Another user of CCleaner noted that MalwareBytes was listed under Cleaner -> Applications -> Utilities. I also have MalwareBytes but it isn't listed in CCleaner. He has lots of utilities listed but I only have 3 utilities listed (7-zip, Avast, and Winpatrol). I can see using SysInternals' Procmon that ccleaner.exe is doing a RegQueryKey under the HKCU\Software and HKLM\Software registry keys and finding all those software entries but very few get listed.
Does CCleaner query the Software registry keys to find what software is installed but only list those for which it knows how to clean? That is, I would think CCleaner would only do cleanup on what it knows is proper cleanup. After all, just because there's an entry in the Software registry for an application doesn't mean CCleaner knows how to clean it up or that there is anything to cleanup. However, MalwareBytes can save logfiles under the "%userprofile%\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs" folder.
So I'm wondering why some users (with the same software installed) see more entries under the Utilities section in CCleaner than am I.
"C:\program files\ccleaner\ccleaner.exe" /export and you can read what is looked at for what programs in the resulting winapp.ini found in your ccleaner folder
"C:\program files\ccleaner\ccleaner.exe" /export and you can read what is looked at for what programs in the resulting winapp.ini found in your ccleaner folder
I take it that the command shows what CCleaner will look for, not what it found. In the outputted winapp.ini file, MalwareBytes is listed. I have it installed (the free version). It is not listed under Cleaner -> Applications -> Utilities (as another user of CCleaner and MalwareBytes has told me it is listed for him). One of the entries for MalwareBytes listed in winapp.ini says it will look at the following path (for log files):
So I looked in Windows Explorer and also at the properties for the MalwareBytes shortcut in the Start menu. The path for MalwareBytes on my host is:
Malwarebytes Anti-Malware
Notice there is no apostrophe character after the "MalwareBytes" string for the folder where the product got installed. I then looked in the registry at:
Its data item named "notifyInstallationPath" also shows the same folder (without the apostrophe). So I don't know if the author of MalwareBytes changed his installation folder name or if I did that during the install. I sometimes change the ridiculous names that some authors use to shorten the folder name, eliminate potential parsing problems, or decide to install them somewhere other than the default destination.
So it looks like CCleaner doesn't go scanning the folders to find the files for the programs it knows how to clean. That is, it didn't scan looking for mbam.exe to find what folder it was really under. CCleaner also doesn't look in the registry to find paths for data items, class IDs, or other information used by a program to identify where it is. CCleaner has a static list of folders which are the default ones. If the software author or user changes that destination folder then CCleaner won't find it by using its fixed list of products and their folders.
I sometimes change the ridiculous names that some authors use to shorten the folder name, eliminate potential parsing problems, or decide to install them somewhere other than the default destination.
That alone will shorten the list of software CCleaner can detect on a system, especially if you also use the winapp2.ini file.
Yet the software has to know where it is installed plus its installer needs to know where it got installed when you uninstall it. If you look under HKLM\Software, you'll find there is an entry with the registry key for each product that states where it got installed. Even CCleaner is like that. Sometimes the install or working/home path isn't under here but a GUID is listed so you have to look there (like under a shell/open/command subkey).
Since CCleaner knows where are the files it will cleanup for an app, I figured it also knew how those same products define their registry keys and data items under them and which are items not altered by the user during the installation and not likely altered thereafter (the user might move the app elsewhere after changing the registry settings for the app but the registry keys and data items' name have to remain the same).
CCleaner goes reading the registry, like the HKLM/Software keys, when it runs so I figured it was determining where all that listed software was installed or its current working/home folder(s). Even if the user installs elsewhere or the software vendor changes defaults in a newer version, the registry keys and data items won't change that point to the install path. Looks like I was expecting CCleaner to be smarter than just using a static list of default install paths and instead find where it really was. Oh well, live and learn, live and burn.
Another user of CCleaner noted that MalwareBytes was listed under Cleaner -> Applications -> Utilities. I also have MalwareBytes but it isn't listed in CCleaner. He has lots of utilities listed but I only have 3 utilities listed (7-zip, Avast, and Winpatrol). I can see using SysInternals' Procmon that ccleaner.exe is doing a RegQueryKey under the HKCU\Software and HKLM\Software registry keys and finding all those software entries but very few get listed.
Does CCleaner query the Software registry keys to find what software is installed but only list those for which it knows how to clean? That is, I would think CCleaner would only do cleanup on what it knows is proper cleanup. After all, just because there's an entry in the Software registry for an application doesn't mean CCleaner knows how to clean it up or that there is anything to cleanup. However, MalwareBytes can save logfiles under the "%userprofile%\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs" folder.
So I'm wondering why some users (with the same software installed) see more entries under the Utilities section in CCleaner than am I.
Hi
Just post the list of software that is missing on your machine and we will see if it is possible to detect non standard installation locations for them
Attached is a .reg file of entries from under HKLM\Software where there is information under a program's registry key showing where it got installed. I omitted a LOT of registry keys for various reasons too many list here (program probably doesn't have anything to cleanup, .NET stuff, Microsoft technologies, etc) and those that didn't have anything obvious as to where the program would be found. A couple don't have a path under HKLM\Software but instread refer to a GUID that you find under Classes\CLSID where a path is listed to the program (since it's the handler or server process).
As mentioned, lots of software tells you in its registry entry where it got installed or where it runs from. That lets you know the software is on the computer plus where it is. Notice that MalwareBytes is one of those that identifies where it got installed. Also, the HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall key (included in the attached file since it is under HKLM\Software) is a good starting point to look for path since their uninstall entry often specifies where is the program or where is the uninstall program (which is usually under the program's installation folder).
I changed the exported and edited .reg file to a .txt extension to avoid someone mistakeningly double-clicking on it which would modify their registry (but after a warning prompt).
I said that the attached file was exportedfrom the registry. Go into regedit (where you were looking) and exportthat same registry key to a .reg file, open in a text viewer (e.g., Notepad), and notice what happens to the backslash in paths. It's called escaping the escape character.
The idea is that the .reg file will be used to add/change/delete entries in the registry. The parsing operation uses the backslash as an escape character just as it is used in regex (regular expressions). To specify a backslash as a character and not as the escape character means escaping the escape character so why 2 backslashes are used.
File and folder paths that contain slash characters must be doubled in a .reg file. The single slash is a special tag character use to clarify (modify) the following character. For example, \t is a tab character and \n is a newline (CR-LF sequence). Well, if a path had "C:\Program Files\Tcalc\tc.exe" and you exported that value then you would end up with two tab characters in the path instead of "T" characters. To specify one slash character with is a special character by itself, you escape that character by using "\\" (i.e., "\\" = "\").