Jump to content
CCleaner Community Forums
Winapp2.ini

Winapp2.ini additions

Recommended Posts

Here is an entry that I use. It wipes locally stored user names and passwords. I think we should add it, maybe with a warning.

[Credentials *]
LangSecRef=3025
Detect=HKCU\Software\Microsoft\Windows
Default=False
FileKey1=%LocalAppData%\Microsoft\Credentials|*.*|RECURSE
FileKey2=%AppData%\Microsoft\Credentials|*.*|RECURSE
FileKey3=%WinDir%\ServiceProfiles\LocalService\AppData\Local\Microsoft\Credentials|*.*|RECURSE
FileKey4=%WinDir%\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Credentials|*.*|RECURSE

Share this post


Link to post
Share on other sites
7 hours ago, SMalik said:

Here is an entry that I use. It wipes locally stored user names and passwords. I think we should add it, maybe with a warning.

[Credentials *]
LangSecRef=3025
Detect=HKCU\Software\Microsoft\Windows
Default=False
FileKey1=%LocalAppData%\Microsoft\Credentials|*.*|RECURSE
FileKey2=%AppData%\Microsoft\Credentials|*.*|RECURSE
FileKey3=%WinDir%\ServiceProfiles\LocalService\AppData\Local\Microsoft\Credentials|*.*|RECURSE
FileKey4=%WinDir%\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Credentials|*.*|RECURSE

What is the impact of deleting the files above?  Sounds a bit risky to me.   Winapp3.ini ??

Share this post


Link to post
Share on other sites
9 hours ago, siliconman01 said:

What is the impact of deleting the files above?  Sounds a bit risky to me.   Winapp3.ini ??

User names and passwords that you log on to websites or other computers on a network.
It is completely safe.

credentials.jpg

Share this post


Link to post
Share on other sites
3 hours ago, SMalik said:

User names and passwords that you log on to websites or other computers on a network.
It is completely safe.

credentials.jpg

I think, but am unsure, that this removal may cause havok for people who use a microsoft login for windows 10

Share this post


Link to post
Share on other sites
37 minutes ago, Nergal said:

I think, but am unsure, that this removal may cause havok for people who use a microsoft login for windows 10

I fear that people will already be angry that "we" have deleted their credentials for their NAS share. (That's why I don't understand why CCleaner also has built-in entries for passwords. IMHO passwords are not crap.)

Share this post


Link to post
Share on other sites

Revised Entry

I think we should change the Detect from HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\WindowsUpdate to HKCU\Software\Microsoft\Windows

[Windows Update *]
LangSecRef=3025
Detect=HKCU\Software\Microsoft\Windows
Default=False
FileKey1=%WinDir%\Logs\waasmedic|*.*|RECURSE
FileKey2=%WinDir%\Logs\WindowsUpdate|*.*|RECURSE
FileKey3=%WinDir%\SoftwareDistribution\DataStore\Logs|*.*|RECURSE

Share this post


Link to post
Share on other sites

Let's bring this entry back.

The Security Token Service provides brokered authentication for web services. Previously there was an issue when removing Token Broker Cache files on a Windows Insider Preview build. It was removing Windows Insider account login info. The issue was fixed in the later insider preview build.

[Security Service Token Cache *]
LangSecRef=3025
Detect=HKCU\Software\Microsoft\Windows
Default=False
FileKey1=%LocalAppData%\Microsoft\TokenBroker\Cache|*.*|RECURSE

Share this post


Link to post
Share on other sites

New Entry

System should be restarted after wiping these caches.

Works well in Windows Safe Mode.

[Windows Start Cache *]
DetectOS=10.0|
LangSecRef=3025
Detect=HKCU\Software\Microsoft\Windows
Default=False
FileKey1=%LocalAppData%\Microsoft\Windows\Caches|*.*|RECURSE
FileKey2=%CommonAppData%\Microsoft\Windows\Caches|*.*|RECURSE
FileKey3=%WinDir%\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Caches|*.*|RECURSE

Share this post


Link to post
Share on other sites
7 hours ago, SMalik said:

New Entry

System should be restarted after wiping these caches.

Works well in Windows Safe Mode.

[Windows Start Cache *]
DetectOS=10.0|
LangSecRef=3025
Detect=HKCU\Software\Microsoft\Windows
Default=False
FileKey1=%LocalAppData%\Microsoft\Windows\Caches|*.*|RECURSE
FileKey2=%CommonAppData%\Microsoft\Windows\Caches|*.*|RECURSE
FileKey3=%WinDir%\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Caches|*.*|RECURSE

Sounds more like a candidate for Winapp3.ini

Share this post


Link to post
Share on other sites
8 hours ago, siliconman01 said:

Sounds more like a candidate for Winapp3.ini

It is already in the Winapp3.ini: [Windows Search Cache *]. It was removed in 2013 because it crashed explorer.exe in Windows 7/8 and temporarily removed all Metro apps from the Windows 8 start screen.

The revised entry is now only for Windows 10, but since Safe Mode and/or a reboot are required, it would be better if it remains a Winapp3.ini entry.

Share this post


Link to post
Share on other sites

With all the previous discussion about "Action Center" on Windows 10, it does not seem to be agreed by the global community that "Action Center" is not the correct name.  Perhaps we should rethink the change that was made a few days back, eh?

https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-cumulative-update-kb4476976-to-fix-action-center-issues/

Share this post


Link to post
Share on other sites
32 minutes ago, siliconman01 said:

With all the previous discussion about "Action Center" on Windows 10, it does not seem to be agreed by the global community that "Action Center" is not the correct name.  Perhaps we should rethink the change that was made a few days back, eh? ...

:lol: Yes, if you right-click on the balloon icon in the lower right corner, the menu should also display "Open action center". But Microsoft also calls it "Notifications and Action Center", so the current entry name [Notifications *] is ok for me.

Share this post


Link to post
Share on other sites

Is it considered bad, or taboo to clean things located in (on Win10): C:\ProgramData

Reason I ask is because on my Win10 system I've found two things in my opinion worth cleaning, but when looking in winapp2.ini and searching I see nothing in there that targets in particular: %ProgramData%

Share this post


Link to post
Share on other sites
23 minutes ago, Andavari said:

Is it considered bad, or taboo to clean things located in (on Win10): C:\ProgramData

Reason I ask is because on my Win10 system I've found two things in my opinion worth cleaning, but when looking in winapp2.ini and searching I see nothing in there that targets in particular: %ProgramData%

No, we clean a lot of files under C:\ProgramData. Search for entries using the variable %CommonAppData% (=C:\ProgramData).

Share this post


Link to post
Share on other sites

Thank you, good to know.

---------------------

New (removes archived disk surface scan logs):

[Acer Care Center *]
LangSecRef=3024
Detect=HKLM\SOFTWARE\OEM\CareCenter
Default=False
FileKey1=%CommonAppData%\Acer\CareCenter\DebugLog\SurfaceCheck|log*.txt


---------------------

Updated (added FileKey3, which removes a backup duplicate of the downloaded setup .EXE file)

[Samsung Magician *]
LangSecRef=3021
Detect=HKLM\Software\Samsung Magician
Default=False
FileKey1=%LocalAppData%\VirtualStore\Program Files*\Samsung\Samsung Magician|*.log;*.txt|RECURSE
FileKey2=%LocalAppData%\VirtualStore\Program Files*\Samsung\Samsung Magician\Log*|*.*
FileKey3=%CommonAppData%\Samsung\Backup|*.exe
FileKey4=%ProgramFiles%\Samsung Magician\Logs|*.*
FileKey5=%ProgramFiles%\Samsung\Samsung Magician\Log*|*.*
RegKey1=HKCU\Software\Local AppWizard-Generated Applications\SamsungMagician

Share this post


Link to post
Share on other sites

New (cleans logs).

[Micron Storage Executive *]
LangSecRef=3024
Detect=HKLM\SOFTWARE\Micron\StorageExecutive
Default=False
FileKey1=%ProgramFiles%\Micron Technology\Micron Storage Executive\logs|*.txt

 

Edit / Note:
CCleaner is unable to find or clean those text logs if Micron Storage Executive's SSD caching service called Momentum Cache ("Micron Cache Monitor Service") is running at boot to "boost" the SSD speed.

Share this post


Link to post
Share on other sites

Modified entry:   [Dell Logs *]

Added:  FileKey14=%LocalAppData%\Dell\DellMobileConnect|*.log

[Dell Logs *]
LangSecRef=3024
Detect1=HKLM\Software\Dell\MUP
Detect2=HKLM\Software\Dell\UpdateService
Detect3=HKLM\Software\PC-Doctor
DetectFile1=%AppData%\Creative\DELL Webcam Center
DetectFile2=%CommonAppData%\Dell
DetectFile3=%LocalAppData%\Dell
DetectFile4=%LocalAppData%\SupportSoft\DellSupportCenter
DetectFile5=%ProgramFiles%\Dell*
Default=False
FileKey1=%AppData%\Creative\DELL Webcam Center|MO_Log.txt
FileKey2=%AppData%\PCDr\*\Logs|*.*
FileKey3=%CommonAppData%\Dell\*\Log|*.*
FileKey4=%CommonAppData%\Dell\*\Logs|*.*
FileKey5=%CommonAppData%\Dell\Drivers\*|*.tmp
FileKey6=%CommonAppData%\Dell\Update|*.txt
FileKey7=%CommonAppData%\Dell\UpdateService\Clients\Update|*.log
FileKey8=%CommonAppData%\PCDr\*\Cache|*.xml
FileKey9=%CommonAppData%\PCDr\*\Cache\archives|*.*|RECURSE
FileKey10=%CommonAppData%\PCDr\*\Cache\BUMA|*.*
FileKey11=%CommonAppData%\PCDr\*\Cache\DriverScan|*.*
FileKey12=%CommonAppData%\PCDr\*\Logs|*.log
FileKey13=%LocalAppData%\Dell\*\Log|*.*
FileKey14=%LocalAppData%\Dell\DellMobileConnect|*.log
FileKey15=%LocalAppData%\SupportSoft\DellSupportCenter\*\state\logs|*.*
FileKey16=%ProgramFiles%\Dell*|*.log|RECURSE

 

Share this post


Link to post
Share on other sites

Modified entry:  [AMD/ATI *]

Added:  FileKey7=%ProgramFiles%\AMD\CIM\Log|*.log

[AMD/ATI *]
LangSecRef=3024
Detect1=HKLM\Software\AMD
Detect2=HKLM\Software\ATI
Detect3=HKLM\Software\ATI Technologies
DetectFile=%ProgramFiles%\ATI Technologies\ATI.ACE
Default=False
FileKey1=%CommonAppData%\AMD\Fuel|*.txt
FileKey2=%CommonAppData%\AMD\KDB|*.log
FileKey3=%LocalAppData%\AMD\Fuel|ClientProxyLog*.*
FileKey4=%LocalAppData%\AMD\GLCache|*.*|RECURSE
FileKey5=%LocalAppData%\ATI\ACE|*.txt
FileKey6=%ProgramFiles%\AMD\amdkmpfd|*.*|REMOVESELF
FileKey7=%ProgramFiles%\AMD\CIM\Log|*.log
FileKey8=%ProgramFiles%\AMD\OverDrive|*.log
FileKey9=%ProgramFiles%\ATI Technologies|*.log|RECURSE
FileKey10=%ProgramFiles%\ATI Technologies|cccutil64.txt
FileKey11=%ProgramFiles%\ATI\CIM\Reports|*.*
FileKey12=%SystemDrive%\AMD|*.*|REMOVESELF
FileKey13=%SystemDrive%\ATI|*.*|REMOVESELF
FileKey14=%WinDir%\System32|CCCInstall*.log
FileKey15=%WinDir%\SysWOW64|CCCInstall*.log

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×