ROCKNROLL
-
Posts
515 -
Joined
-
Last visited
Posts posted by ROCKNROLL
-
-
@back_track: I am will aware that commonappdata and all users are the same. The issue is the FileKey is broken and I believe that it needs to be changed to program data, just like we had to do with the Mozilla maintainence logs.
EDIT: Nevermind, I figured out what the issue is and it wasn't Winapp2 fault or my fault. Sorry for this inconvience.
EDIT2: The issue has been resolved. Please ignore my post about the mozzilla maintence logs and my post about battle.net entry.
-
[battle.Net Client Cache*]
Section=Games
Detect=HKCU\Software\Blizzard Entertainment\Battle.net
FileKey1=%LocalAppData%\Battle.net\BrowserCache|*.*|RECURSE
FileKey2=%LocalAppData%\Battle.net\Cache|*.*|RECURSE
FileKey3=%CommonAppData%\BlizzardEntertainment\Battle.net\Cache|*.*|RECURSE
FileKey4=%LocalAppData%\VirtualStore\ProgramData\BlizzardEntertainment\Battle.net\Cache|*.*|RECURSEFileKey 3 is broken. Still picking up cache files in All Users/BlizzardEntertainment/Cache folder even after running the cleaner. I assume it has to be pointing at program data not commonappdata, but I am not sure. Anyone have any ideas?
-
I have another issue. I had uninstalled Thunderbird completely about a moneth ago, but it is still showing entires for Thunderbird in my cleaner. I have looked in appdata, programfiles, programdata, and in the registry for any traces of leftover thunderbirds entries, but have found nothing. Any clue why these entries would still be showing?
-
EDIT:
[ClamWin*]
LangSecRef=3021
Detect1=HKLM\Software\ClamWinDetect2=HKCU\Software\ClamWin
Default=False
FileKey1=%AppData%\.clamwin\log|*.*|RECURSE
FileKey2=%AllUsersProfile%\.clamwin\log|*.*|RECURSE
FileKey3=%ProgramFiles%\ClamWin\bin|*.txt
FileKey4=%LocalAppData%\VirtualStore\Program Files*\ClamWin\bin|*.txAdded Detect2. Changed all the REMOVESELF to RECURSE.
[Clam Sentinel*]
LangSecRef=3021
Detect=HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{060FE577-1BDF-4330-ACCA-B6760AB07191}_is1Default=False
FileKey1=%AppData%\.clamwin\log|*.*|RECURSE
FileKey2=%AppData%\ClamSentinel|*.txt
FileKey3=%AllUsersProfile%\.clamwin\log|*.*|RECURSE
FileKey4=%ProgramFiles%\ClamSentinel|*.txt
FileKey5=%LocalAppData%\VirtualStore\Program Files*\ClamSentinel|*.txtAdded FileKey 1. Changed all the REMOVESELF to RECURSE.
-
Thank you Coffee4Joe. I actually didn't create any of them. I pulled them from Winapp2 and they were as is.
-
Went through Winapp2 today. Found somethings for you guys.
Remove entry:
[Jetclean Registry Backups*]
LangSecRef=3024
DetectFile=%ProgramFiles%\BlueSprig\JetClean\JetClean.exe
Warning=Deleting the backups will result in you being unable to undo any changes by Jetclean. Be sure you are okay with removing the backups!
FileKey1=%AppData%\BlueSprig\JetClean\Backup|*.regRemove entry because it is a registry backup.
Reorganized these entries:
[blueStacks Setup*]
LangSecRef=3021
Detect1=HKCU\Software\Bluestacks
Detect2=HKLM\Software\Bluestacks
Warning=You will have to redownload these files in order to reinstall the application.
FileKey1=%LocalAppData%\VirtualStore\ProgramData\BlueStacksSetup\Images\|*.*|REMOVESELF
FileKey2=%LocalAppData%\VirtualStore\ProgramData\BlueStacksSetup|runtimedata_*.zip;runtimedata_*.zip.manifest
[MS AntiMalware*]
LangSecRef=3025
DetectFile=%CommonAppData%\Microsoft\Microsoft antimalware
Warning=This will make MS Security Essentials think it has never run a scan.
FileKey1=%CommonAppData%\Microsoft\Microsoft antimalware\network inspection system\Support|*.log
FileKey2=%CommonAppData%\Microsoft\Microsoft antimalware\support|*.log
FileKey3=%CommonAppData%\Microsoft\Microsoft antimalware\scans\history\results\Quick|*.*|REMOVESELF
FileKey4=%CommonAppData%\Microsoft\Microsoft antimalware\scans\history\results\resource|*.*|REMOVESELF
FileKey5=%CommonAppData%\Microsoft\Microsoft antimalware\scans\history\results\System|*.*|REMOVESELF
FileKey6=%LocalAppData%\VirtualStore\ProgramData\Microsoft\Microsoft antimalware\network inspection system\Support|*.log
FileKey7=%LocalAppData%\VirtualStore\ProgramData\Microsoft\Microsoft antimalware\support|*.log
FileKey8=%LocalAppData%\VirtualStore\ProgramData\Microsoft\Microsoft antimalware\scans\history\results\Quick|*.*|REMOVESELF
FileKey9=%LocalAppData%\VirtualStore\ProgramData\Microsoft\Microsoft antimalware\scans\history\results\resource|*.*|REMOVESELF
FileKey10=%LocalAppData%\VirtualStore\ProgramData\Microsoft\Microsoft antimalware\scans\history\results\System|*.*|REMOVESELFThe warnings were misorganized comparing to the other entries.
This next set is more like a suggestion. I was looking through some of the warnings and the ones I have listed below are a bit unneeded/unnesscary and I think the warnings should just be removed.
[bumpTop StickyNotes*]
LangSecRef=3021
Detect=HKCU\Software\Bump Technologies, Inc.
Warning=This will clear your sticky notes for BumpTop
FileKey1=%UserProfile%\Desktop|StickyNote*.txt
[Farming Simulator Old Autosaves*]
Section=Games
Detect=HKLM\Software\SCS Software
Warning=This will delete all Euro Truck Simulator Autosaves. It will not delete your most recent saved game.
FileKey1=%Documents%\My Games\FarmingSimulator2011\savegame*|*.*|REMOVESELF
FileKey2=%Documents%\My Games\FarmingSimulator2011\savegame*_autoBackup*|*.*|REMOVESELF
FileKey3=%Documents%\My Games\FarmingSimulator2011\savegame1_autoBackup*|*.*|REMOVESELF
FileKey4=%Documents%\My Games\FarmingSimulator2013\savegame*|*.*|REMOVESELF
ExcludeKey1=PATH|%Documents%\My Games\FarmingSimulator2011\savegame1\*
ExcludeKey2=PATH|%Documents%\My Games\FarmingSimulator2013\savegame1\*
ExcludeKey3=PATH|%Documents%\My Games\FarmingSimulator2013\savegameBackup
[Local Storage*]
Warning=This will completely clear all local storage items.
LangSecRef=3029
SpecialDetect=DET_CHROME
DetectFile1=%LocalAppData%\Torch
DetectFile2=%LocalAppData%\SuperBird
FileKey1=%LocalAppData%\Chrome Plus\User Data\*\Local Storage|http*.*|RECURSE
FileKey2=%LocalAppData%\Chromium\User Data\*\Local Storage|http*.*|RECURSE
FileKey3=%LocalAppData%\Flock\User Data\*\Local Storage|http*.*|RECURSE
FileKey4=%LocalAppData%\Google\Chrome\User Data\*\Local Storage|http*.*|RECURSE
FileKey5=%LocalAppData%\Google\Chrome SxS\User Data\*\Local Storage|http*.*|RECURSE
FileKey6=%LocalAppData%\Rockmelt\User Data\*\Local Storage|http*.*|RECURSE
FileKey7=%LocalAppData%\SRWare Iron\User Data\*\Local Storage|http*.*|RECURSE
FileKey8=%LocalAppData%\Torch\User Data\*\Local Storage|http*.*|RECURSE
FileKey9=%LocalAppData%\SuperBird\User Data\*\Local Storage|http*.*|RECURSE
[MAGIX Driver Downloads*]
LangSecRef=3023
Detect=HKCU\Software\Magix
Warning=This will delete all you downloaded Drivers.
FileKey1=%CommonAppData%\MAGIX\*\download|*.*|REMOVESELF
FileKey2=%LocalAppData%\VirtualStore\ProgramData\MAGIX\*\download|*.*|REMOVESELF
[Miranda IM Chat Log*]
LangSecRef=3022
Warning=This will delete your chat logs!
DetectFile=%ProgramFiles%\Miranda IM
FileKey1=%AppData%\Miranda\Profiles\*\Logs\Chat|*.*|REMOVESELFIt is just my opinion, though.
Lastly, because of the issue with the mozilla maintenance logs under firefox, the same would go for thunderbird, as well, and any other program that runs the mozilla maintenance logs.
[Thunderbird Maintenance Service*]
LangSecRef=3030
SpecialDetect=DET_THUNDERBIRD
FileKey1=%CommonAppData%\Mozilla*\logs|*.*|REMOVESELF
FileKey2=%LocalAppData%\VirtualStore\ProgramData\Mozilla*\logs|*.*|REMOVESELFCommonAppData should be switched to Program data.
-
Ah yes. Thank you CSGalloway. FileKey 1 should be pointing at program data not commonappdata.
-
[Mozilla Maintenance Service Logs*]
LangSecRef=3026
SpecialDetect=DET_MOZILLA
FileKey1=%CommonAppData%\Mozilla*\logs|*.*
FileKey2=%LocalAppData%\VirtualStore\ProgramData\Mozilla*\logs|*.*I have an issue on this entry. I don't know if FileKey1 is not set up correctly, but on my Windows 7 64-bit system, I have maintenence service logs under C:/Users/All Users/Mozilla/logs that are not being cleaned even after running that entry.
-
Edit entry:
[AMD/ATI*]
LangSecRef=3024
Detect1=HKLM\Software\AMD
Detect2=HKLM\Software\ATI
Detect3=HKLM\Software\ATI Technologies
DetectFile=%ProgramFiles%\ATI Technologies\ATI.ACE
FileKey1=%CommonAppData%\AMD\Fuel|*.txt
FileKey2=%CommonAppData%\AMD\KDB|*.log
FileKey3=%LocalAppData%\AMD\Fuel|ClientProxyLog*.*
FileKey4=%LocalAppData%\AMD\GLCache|*.*|RECURSE
FileKey5=%LocalAppData%\ATI\ACE|*.txt
FileKey6=%ProgramFiles%\AMD\OverDrive|*.log
FileKey7=%ProgramFiles%\AMD\amdkmpfd|*.*|REMOVESELF
FileKey8=%ProgramFiles%\ATI\CIM\Reports|*.*
FileKey9=%ProgramFiles%\ATI Technologies|*.log|RECURSE
FileKey10=%ProgramFiles%\ATI Technologies|cccutil64.txt
FileKey11=%SystemDrive%\ATI|*.*|REMOVESELF
FileKey12=%SystemDrive%\AMD|*.*|REMOVESELF
FileKey13=%WinDir%\System32|CCCInstall*.log
FileKey14=%WinDir%\SysWOW64|CCCInstall*.log
FileKey15=%LocalAppData%\VirtualStore\Program Files*\AMD\OverDrive|*.log
FileKey16=%LocalAppData%\VirtualStore\Program Files*\AMD\amdkmpfd|*.*|REMOVESELF
FileKey17=%LocalAppData%\VirtualStore\Program Files*\ATI\CIM\Reports|*.*
FileKey18=%LocalAppData%\VirtualStore\Program Files*\ATI Technologies|*.log|RECURSE
FileKey19=%LocalAppData%\VirtualStore\Program Files*\ATI Technologies|cccutil64.txt
FileKey20=%LocalAppData%\VirtualStore\ProgramData\AMD\Fuel|*.txt
FileKey21=%LocalAppData%\VirtualStore\ProgramData\AMD\KDB|*.logAdded FileKey 4.
-
New entry:
[Peerblock Failed Lists*]
LangSecRef=3024
DetectFile=%ProgramFiles%\Peerblock
Warning: This will delete all lists that failed to load into your peerblock
FileKey1=%ProgramFiles%\Peerblock\lists|*.list.failed* -
This entry is bugged:
[inno Setup Installers Temp*]
LangSecRef=3024
DetectFile=%LocalAppData%\Programs
FileKey1=%LocalAppData%\Programs|*.*|REMOVESELFGetting it on my system, even though I don't use Inno.
-
I assume the entries I re-posted that Neverbloom had were denied/already included in CCleaner?
-
I just asked because ovbiously there was a WInapp1 at one point in time and probably not much has changed between Winapp1 and Winapp2 other then more entries, right?
-
Just out of curiosity, are there any plans for a Winapp3, at all?
-
These are some of the entries that Neverbloom had before he was removed off the forums. I thought that these were ok to add. They are only log files. I didn't edit any of these, so some of them might need name changes or warning messages changed.
ADD:
[Downloaded Program Files*] <----- Questioning this one.
LangSecRef=3025
Default=False
DetectFile=%WINDIR%\Downloaded Program Files\
FileKey1=%WINDIR%\Downloaded Program Files\|*.*|REMOVESELF
[Task Scheduler Job Files*]
LangSecRef=3025
Default=False
DetectFile=%WINDIR%\Tasks\
FileKey1=%WINDIR%\Tasks\|*.JOB|RECURSE
[Microsoft Event Trace Log Files*]
LangSecRef=3025
Default=False
Warning=Log files created by Microsoft Tracelog, a program that creates logs using the events from the kernel in Microsoft operating systems.
DetectFile1=%WINDIR%\System32\WDI\
DetectFile2=%WINDIR%\System32\Performance\
FileKey1=%WINDIR%\System32\WDI\|*.ETL*|RECURSE
FileKey2=%WINDIR%\System32\Performance\|*.ETL*|RECURSE
[service Control Manager Trace*] <------ These are just log files
LangSecRef=3025
Default=False
Warning=The service control manager (SCM) is started at system boot. It is a remote procedure call (RPC) server.
DetectFile=%WINDIR%\system32\LogFiles\Scm\
FileKey1=%WINDIR%\system32\LogFiles\Scm\|SCM.EVM*|RECURSE
[Container.dat Files*] <----- Also questioning this one.
LangSecRef=3022
Default=False
FileKey1=%USERPROFILE%\AppData\|Container.dat|RECURSE
[Windows Event Viewer Log Files*]
LangSecRef=3025
Default=False
Warning=Event logs are special files that record significant events on your computer, such as when a user logs on to the computer or when a program encounters an error.
DetectFile=%WINDIR%\System32\winevt\Logs\
FileKey1=%WINDIR%\System32\winevt\Logs\|*.EVT*
[Windows Setup Log Files*]
LangSecRef=3025
Default=False
Warning=Delete the leftovers from Windows installations and upgrades.
DetectFile=%WINDIR%\PANTHER\
FileKey1=%WINDIR%\PANTHER\|*.*|RECURSE
FileKey2=%WINDIR%\INF\|setupapi.dev.log
FileKey3=%WINDIR%\INF\|setupapi.app.log
FileKey4=%WINDIR%\Performance\Winsat\|winsat.log
[Flash Local Shared Object Files*] <------ These are just flash cookies. The same cookies Flash Player deletes when you use the delete cookies setting.
Section=File Extensions
Default=False
Warning=Also known as "Flash cookies".
FileKey1=%SYSTEMDRIVE%\|*.SOL|RECURSE
[Log Files*]
Section=File Extensions
Default=False
FileKey1=%SYSTEMDRIVE%\|*.LOG|RECURSE
[Registry Transaction Log Files*]
Section=File Extensions
Default=False
Warning=Log files created by the Common Log File System (CLFS), a Microsoft Windows component used for creating transaction logs.
FileKey1=%SYSTEMDRIVE%\|*.REGTRANS-MS|RECURSE
FileKey2=%SYSTEMDRIVE%\|*.BLF|RECURSE
[Gather Log Files*]
Section=File Extensions
Default=False
Warning=Log files created after each file indexing process.
FileKey1=%SYSTEMDRIVE%\|*.GTHR|RECURSE
[Windows Binary Performance Log Files*]
Section=File Extensions
Default=False
Warning=Log files created by Windows performance tracking tools.
FileKey1=%SYSTEMDRIVE%\|*.BLG|RECURSE
[Exchange Reserve Transaction Log Files*]
Section=File Extensions
Default=False
Warning=Transaction log files created by Microsoft Exchange.
FileKey1=%WINDIR%\|*.JRS|RECURSE
[Windows Registry Hive Log Files*]
Section=File Extensions
Default=False
FileKey1=%WINDIR%\|*.LOG1|RECURSE
FileKey1=%WINDIR%\|*.LOG2|RECURSE
[Error Log Files*]
Section=File Extensions
Default=False
FileKey1=%SYSTEMDRIVE%\|*.ERR|RECURSEEDIT:
[Windows CBS Logs*]
LangSecRef=3025
Detect=HKLM\Software\Microsoft\Windows
FileKey1=%WinDir%\Logs\CBS|cbs.log;*.cab
FileKey2=%WINDIR%\logs\CBS\|CbsPersist_*.cabAdded FileKey 2
[Windows Log Files More*]
LangSecRef=3025
Detect=HKCU\Software\Microsoft\Windows
FileKey1=%WinDir%\inf|setupapi.offline.log
FileKey2=%WinDir%\Panther|cbs.log;DDACLSys.log;miglog.xml;Migrep.html
FileKey3=%WinDir%\winsxs|poqexec.log
FileKey4=%WinDir%\debug\WIA|*.log
FileKey5=%WinDir%|SIGVERIF.TXT
FileKey6=%WinDir%\System32\sysprep\Panther\IE|diagerr.xml;diagwrn.xml
FileKey7=%WinDir%\Panther|PostGatherPnPList.log;PreGatherPnPList.log
FileKey8=%WinDir%\Panther\UnattendGC|diagerr.xml;diagwrn.xml
FileKey9=%WINDIR%\INF\|setupapi.app.log;setupapi.dev.log
FileKey10=%WINDIR%\Performance\Winsat\|winsat.logAdded FileKeys 9 and 10
-
Didn't notice that. I fixed it.
-
EDIT:
[steam Logs*]
Section=Games
Detect=HKCU\Software\Valve\Steam
FileKey1=%ProgramFiles%\Steam|*.log;*log.last;connection_log_*.txt;*_log.txt;remote_connections.txt;vr*_*.txt|RECURSE
FileKey2=%ProgramFiles%\Valve\Steam|Steam.log
FileKey3=%ProgramFiles%\Valve\Steam\SteamLogs|*.log
FileKey4=%ProgramFiles%\Steam\vr\runtime\logs|*.*|RECURSE
FileKey5=%AppData%\SteamVR\Logs|*.*|REMOVESELF
FileKey6=%LocalAppData%\VirtualStore\Program Files*\Steam|*.log;*log.last;connection_log_*.txt;*_log.txt;remote_connections.txt;vr*_*.txt|RECURSE
FileKey7=%LocalAppData%\VirtualStore\Program Files*\Valve\Steam|Steam.log
FileKey8=%LocalAppData%\VirtualStore\Program Files*\Valve\Steam\SteamLogs|*.logAdded FileKey 4.
-
Edit:
[battle.Net Client Logs*]
Section=Games
Detect=HKCU\Software\Blizzard Entertainment\Battle.net
FileKey1=%CommonAppData%\Battle.net\Client\Blizzard Launcher.*\Logs|*.*|RECURSE
FileKey2=%CommonAppData%\Battle.net\Client\Logs|*.*|RECURSE
FileKey3=%LocalAppData%\Battle.Net\Logs|*.*|RECURSE
FileKey4=%LocalAppData%\VirtualStore\ProgramData\Battle.net\Client\Blizzard Launcher.*\Logs|*.*|RECURSE
FileKey5=%LocalAppData%\VirtualStore\ProgramData\Battle.net\Client\Logs|*.*|RECURSEFileKey6=%Documents%\StarCraft II\GameLogs|*.*|RECURSE
Added FileKey 6.
EDIT: Nevermind. This is already included in StarCraft II Logs entry.
-
Something is wrong with this entry:
[Multi-Edit 2008 Logs*]
LangSecRef=3024
DetectFile2=%AppData%\Multi Edit Software
FileKey1=%AppData%\Multi Edit Software|*.log|RECURSEIt's being detected on my system, but I never used this program in my life.
-
New entry:
[spiral Knights]
Section=Games
Detect=HKCU\Software\Valve\Steam\Apps\99900
FileKey1=%ProgramFiles%\Steam\SteamApps\common\Spiral Knights|*.log -
No. It was just CCleaner at the time. I had just installed it and ran CCleaner by itself to do some tests.
-
So yesterday, I ran CCleaner (the first time in many years) an had the option "clean recyclin bin" checked. It ran and it was cleaning out the recyclin bin, but when i checked the folder recyclin bin under C:/ drive, the folder reported it was empty, 0KB. CCleaner reported after it was done it cleaned over 130MB out in that folder. I just want to know what CCleaner was cleaning out in that folder and if I should be worried or not?
-
So I noticed windows cleanup has an option to remove old windows udates that are no longer needed. I am wondering if it is possible for Winapp2 to have their own cleaning rule to cleanup old windows updates?
-
EDIT:
[starCraft II Logs*]
Section=Games
Detect=HKCU\Software\Blizzard Entertainment\StarCraft II
FileKey1=%ProgramFiles%\Starcraft II\Logs|*.*
FileKey2=%Public%\games\Starcraft II\Logs|*.*
FileKey3=%SystemDrive%\Starcraft II\Logs|*.*
FileKey4=%Documents%\StarCraft II\GameLogs|*.*|RECURSEAdded FileKey 4.
Winapp2.ini additions
in CCleaner
Posted
Thanks for the update, but you forgot these entries:
Edit:
[ClamWin*]
LangSecRef=3021
Detect1=HKLM\Software\ClamWin
Detect2=HKCU\Software\ClamWin
Default=False
FileKey1=%AppData%\.clamwin\log|*.*|RECURSE
FileKey2=%AllUsersProfile%\.clamwin\log|*.*|RECURSE
FileKey3=%ProgramFiles%\ClamWin\bin|*.txt
FileKey4=%LocalAppData%\VirtualStore\Program Files*\ClamWin\bin|*.tx
Added Detect2. Changed all the REMOVESELF to RECURSE.
[Clam Sentinel*]
LangSecRef=3021
Detect=HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{060FE577-1BDF-4330-ACCA-B6760AB07191}_is1
Default=False
FileKey1=%AppData%\.clamwin\log|*.*|RECURSE
FileKey2=%AppData%\ClamSentinel|*.txt
FileKey3=%AllUsersProfile%\.clamwin\log|*.*|RECURSE
FileKey4=%ProgramFiles%\ClamSentinel|*.txt
FileKey5=%LocalAppData%\VirtualStore\Program Files*\ClamSentinel|*.txt
Added FileKey 1. Changed all the REMOVESELF to RECURSE.