%AppData%\Ashampoo\Ashampoo Burning Studio 12\Log|*.txt
FileKey4=%AppData%\Ashampoo\Log|*.txt

     

    You can also delete the code below because it is in Winapp.ini

     

    [Ashampoo Burning Studio 10 More*]
LangSecRef=3023
Detect=HKCU\Software\Ashampoo\Ashampoo Burning Studio 10
Default=False
FileKey1=%AppData%\Ashampoo|backupmetainfo.xml

    Winapp2.ini additions

    in CCleaner

    Posted

    Also, I recommend that the section be changed on the new [NVIDIA Updates*] from LangSecRef=3021 to LangSecRef=3023 so that it matches the other Nvidia entries.

     

    In addition, I'm pretty sure there is an error in [Nvidia Graphics Driver Installation Files*]. FileKey2=%ProgramFiles%\NVIDIA Corporation\Install2|*.*|RECURSE should be FileKey2=%ProgramFiles%\NVIDIA Corporation\Installer2|*.*|RECURSE

    Winapp2.ini additions

    in CCleaner

    Posted

    Technical question .....

     

    Should it be DetectOS=|5.1 or DetectOS=5.1? In other words, is the | required in the DetectOS command?

     

    DetectOS=5.1 does not seem to work. If it is supposed to be DetectOS=|5.1, then why are there so many DetectOS=6.0 entries in Winapp2.ini ? :wacko:

    Winapp2.ini additions

    in CCleaner

    Posted

    The three codes below do NOT seem to apply to Windows 7; however, they show up in the Applications tab on Windows 7 systems. It appears to me that they are intended for Windows XP. They should either be modified to include Windows 7 (and probably Vista) or they should have a DetectOS=|5.1 added to the code.

     

    [Windows Media Player (Album Art Cache)*]

    LangSecRef=3023

    Detect=HKCU\Software\Microsoft\MediaPlayer

    Default=False

    FileKey1=%WinDir%\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Media Player\Art Cache\LocalMLS|*.*|RECURSE

    FileKey2=%SystemDrive%\Documents and Settings\NetworkService\Local Settings\Microsoft\Media Player\Art Cache\LocalMLS|*.*|RECURSE

    FileKey3=%SystemDrive%\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Media Player\Art Cache\LocalMLS|*.*|RECURSE

     

    [Windows Media Player (Databases)*]

    LangSecRef=3023

    Detect=HKCU\Software\Microsoft\MediaPlayer

    Warning=This will remove ratings, play counts, last played, etc.

    Default=False

    FileKey1=%WinDir%\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Media Player|*.*|REMOVESELF

    FileKey2=%SystemDrive%\Documents and Settings\NetworkService\Local Settings\Microsoft\Media Player|*.*|REMOVESELF

    FileKey3=%SystemDrive%\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Media Player|*.*|REMOVESELF

     

    [Windows Media Player (MediaGuide)*]

    LangSecRef=3023

    Detect=HKCU\Software\Microsoft\MediaPlayer

    Default=False

    RegKey1=HKCU\Software\Microsoft\MediaPlayer\Preferences|CurrentBackgroundScanFolder

    RegKey2=HKCU\Software\Microsoft\MediaPlayer\Services\MediaGuide|CachedIconPath

    RegKey3=HKCU\Software\Microsoft\MediaPlayer\Services\MediaGuide|CachedLargeLogoPath

     

    It actually looks like the three above codes can be removed because they are included in winapp.ini.

     

    [Windows Media Player]
ID=2033
LangSecRef=3023
Detect=HKCU\Software\Microsoft\MediaPlayer\Player
Default=True
RegKey1=HKCU\Software\Microsoft\MediaPlayer\Player\RecentFileList
RegKey2=HKCU\Software\Microsoft\MediaPlayer\Player\RecentURLList
RegKey3=HKCU\Software\Microsoft\MediaPlayer\Preferences|LastPlayList
RegKey4=HKCU\Software\Microsoft\MediaPlayer\Preferences|LastPlayListIndex
RegKey5=HKCU\Software\Microsoft\MediaPlayer\Player\Settings|SaveAsDir
RegKey6=HKCU\Software\Microsoft\MediaPlayer\AutoComplete\MediaEdit
RegKey7=HKCU\Software\Microsoft\MediaPlayer\Radio\MRUList
RegKey8=HKCU\Software\Microsoft\MediaPlayer\Services\MediaGuide|CachedIconPath
RegKey9=HKCU\Software\Microsoft\MediaPlayer\Services\MediaGuide|CachedLargeLogoPath
FileKey1=%LocalAppData%\Microsoft\Media Player|lastplayed.wpl
FileKey2=%LocalAppData%\Microsoft\Media Player|cacheentry*.*|RECURSE
FileKey3=%LocalAppData%\Microsoft\Media Player\Art Cache\LocalMLS|*.*|RECURSE
FileKey4=%LocalAppData%\Microsoft\Media Player\Transcoded Files Cache|*.*|RECURSE

    Winapp2.ini additions

    in CCleaner

    Posted

    I recommend that the following codes be changed from LangSecRef=3025 to LangSecRef=3022 because they are Internet related.

     

    [LocalService Cookies*]

    [LocalService History*]

    [LocalService Temporary Internet Files*]

    [iETldCache*]

    [NetworkService Cookies*]

    [NetworkService History*]

    [NetworkService Temporary Internet Files*]

     

    [iE7pro*] probably should be changed from 3024 to 3022 as well.

    Winapp2.ini additions

    in CCleaner

    Posted

    I honestly do not feel that winapp2.ini should be permitted to remove "quarantined" files of security programs. All security programs have their own option to remove one or all quarantined files. The potential of a CCleaner user deleting a false positive in quarantine by having winapp2.ini code such as {superantispyware quarantine*] check marked is pretty great in my opinion. Obviously this would prevent the user from returning a valid file (flagged as false positive) to its normal location. I feel the user should have to "think twice" by having to use the security program's option to empty quarantined files. Most security companies recommend that a quarantined file should not be dumped for at least a week.

     

    And I continue to feel that Piriform should fix the winapp.ini code for Malwarebytes so that it does NOT delete quarantined items. JMO... :mellow:

    Winapp2.ini additions

    in CCleaner

    Posted

    winapp2.ini,

     

    please consider removing the code below. it is not really the proper or best way to handle the ctfmon.exe running issue.

     

    [ctfmon.exe (disable startup)*]
langsecref=3021
detect1=hkcu\software\microsoft\office
detect2=hklm\software\microsoft\office
default=false
warning=this will only temporarily disable the microsoft office installed file ctfmon.exe from starting with windows. ctfmon.exe is known to cause severe system slow downs and can be permanently disabled using the free ctfmon-remover: http://www.gerhard-schlager.at/en/projects/ctfmonremover/
regkey1=hklm\software\microsoft\windows\currentversion\run|ctfmon.exe
regkey2=hkcu\software\microsoft\windows\currentversion\run|ctfmon.exe
regkey3=hku\.default\software\microsoft\windows\currentversion\run|ctfmon.exe

    Winapp2.ini additions

    in CCleaner

    Posted

    Personally, I think the ctfmon.exe code should be removed from Winapp2.ini. If a person is having an issue with ctfmon running, then links such as the ones below will assist in correcting the problem.

     

    http://www.howtogeek.com/howto/windows-vista/what-is-ctfmonexe-and-why-is-it-running/

     

    http://support.microsoft.com/kb/823586

     

    and many others that can be viewed by googling Office XP ctfmon.exe or Office 2003 ctfmon.exe, Office 2007 ctfmon.exe or Office 2010 ctfmon.exe

    Winapp2.ini additions

    in CCleaner

    Posted

    Why not replace the three detects with one detectFile

    DetectFile=%Windir%

     

    The original coder of ctfmon.exe is attempting to stop ctfmon.exe from starting up on system reboot. ctfmon.exe can be present on the system, but its the continuous running of the it that has caused many users problems. There are procedures to totally deactivate it, but the original coder just wants to stop it from starting up. A DetectFile will still show the code even if it is not in the RUN keys to start up.

    Winapp2.ini additions

    in CCleaner

    Posted

    Does that work like that?

     

    I assume you are referring to the ctfmon.exe code. And the answer is "No". I put in a test ctfmon.exe string in the registry and my modification did not detect it. Ugggh. Any suggestions as to how to make it detect if there is an active RUN string that needs to be deleted? But once deleted the code should no longer be visible.

    Winapp2.ini additions

    in CCleaner

    Posted

    Modified ctfmon.exe to include Detect1/2/3 which prevents this code from showing up on systems where ctfmon.exe has been properly deactivated already.

     

    [ctfmon.exe (Disable Startup)*]
LangSecRef=3021
Detect1=HKLM\Software\Microsoft\Windows\CurrentVersion\Run|ctfmon.exe
Detect2=HKCU\Software\Microsoft\Windows\CurrentVersion\Run|ctfmon.exe
Detect3=HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run|ctfmon.exe
Default=False
Warning=This will only temporarily disable the Microsoft Office installed file ctfmon.exe from starting with Windows. ctfmon.exe is known to cause severe system slow downs and can be permanently disabled using the free CTFMON-Remover: http://www.gerhard-schlager.at/en/projects/ctfmonremover/
RegKey1=HKLM\Software\Microsoft\Windows\CurrentVersion\Run|ctfmon.exe
RegKey2=HKCU\Software\Microsoft\Windows\CurrentVersion\Run|ctfmon.exe
RegKey3=HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run|ctfmon.exe

    Winapp2.ini additions

    in CCleaner

    Posted

    When upgrading versions of MS Office, some registry keys are left over that show previous versions of MS Office that have been installed on the user's computer. The code below cleans out these registry keys based on the highest MS Office version currently installed on the user computer. This helps prevent third party programs from misinterpreting which Office version is on a user's computer.

     

    MS Office 2010

    [MS Office 2010 Upgrade: MS Office XP/2003/2007 Registry Cleanup*]
LangSecRef=3021
Detect1=HKCU\Software\Microsoft\Office\14.0
Detect2=HKLM\Software\Microsoft\Office\14.0
Default=False
Warning=This cleans out registry entries/remnants of Microsoft Office XP/2003/2007 after Microsoft Office 2010 is installed.
RegKey1=HKCU\Software\Microsoft\Office\12.0
RegKey2=HKLM\Software\Microsoft\Office\12.0
RegKey3=HKCU\Software\Microsoft\Office\11.0
RegKey4=HKLM\Software\Microsoft\Office\11.0
RegKey5=HKCU\Software\Microsoft\Office\10.0
RegKey6=HKLM\Software\Microsoft\Office\10.0
RegKey7=HKLM\Software\Wow6432Node\Microsoft\Office\12.0
RegKey8=HKLM\Software\Wow6432Node\Microsoft\Office\11.0
RegKey9=HKLM\Software\Wow6432Node\Microsoft\Office\10.0

     

    MS Office 2007

    [MS Office 2007 Upgrade: MS Office XP/2003 Registry Cleanup*]
LangSecRef=3021
Detect1=HKCU\Software\Microsoft\Office\12.0
Detect2=HKLM\Software\Microsoft\Office\12.0
Default=False
Warning=This cleans out registry entries/remnants of Microsoft Office XP/2003 after Microsoft Office 2007 is installed.
RegKey1=HKCU\Software\Microsoft\Office\11.0
RegKey2=HKLM\Software\Microsoft\Office\11.0
RegKey3=HKCU\Software\Microsoft\Office\10.0
RegKey4=HKLM\Software\Microsoft\Office\10.0
RegKey5=HKLM\Software\Wow6432Node\Microsoft\Office\11.0
RegKey6=HKLM\Software\Wow6432Node\Microsoft\Office\10.0

     

    MS Office 2003

    [MS Office 2003 Upgrade: MS Office XP Registry Cleanup*]
LangSecRef=3021
Detect1=HKCU\Software\Microsoft\Office\11.0
Detect2=HKLM\Software\Microsoft\Office\11.0
Default=False
Warning=This cleans out registry entries/remnants of Microsoft Office XP after Microsoft Office 2003 is installed.
RegKey1=HKCU\Software\Microsoft\Office\10.0
RegKey2=HKLM\Software\Microsoft\Office\10.0
RegKey3=HKLM\Software\Wow6432Node\Microsoft\Office\10.0

    Winapp2.ini additions

    in CCleaner

    Posted

    NEW ENTRY

     

    [Corel PaintShop Pro X5*]

    LangSecRef=3023

    Detect=HKCU\Software\Corel\PaintShop Pro\X5

    Default=False

    FileKey1=%LocalAppData%\Corel PaintShop Pro\15.0\Database|*.db

    FileKey2=%LocalAppData%\Corel PaintShop Pro\15.0\Thumbs|*.*|RECURSE

     

    I don't have PaintShop on my system. Should the existing [Corel PaintShop Pro X4 More*] be modified to include

     

     

    FileKey2=%LocalAppData%\Corel PaintShop Pro\14.0\Thumbs|*.*|RECURSE

     

    [Corel PaintShop Pro X4 More*]
LangSecRef=3023
Detect=HKCU\Software\Corel\PaintShop Pro\X4
Default=False
FileKey1=%LocalAppData%\Corel PaintShop Pro\14.0\Database|*.db

    Winapp2.ini additions

    in CCleaner

    Posted

    Recommended modification to TuneUp Utilities*. Changed name and added warning messages.

     

    [TuneUp Utilities (Backups)*]
LangSecRef=3024
Detect=HKCU\Software\TuneUp
Warning=This removes ALL backups created by TuneUp Utilities during its registry and other cleaning activities. 
Default=False
FileKey1=%AppData%\TuneUp Software\*\Backups|*.rcb

    Winapp2.ini additions

    in CCleaner

    Posted

    It looks to me like Avira More* needs to be deleted because it is covered in winapp.ini

     

    winapp.ini Avira Desktop code

    [AntiVir Desktop]
ID=2138
LangSecRef=3024
Detect=HKLM\SOFTWARE\Avira\AntiVir Desktop
Default=True
FileKey1=%CommonAppData%\Avira\AntiVir Desktop\TEMP|*.*
FileKey2=%CommonAppData%\Avira\Antivir Desktop\BACKUP\FAILSAFE\*.tmp
FileKey3=%CommonAppData%\Avira\AntiVir Desktop|*.old
FileKey4=%CommonAppData%\Avira\AntiVir Desktop|*.tmp
FileKey5=%ProgramFiles%\Avira\AntiVir Desktop|*.old
FileKey6=%ProgramFiles%\Avira\AntiVir Desktop|*.tmp
FileKey7=%ProgramFiles%\Avira\AntiVir Desktop\FAILSAFE|*.tmp
FileKey8=%CommonAppData%\Avira\AntiVir Desktop\LOGFILES|*.*

     

    Winapp2.ini Avira More* code

    [Avira More*]
LangSecRef=3024
Detect=HKLM\SOFTWARE\Avira
Default=False
FileKey1=%CommonAppData%\Avira|*.tmp|RECURSE
FileKey2=%CommonAppData%\Avira|*.log|RECURSE
FileKey3=%ProgramFiles%\Avira|*.tmp|RECURSE
FileKey4=%ProgramFiles%\Avira|*.log|RECURSE
FileKey5=%ProgramFiles%\Avira GmbH|*.log|RECURSE

     

    Avira More* looks like it is outdated and applies to old versions of Avira. It certainly does not apply to Avira Internet Security 2010/11/12/13

    Winapp2.ini additions

    in CCleaner

    Posted

    Modification to TuneUp Utilities Reg Defrag Cleanup for TuneUp Utilities 2013. Modified name and added Detect3.

     

    [TuneUp Utilities 2011/12/13 Reg Defrag Cleanup*]
LangSecRef=3024
Detect1=HKCU\Software\TuneUp\Utilities\10.0
Detect2=HKCU\Software\TuneUp\Utilities\12.0
Detect3=HKCU\Software\TuneUp\Utilities\13.0
Default=False
FileKey1=%WinDir%\System32\config|SECURITY_tureg_old
FileKey2=%WinDir%\System32\config|SOFTWARE_tureg_old
FileKey3=%WinDir%\System32\config|SYSTEM_tureg_old
FileKey4=%WinDir%\System32\config|DEFAULT_tureg_new.LOG*
FileKey5=%WinDir%\System32\config|SAM_tureg_new.LOG*
FileKey6=%WinDir%\System32\config|SECURITY_tureg_new.LOG*
FileKey7=%WinDir%\System32\config|SOFTWARE_tureg_new.LOG*
FileKey8=%WinDir%\System32\config|SYSTEM_tureg_new.LOG*
FileKey9=%WinDir%\System32\config|DEFAULT_tureg_old
FileKey10=%WinDir%\System32\config|SAM_tureg_old
FileKey11=%WinDir%\ServiceProfiles\LocalService|NTUSER.DAT_tureg_old
FileKey12=%WinDir%\ServiceProfiles\LocalService|NTUSER.DAT_tureg_new.LOG*
FileKey13=%WinDir%\ServiceProfiles\NetworkService|NTUSER.DAT_tureg_old
FileKey14=%WinDir%\ServiceProfiles\NetworkService|NTUSER.DAT_tureg_new.LOG*
FileKey15=%WinDir%\System32\config|COMPONENTS_tureg_old
FileKey16=%WinDir%\System32\config|COMPONENTS_tureg_new.LOG*
FileKey17=%LocalAppData%\Microsoft\Windows|USRCLASS.DAT_tureg_old
FileKey18=%UserProfile%|NTUSER.DAT_tureg_new.LOG*
FileKey19=%UserProfile%|NTUSER.DAT_tureg_old
FileKey20=%SystemDrive%\Boot|BCD_tureg_new.LOG*
FileKey21=%SystemDrive%\Boot|BCD_tureg_old
FileKey22=%LocalAppData%\Microsoft\Windows|USRCLASS.DAT_tureg_new.LOG*

    Winapp2.ini additions

    in CCleaner

    Posted

    Some of the names are a bit shy of explanation as to what they affect or are associated with. This may make it difficult for non-experts to decide whether they should use them.

     

    Perhaps:

     

    [urlclassifier3.sqlite*] = [Firefox/Pale Moon urlclassifier3.sqlite*]

    [implicitAppShortcuts*] = [Windows QuickLaunch ImplicitAppShortcuts*]

    [DiagnosedApplications*]= [Windows QuickLaunch DiagnosedApplications*]

     

    JMO :rolleyes:

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept