Recently I purchased a Samsung Galaxy S4 phone and one of the items which I installed on my system was the Samsung Kies software.
Well, I was able to remove all but one entry to prevent Auto starting of the program. The one entry which I was not able to stop, I recently found had to be done manually.
It seems that the programmers use a little trick to prevent CCleaner from seeing the entry in question. I found it listed under the following key:
But the trick they used to Blind side CCleaner was to edit the very first String Value for the entry which is the (Default) entry, the one which usually says "value not set"
As such, it seems that CCleaner tends to ignore the (Default) entry which is why I'm posting this as a bug report.
Because if this piece of software can use this trick, then what is to stop others from using the same trick for malicious entriessuch as malware while those of us sctrach our heads wondering why it's not showing up in CCleaner or other software scans we might use until we happen to think to manually check the registry.
Forgive me for not being as clear as I should have been last night.....
My main concern was that when using CCleaner > Tools > Startup
that CCleaner fails to list any startup entries which have been entered into the (Default) String Vaule..
That is to say, the very first entry under a run Key which is usually listed as (Default) with "value not set".
The Samsung Kies software has changed the entry from "value not set" to C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
Now if this can be done for this piece of software, then what is to prevent Malware Authors from using this technique for their crap?
-
When I install or update some software, I usually open CCleaner to check the Startup entries and depending on what I find, sometimes I'll disable or delete an entry or I'll just leave it alone.
In the case of Samsung Kies, I deleted two entries already and this last key I manually disabled the entry after having renamed the String Value of course.
-
I consider CCleaner to be a valuable tool and as such, I felt the creators of this software should be aware of the trick being used to prevent CCleaner (and possibley other software) from seeing a particular entry, a trick which could be abused. As someone who works to clean and prevent infected systems, I couldn't just stand by and not say anything.