[Visual C++ Redistributables]

Visual Studio 2015/2017/2019 C++ Redistributable has been updated to 14.27.29112.0

https://support.microsoft.com/en-us/help/2977003/the-latest-supported-visual-c-downloads

 

[Winapp2.ini additions]

9 hours ago, Winapp2.ini said:

I regret saying this I haven't had time for winapp2ool as I am a teacher in NYC and things are... hectic to say the least.. lol

No problemo!  By far, our kids' safety and teaching are far more important.  Just keep yourself safe as well.  

[Winapp2.ini additions]

Modified entry:   [Dell Logs *]

Added:  FileKey7, FileKey9, FileKey10, FileKey13

[Dell Logs *]
LangSecRef=3024
Detect1=HKLM\Software\Dell\MUP
Detect2=HKLM\Software\Dell\UpdateService
Detect3=HKLM\Software\PC-Doctor
DetectFile1=%AppData%\Creative\DELL Webcam Center
DetectFile2=%CommonAppData%\Dell
DetectFile3=%LocalAppData%\Dell
DetectFile4=%LocalAppData%\SupportSoft\DellSupportCenter
DetectFile5=%ProgramFiles%\Dell*
FileKey1=%AppData%\Creative\DELL Webcam Center|MO_Log.txt
FileKey2=%AppData%\PCDr\*\Logs|*.*
FileKey3=%CommonAppData%\Dell\*\Log|*.*
FileKey4=%CommonAppData%\Dell\*\Logs|*.*
FileKey5=%CommonAppData%\Dell\D3\pla\*\*|*.txt|REMOVESELF
FileKey6=%CommonAppData%\Dell\D3\Resources\Logs\serilog|*.*
FileKey7=%CommonAppData%\Dell\DellDataVault\Log|*.*|RECURSE
FileKey8=%CommonAppData%\Dell\Drivers\*|*.log;*.tmp|RECURSE
FileKey9=%CommonAppData%\Dell\SARemediation\Log|*.*|RECURSE
FileKey10=%CommonAppData%\Dell\TrustedDevice|*.log
FileKey11=%CommonAppData%\Dell\Update|*.txt
FileKey12=%CommonAppData%\Dell\UpdateService\Clients\Update|*.log
FileKey13=%CommonAppData%\Dell\UpdateService\Log|*.*
FileKey14=%CommonAppData%\Dell\UpdateService\UpdatePackage\Log|*.txt
FileKey15=%CommonAppData%\PCDr\*\Cache|*.xml
FileKey16=%CommonAppData%\PCDr\*\Cache\archives|*.*|RECURSE
FileKey17=%CommonAppData%\PCDr\*\Cache\BUMA|*.*
FileKey18=%CommonAppData%\PCDr\*\Cache\DriverScan|*.*
FileKey19=%CommonAppData%\PCDr\*\Logs|*.*
FileKey20=%LocalAppData%\Dell\*\Log|*.*
FileKey21=%LocalAppData%\Dell\DellMobileConnect|*.log
FileKey22=%LocalAppData%\SupportSoft\DellSupportCenter\*\state\logs|*.*
FileKey23=%ProgramFiles%\Dell*|*.log|RECURSE

Modified entry:  [Dell SupportAssist Agent *]

Changed FileKey3 from RECURSE to REMOVESELF

[Dell SupportAssist Agent *]
LangSecRef=3024
Detect=HKLM\Software\Dell\SupportAssistAgent
FileKey1=%CommonAppData%\PCDr\*\snapshots\*|*.*
FileKey2=%CommonAppData%\SupportAssist\Client\Agent\Downloads|*.*|RECURSE
FileKey3=%CommonAppData%\SupportAssist\Client\Agent\Logs\*|*.*|REMOVESELF
FileKey4=%CommonAppData%\SupportAssist\Client\SRE|*.log
FileKey5=%CommonAppData%\SupportAssist\Client\SRE\ExtendedLogs|*.*
FileKey6=%CommonAppData%\SupportAssist\Client\TechnicianToolkit\Library\Logs|*.*|RECURSE
FileKey7=%CommonAppData%\SupportAssist\Client\TechnicianToolkit\Library\RegBackup|*.*
FileKey8=%CommonAppData%\SupportAssist\Client\TechnicianToolkit\Library\Temp|*.*|RECURSE

Modified entry:  [Intel Graphics Command Center *]

Added FileKey1

[Intel Graphics Command Center *]
DetectOS=10.0|
LangSecRef=3031
Detect=HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\AppUp.IntelGraphicsExperience_8j3eq9eme6ctt
FileKey1=%LocalAppData%\Intel\GCC|*.txt
FileKey2=%LocalAppData%\Packages\AppUp.IntelGraphicsExperience_*\AC\BackgroundTransferApi|*.*|RECURSE
FileKey3=%LocalAppData%\Packages\AppUp.IntelGraphicsExperience_*\AC\INet*|*.*|RECURSE
FileKey4=%LocalAppData%\Packages\AppUp.IntelGraphicsExperience_*\AC\Microsoft\CryptnetUrlCache\*|*.*|RECURSE
FileKey5=%LocalAppData%\Packages\AppUp.IntelGraphicsExperience_*\AC\Temp|*.*|RECURSE
FileKey6=%LocalAppData%\Packages\AppUp.IntelGraphicsExperience_*\LocalCache|*.*|RECURSE
FileKey7=%LocalAppData%\Packages\AppUp.IntelGraphicsExperience_*\LocalState|gcc_log_*.txt
FileKey8=%LocalAppData%\Packages\AppUp.IntelGraphicsExperience_*\LocalState\Games2\cache|*.*|RECURSE
FileKey9=%LocalAppData%\Packages\AppUp.IntelGraphicsExperience_*\LocalState\Intel\GCC|gcc_log_*.txt
FileKey10=%LocalAppData%\Packages\AppUp.IntelGraphicsExperience_*\LocalState\MetroLogs|*.*|RECURSE
FileKey11=%LocalAppData%\Packages\AppUp.IntelGraphicsExperience_*\LocalState\Promotions|*.*|RECURSE
FileKey12=%LocalAppData%\Packages\AppUp.IntelGraphicsExperience_*\TempState|*.*|RECURSE

 

[Winapp2.ini additions]

Modifiec entry:  [Cyberlink PowerDVD *]

Added Filekey2

[CyberLink PowerDVD *]
LangSecRef=3023
Detect1=HKCU\Software\CyberLink\PowerDVD14
Detect2=HKCU\Software\CyberLink\PowerDVD15
Detect3=HKCU\Software\CyberLink\PowerDVD16
Detect4=HKCU\Software\CyberLink\PowerDVD17
Detect5=HKCU\Software\CyberLink\PowerDVD18
Detect6=HKCU\Software\CyberLink\PowerDVD19
Detect7=HKCU\Software\CyberLink\PowerDVD20
FileKey1=%CommonAppData%\Cyberlink\Evoparser|*.xml
FileKey2=%CommonAppData%\SUPPORTDIR\*|*.log
FileKey3=%LocalAppData%\Cyberlink\DigitalHome|*.log|RECURSE
FileKey4=%LocalAppData%\Cyberlink\PowerDVD*|*.log|RECURSE
FileKey5=%LocalAppData%\Cyberlink\PowerDVD*\cache*|*.*|RECURSE
FileKey6=%LocalAppData%\Cyberlink\PowerDVD*\CL_DMP_Browser|*.*|RECURSE
FileKey7=%LocalAppData%\Cyberlink\PowerDVD*\DB*\computer|*.db|RECURSE
FileKey8=%LocalAppData%\Cyberlink\PowerDVD*\DefaultMember|*.*|RECURSE
RegKey1=HKCU\Software\CyberLink\PowerDVD15\CLMPSvc\MediaObj\MediaCache5\Data5
RegKey2=HKCU\Software\CyberLink\PowerDVD15\CLMPSvc\MediaObj\MediaCache5\ProgramInfo
RegKey3=HKCU\Software\CyberLink\PowerDVD15\CLMPSvc\MediaObj\MediaCache5\Thumbnail5
RegKey4=HKCU\Software\CyberLink\PowerDVD16\CLMPSvc\MediaObj\MediaCache5\Data5
RegKey5=HKCU\Software\CyberLink\PowerDVD16\CLMPSvc\MediaObj\MediaCache5\ProgramInfo
RegKey6=HKCU\Software\CyberLink\PowerDVD16\CLMPSvc\MediaObj\MediaCache5\Thumbnail5
RegKey7=HKCU\Software\CyberLink\PowerDVD17\CLMPSvc\MediaObj\MediaCache5\Data5
RegKey8=HKCU\Software\CyberLink\PowerDVD17\CLMPSvc\MediaObj\MediaCache5\ProgramInfo
RegKey9=HKCU\Software\CyberLink\PowerDVD17\CLMPSvc\MediaObj\MediaCache5\Thumbnail5
RegKey10=HKCU\Software\CyberLink\PowerDVD18\CLMPSvc\MediaObj\MediaCache5\Data5
RegKey11=HKCU\Software\CyberLink\PowerDVD18\CLMPSvc\MediaObj\MediaCache5\ProgramInfo
RegKey12=HKCU\Software\CyberLink\PowerDVD18\CLMPSvc\MediaObj\MediaCache5\Thumbnail5
RegKey13=HKCU\Software\CyberLink\PowerDVD19\CLMPSvc\MediaObj\MediaCache5\Data5
RegKey14=HKCU\Software\CyberLink\PowerDVD19\CLMPSvc\MediaObj\MediaCache5\ProgramInfo
RegKey15=HKCU\Software\CyberLink\PowerDVD19\CLMPSvc\MediaObj\MediaCache5\Thumbnail5
RegKey16=HKCU\Software\CyberLink\PowerDVD20\CLMPSvc\MediaObj\MediaCache5\Data5
RegKey17=HKCU\Software\CyberLink\PowerDVD20\CLMPSvc\MediaObj\MediaCache5\ProgramInfo
RegKey18=HKCU\Software\CyberLink\PowerDVD20\CLMPSvc\MediaObj\MediaCache5\Thumbnail5

 

[Winapp2.ini additions]

Modified entry:  [Malwarebytes Anti-Malware *]

Added FileKey7=%LocalAppData%\Crashdumps\Malwarebytes|*.*|REMOVESELF

[Malwarebytes Anti-Malware *]
LangSecRef=3024
Detect=HKCU\Software\Malwarebytes
DetectFile=%ProgramFiles%\Malwarebytes Anti-Malware\mbam.exe
Warning=You must manually and temporarily turn off Malwarebytes "self-protection" to remove the logs.
FileKey1=%AppData%\Malwarebytes\Malwarebytes*Anti-Malware\Logs|*.*
FileKey2=%CommonAppData%\Malwarebytes\Malwarebytes*Anti-Malware|mbam-setup.exe
FileKey3=%CommonAppData%\Malwarebytes\Malwarebytes*Anti-Malware\Logs|*.*
FileKey4=%CommonAppData%\Malwarebytes\MBAMService|*.log;*.bak;*.regtrans-ms;*.TM.blf;*-ntuser.dat;*.LOG1;*.LOG2;*-UsrClass.dat
FileKey5=%CommonAppData%\Malwarebytes\MBAMService\logs|*.*
FileKey6=%CommonAppData%\Malwarebytes\MBAMService\ScanResults|*.*
FileKey7=%LocalAppData%\Crashdumps\Malwarebytes|*.*|REMOVESELF

 

[Winapp2.ini additions]

Modified entry:  [Quicken *]

Added FileKey6 and FileKey7

[Quicken *]
LangSecRef=3021
Detect1=HKLM\Software\Intuit\Quicken
Detect2=HKLM\Software\Quicken
FileKey1=%AppData%\Intuit\Quicken\Log|*.txt;*.log
FileKey2=%AppData%\Quicken\Log|*.txt;*.log
FileKey3=%CommonAppData%\Intuit\Quicken\Log|*.log
FileKey4=%CommonAppData%\Intuit\Quicken\Log\installer|*.*|REMOVESELF
FileKey5=%CommonAppData%\Intuit\SendError|*.log
FileKey6=%CommonAppData%\Quicken\Inet\QWWebData|Log.old
FileKey7=%CommonAppData%\Quicken\Inet\QWWebData\Cache|*.*
FileKey8=%CommonAppData%\Quicken\Log|*.log
FileKey9=%CommonAppData%\Quicken\Log\installer|*.*|REMOVESELF
FileKey10=%CommonAppData%\Quicken\SendError|*.log
FileKey11=%LocalAppData%\Intuit\Common\Authorization\V1\Logs|*.txt
FileKey12=%LocalAppData%\Quicken\Common\Authorization\V1\Logs|*.txt
FileKey13=%ProgramFiles%\Quicken\PDFDrv|install.log;InstallPDFConverter.log

 

[Winapp2.ini additions]

Modified entry:  [Dell Logs *]

Changed FileKey15 from FileKey15=%CommonAppData%\PCDr\*\Logs|*.Log to FileKey15=%CommonAppData%\PCDr\*\Logs|*.*  to remove all files in this Logs folder.

[Dell Logs *]
LangSecRef=3024
Detect1=HKLM\Software\Dell\MUP
Detect2=HKLM\Software\Dell\UpdateService
Detect3=HKLM\Software\PC-Doctor
DetectFile1=%AppData%\Creative\DELL Webcam Center
DetectFile2=%CommonAppData%\Dell
DetectFile3=%LocalAppData%\Dell
DetectFile4=%LocalAppData%\SupportSoft\DellSupportCenter
DetectFile5=%ProgramFiles%\Dell*
FileKey1=%AppData%\Creative\DELL Webcam Center|MO_Log.txt
FileKey2=%AppData%\PCDr\*\Logs|*.*
FileKey3=%CommonAppData%\Dell\*\Log|*.*
FileKey4=%CommonAppData%\Dell\*\Logs|*.*
FileKey5=%CommonAppData%\Dell\D3\pla\*\*|*.txt|REMOVESELF
FileKey6=%CommonAppData%\Dell\D3\Resources\Logs\serilog|*.*
FileKey7=%CommonAppData%\Dell\Drivers\*|*.log;*.tmp|RECURSE
FileKey8=%CommonAppData%\Dell\Update|*.txt
FileKey9=%CommonAppData%\Dell\UpdateService\Clients\Update|*.log
FileKey10=%CommonAppData%\Dell\UpdateService\UpdatePackage\Log|*.txt
FileKey11=%CommonAppData%\PCDr\*\Cache|*.xml
FileKey12=%CommonAppData%\PCDr\*\Cache\archives|*.*|RECURSE
FileKey13=%CommonAppData%\PCDr\*\Cache\BUMA|*.*
FileKey14=%CommonAppData%\PCDr\*\Cache\DriverScan|*.*
FileKey15=%CommonAppData%\PCDr\*\Logs|*.*
FileKey16=%LocalAppData%\Dell\*\Log|*.*
FileKey17=%LocalAppData%\Dell\DellMobileConnect|*.log
FileKey18=%LocalAppData%\SupportSoft\DellSupportCenter\*\state\logs|*.*
FileKey19=%ProgramFiles%\Dell*|*.log|RECURSE

 

[Microsoft preparing the Windows 10 October 2020 Update for release]

https://betanews.com/2020/09/18/microsoft-preparing-windows-10-october-2020-update/

https://blogs.windows.com/windows-insider/2020/09/18/preparing-the-windows-10-october-2020-update-ready-for-release/

 

[Winapp2.ini additions]

3 hours ago, Winapp2.ini said:

A small update is available for winapp2ool that improves the Diff module's output

Is version 1.4.7550.20152 still considered "beta"?

["old" Piriform-Community closed?]

The new Community.ccleaner.com URL needs a favicon attached to it such as the CCleaner red C.

[Visual C++ Redistributables]

Visual Studio 2015/2017/2019 C++ Redistributable has been updated to 14.27.29016.0

https://support.microsoft.com/en-us/help/2977003/the-latest-supported-visual-c-downloads

[Winapp2.ini additions]

Modified entry:  [Syncios Cell Phone Backup & Manage *]

Added Detect3

[Syncios Cell Phone Backup & Manage *]
LangSecRef=3024
Detect1=HKCU\Software\Syncios
Detect2=HKCU\Software\Syncios Data Transfer
Detect3=HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\Syncios Data Transfer.exe
FileKey1=%AppData%\app_sycnios_transfer_loader|*.*|REMOVESELF
FileKey2=%AppData%\Syncios|android.log;log.txt
FileKey3=%AppData%\Syncios Data Transfer|*.log|RECURSE
FileKey4=%AppData%\Syncios Data Transfer\GPUCache|*.*
FileKey5=%Documents%\Syncios Data Transfer|preference_conf.ini.old.bak
FileKey6=%SystemDrive%\temp|*.*|REMOVESELF

 

[Visual C++ Redistributables]

Visual Studio 2015/2017/2019 C++ Redistributable has been updated to 14.26.28720.3

https://support.microsoft.com/en-us/help/2977003/the-latest-supported-visual-c-downloads

 

 

[Winapp2.ini additions]

JFI for those users of Winapp2ool.exe (beta version 1.4.7441.15296), VirusTotal is showing 6 engines detecting the tool as infected.  In my case, I use Bitdefender Internet Security 2020 and it is tagging the tool as Gen.Variant.Razy.675528.  I submitted the file to Bitdefender on 29-May and thus far there has been no FP correction.  

 

[Winapp2.ini additions]

Modified Entry:  [Bitdefender *]

Added FileKey2

[Bitdefender *]
LangSecRef=3024
Detect1=HKLM\Software\Bitdefender\Bitdefender Internet Security
Detect2=HKLM\Software\Bitdefender\Bitdefender Total Security
Detect3=HKLM\Software\Bitdefender\Bitdefender Total Security 2015
Detect4=HKLM\Software\Softwin\Bitdefender Antivirus
FileKey1=%AppData%\Bitdefender\Desktop\profiles\Logs\*|*.xml
FileKey2=%CommonAppData%\Bitdefender\DTrace|*.log
FileKey3=%ProgramFiles%\Softwin\Bitdefender*\Logs|*.*
FileKey4=%SystemDrive%|bdlog.txt

 

[Winapp2.ini additions]

Okay, I have 1.4.7427.18862 on all my systems and it does not get flagged via VirusTotal.  HitManPro is no longer flagging it either.  Be interesting to see what KIS 2020 does the next time you issue a new Beta and Winapp2ool.exe beta attempts to upgrade automatically 

[Winapp2.ini additions]

56 minutes ago, Winapp2.ini said:

The hash of your copy of winapp2ool is different from the one I posted, are you using the latest version? 1.4.7427.18862

No, the one I get from the Beta download URL is 1.4.7427.18038.

[Winapp2.ini additions]

1 hour ago, Winapp2.ini said:

Unfortunately I can only go by VirusTotal and it currently shows clear.

https://www.virustotal.com/gui/file/5ba3effd47aed9b57a31d3398fcd35168be2d83001f78653c74ce6f141e8c9e2/detection

It seems kaspersky is being particularly hostile here, but I'm not sure why as none of these vendors provide tremendous information on their flagging motivations (for good reasons I suppose)

VirusTotal is showing Kaspersky and ZoneAlarm flagging Winapp2ool.exe as a trojan.

 

[Winapp2.ini additions]

Also, please keep in mind that Kaspersky and HitmanPro continue to flag these new betas as VHO:Trojan.Win32.Sdum.gen.  (false positive needs fixed before a new public release of Winapp2ool.exe).  Kaspersky even blocks a VirusTotal submission as a malicious website.

[Winapp2.ini additions]

I'm not seeing that behavior either on Beta version 1.4.7427.18038.  It seems to be working okay

[Trim]
TrimFile1_Name=winapp2.ini
TrimFile1_Dir=C:\Program Files\CCleaner
TrimFile2_Name=whitelist.ini
TrimFile2_Dir=C:\Program Files\CCleaner
TrimFile3_Name=winapp2.ini
TrimFile3_Dir=C:\Program Files\CCleaner
TrimFile4_Name=blacklist.ini
TrimFile4_Dir=C:\Program Files\CCleaner
DownloadFileToTrim=False
UseWhiteList=True
useBlackList=True
ModuleSettingsChanged=True

[Winapp2.ini additions]

Winapp2ool.exe v1.4.7426.15696 does not save the useblacklist=TRUE status in winapp2ool.ini when using both a Whitelist and Blacklist in the CCleaner folder.

[Trim]
MergeFile1_Name=winapp2.ini
MergeFile1_Dir=C:\Program Files\CCleaner
MergeFile3_Name=winapp2.ini
MergeFile3_Dir=C:\Program Files\CCleaner
DownloadFileToTrim=False
ModuleSettingsChanged=True
TrimFile1_Name=whitelist.ini
TrimFile1_Dir=C:\Program Files\CCleaner
TrimFile2_Name=whitelist.ini
TrimFile2_Dir=C:\Program Files\CCleaner
TrimFile3_Name=winapp2.ini
TrimFile3_Dir=C:\Program Files\CCleaner
TrimFile4_Name=blacklist.ini
TrimFile4_Dir=C:\Program Files\CCleaner
UseWhiteList=True
useBlackList=False

UPDATE:  If UseWhiteList=True and useBlacklist=True at the same time, a TRIM removes all of the Winapp2.ini entries and leaves only the Whitelist entries....weird.

[Winapp2.ini additions]

I have a Whitelist.ini and Blacklist.ini in my CCleaner folder.  Using Winapp2ool.exe v1.4.7426.15696, the Whitelist.ini and Blacklist.ini appear to be honored.  

[Winapp2.ini additions]

18 minutes ago, Winapp2.ini said:

the latest winapp2ool beta build includes support for adding a whitelist and a blacklist to the trim process.

simply fill a whitelist.ini and/or blacklist.ini file with the headers (you don't need the whole entry, just the [Header *] of entries you want to never trim or always trim

entries in whitelist.ini will always be kept in the file, irrespective of whether or not the detection criteria are met

entries in blacklist.ini will never be kept in the file, likewise.

The menu might be a little wonky!

Is the beta version 1.4.7426.13493 ??

[Winapp2.ini additions]

50 minutes ago, Winapp2.ini said:

Hooray!

Apparently, Kaspersky uses the Build and Version number of Windows 10 to issue corrections on False Positives.  Kaspersky has not caught up with the latest Insider Build 19619.1000 Version 2004 and is continuing to flag Winapp2ool.exe on my Insider test computer.

[Winapp2.ini additions]

15 hours ago, Winapp2.ini said:

This hasn't shown up on VirusTotal yet but I'll submit it to them through their False Positive page, thanks for the TrojanID

HitManPro also detects the Trojan as long as Kaspersky is falsely detecting it.

UPDATE as of 01-May-2020 04:30 am EDT.  It appears that Kaspersky has corrected the false positive.  Both KIS 2020 and HitmanPro now scan clear.