search

MoscaDotTo / Winapp2

A database of extended cleaning routines for popular Windows PC based maintenance software.
Creative Commons Attribution Share Alike 4.0 International
790 stars 87 forks source link

New and updated entries for winapp2.ini #748

Closed aquila-XP closed 3 years ago

aquila-XP commented 3 years ago

[PerfectKeyboard *] LangSecRef=3021 DetectFile=%Documents%\PerfectKeyboardFiles FileKey1=%Documents%\PerfectKeyboardFiles\Temp|log.txt

[Multi Commander *] ... Detect=HKCU\Software\MultiCommander

Note: On some systems HKLM\Software\MultiCommander don't exist.

[McAfee Real Protect *] LangSecRef=3024 DetectFile=%ProgramFiles%\McAfee\Real Protect\RealProtect.exe FileKey1=%ProgramFiles%\McAfee\Real Protect|*.log

[Abyssmedia ScriptCryptor Compiler *] LangSecRef=3024 Detect=HKCU\Software\Abyssmedia\ScriptCryptor RegKey1=HKCU\Software\Abyssmedia\ScriptCryptor\Settings|mrucount RegKey1=HKCU\Software\Abyssmedia\ScriptCryptor\Settings|mruitem0 RegKey1=HKCU\Software\Abyssmedia\ScriptCryptor\Settings|mruitem1 RegKey1=HKCU\Software\Abyssmedia\ScriptCryptor\Settings|mruitem2 RegKey1=HKCU\Software\Abyssmedia\ScriptCryptor\Settings|mruitem3 RegKey1=HKCU\Software\Abyssmedia\ScriptCryptor\Settings|mruitem4 RegKey1=HKCU\Software\Abyssmedia\ScriptCryptor\Settings|savedir

[Piriform Kamo *] LangSecRef=3024 DetectFile=%ProgramFiles%\Kamo\Kamo.exe FileKey1=%LocalAppData%\Kamo\TempBrowserDB|*.* FileKey2=%ProgramFiles%\Kamo|*.log;*.old FileKey3=%ProgramFiles%\Kamo\cache|*.old;LOG|RECURSE FileKey4=%ProgramFiles%\Kamo\cache\*Cache|*.*|RECURSE FileKey5=%ProgramFiles%\Kamo\NetFilter|*Log.txt FileKey6=%ProgramFiles%\Kamo\Support\Log|ErrorLog_*.txt FileKey7=%SystemDrive%\Support\Log|ErrorLog_*.txt ExcludeKey1=FILE|%ProgramFiles%\Kamo\|install.log

[privacy.sexy *] LangSecRef=3024 DetectFile=%LocalAppData%\Programs\privacy.sexy\privacy.sexy.exe FileKey1=%AppData%\privacy.sexy\*Cache|*.*|RECURSE FileKey2=%AppData%\privacy.sexy\*Storage\leveldb|*.old;LOG FileKey3=%AppData%\privacy.sexy\logs|*.log FileKey4=%AppData%\privacy.sexy\privacy.sexy\logs|*.* FileKey5=%LocalAppData%\privacy.sexy-updater\pending|privacy.sexy-Setup-*.exe

[Roland Cloud Manager *] LangSecRef=3023 DetectFile=%AppData%\Roland Cloud\Cloud Manager FileKey1=%AppData%\Roland Cloud\Cloud Manager|*.log FileKey2=%AppData%\Roland Cloud\concerto\breakpad\dumps|*.dmp FileKey3=%AppData%\Roland Cloud\rcmhelper|*.log FileKey4=%AppData%\Roland Cloud\rcmservice|*.log FileKey5=%AppData%\Roland Cloud\shared|*.log

[FlashIntegro *] LangSecRef=3023 DetectFile=%ProgramFiles%\FlashIntegro FileKey1=%AppData%\FlashIntegro\filecache|*.cache FileKey2=%AppData%\ScreenRecorder|*.log FileKey3=%AppData%\VideoCapture|*.log FileKey4=%AppData%\VideoEditor|*.log

[MonAlbumPhoto *] LangSecRef=3023 DetectFile=%LocalAppData%\MonAlbumPhoto\apc.exe FileKey1=%Documents%\MonAlbumPhoto|*.log|RECURSE FileKey2=%LocalAppData%\MonAlbumPhoto\Logs|*.log FileKey3=%LocalAppData%\MonAlbumPhoto\non enregistré|*.log

[Microsoft Teams *] ... FileKey1=%AppData%\Microsoft\Teams|*.log;logs.txt;old_logs_*.txt;watchdog.txt ... FileKey10=%AppData%\Microsoft\Teams\media-stack|*.bak;*.blog;*.etl FileKey11=%AppData%\Microsoft\Teams\skylib|*.blog;*.data-shm;*.data-wal FileKey12=%AppData%\Microsoft Teams\Logs|*.* FileKey13=%LocalAppData%\Microsoft\Teams|*.log FileKey14=%LocalAppData%\Microsoft\Teams\current|*.log FileKey15=%LocalAppData%\Microsoft\Teams\current\resources\tmp|*.*|REMOVESELF FileKey16=%LocalAppData%\Microsoft\Teams\packaqes\squirreltemp|*.* FileKey17=%LocalAppData%\Microsoft\Teams*Addin|*-logs.txt FileKey18=%LocalAppData%\SquirrelTemp|*.log

[Hex Editor Neo *] LangSecRef=3024 Detect=HKCU\Software\HHD Software\Hex Editor 6.sm RegKey1=HKCU\Software\HHD Software\Hex Editor 6.sm\MRU RegKey2=HKCU\Software\HHD Software\Hex Editor 6.sm\Structure Editor|*Recent RegKey3=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\Diff|DiffFirstSelectedDoc RegKey4=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\Diff|DiffSecondSelectedDoc RegKey5=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\Disasm\Disasm|SelectedFiles RegKey6=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\Disasm\Find|History RegKey7=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\Disasm\Find|Patterns RegKey8=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\ExtEditor\Find|Recent RegKey9=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\ExtEditor\Replace|Recent RegKey10=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\ExtEditor\Replace|Recent2 RegKey11=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\FindInFiles\Find|History RegKey12=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\FindInFiles\Find|Patterns RegKey13=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\FindInFiles\Replace|History RegKey14=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\FindInFiles\Replace|Patterns RegKey15=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\FindInFiles\Settings|RecentMasks RegKey16=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\FindInFiles\Settings|RecentPaths RegKey17=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\HexView\Arith|Recent RegKey18=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\HexView\Bitwise|History RegKey19=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\HexView\Bitwise|Patterns RegKey20=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\HexView\Fill|History RegKey21=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\HexView\Fill|Patterns RegKey22=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\HexView\Find|History RegKey23=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\HexView\Find|Patterns RegKey24=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\HexView\Goto|Recent RegKey25=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\HexView\Insert|History RegKey26=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\HexView\Insert|Patterns RegKey27=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\HexView\Insert|Recent RegKey28=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\HexView\ReplaceFind|History RegKey29=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\HexView\ReplaceFind|Patterns RegKey30=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\HexView\ReplaceReplace|History RegKey31=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\HexView\ReplaceReplace|Patterns RegKey32=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\HexView\SetSize|Recent RegKey33=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\OpenDevice|Recent RegKey34=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\PSH\Pattern|History RegKey35=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\PSH\Pattern|Patterns RegKey36=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\PSH\RuleEdit|History RegKey37=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\PSH\RuleEdit|Patterns RegKey38=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\Streams\Locate|Exclude RegKey39=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\Streams\Locate|Masks RegKey40=HKCU\Software\HHD Software\Hex Editor 6.sm\Windows\Streams\Locate|Paths

[Actual Window Guard *] LangSecRef=3024 Detect=HKCU\Software\Actual Tools\Actual Window Guard DetectFile=%AppData%\Actual Tools\Actual Window Guard FileKey1=%AppData%\Actual Tools\Actual Window Guard|*.log

[Foxit Reader *] ... Detect2=HKCU\Software\Foxit Software\Foxit Reader 7.0 DetectFile=%AppData%\Foxit Software\Foxit Reader ... FileKey3=%AppData%\Foxit Software\Foxit PDF Creator\Foxit Reader PDF Printer|*__foxittemp.xml FileKey4=%AppData%\Foxit Software\Foxit Reader\StartPage*\Advertisement|*.*|REMOVESELF FileKey5=%CommonAppData%\Foxit Software\Foxit Reader\Foxit Service\Log|*.* RegKey2=HKCU\Software\Foxit Software\Foxit Reader 7.0\MRU

Note: Please rename [Foxit Reader 6.0 *] to [Foxit Reader *]

[Pocket Killbox *] ... Detect=HKCU\SOFTWARE\KillBox RegKey1=HKCU\SOFTWARE\KillBox|LastPath

[IcoFX *] LangSecRef=3023 DetectFile=%AppData%\IcoFX* FileKey1=%AppData%\IcoFX*\Settings|filebrecentcul.cfg;recent.cfg;recentIcl.cfg

[Algorius Net Viewer *] LangSecRef=3022 Detect=HKLM\Software\Algorius Software\Algorius Net Viewer DetectFile=%LocalAppData%\Algorius\Algorius Net Viewer FileKey1=%AppData%\Algorius Software\Algorius Net Viewer*\install|*.*|REMOVESELF FileKey2=%LocalAppData%\Algorius\Algorius Net Viewer|*.log;Log.db*

[Ashampoo AntiSpy Pro *] LangSecRef=3024 Detect=HKLM\Software\Ashampoo\Ashampoo AntiSpy Pro DetectFile=%ProgramFiles%\Ashampoo\Ashampoo AntiSpy Pro\AshampooAntiSpyPro.exe FileKey1=%LocalAppData%\Ashampoo\boxshots|*.png FileKey2=%LocalAppData%\Safer-Networking Ltd\Spybot*|*.log

[Advanced CSV Converter *] LangSecRef=3024 Detect=HKCU\Software\csvconverter RegKey1=HKCU\Software\csvconverter|EXPORTPATH RegKey2=HKCU\Software\csvconverter|LASTEXPORT RegKey3=HKCU\Software\csvconverter|LASTSRC RegKey4=HKCU\Software\csvconverter|SRCPATH

[Advanced XLS Converter *] LangSecRef=3024 Detect=HKCU\Software\xlsconverter RegKey1=HKCU\Software\xlsconverter|EXPORTPATH RegKey2=HKCU\Software\xlsconverter|LASTEXPORT RegKey3=HKCU\Software\xlsconverter|LASTSRC RegKey4=HKCU\Software\xlsconverter|RECENTS RegKey5=HKCU\Software\xlsconverter|SRCPATH

[MyLanViewer *] LangSecRef=3022 DetectFile=%ProgramFiles%\MyLanViewer\MyLanViewer.exe FileKey1=%LocalAppData%\MyLanViewer\Logs|*.*|RECURSE FileKey2=%LocalAppData%\MyLanViewer\Config|FriendlyNamesByMac.dat FileKey3=%LocalAppData%\MyLanViewer\Data\History|history_auto.dat FileKey4=%LocalAppData%\MyLanViewer\Data\Scanner|scanner_auto.dat FileKey5=%LocalAppData%\MyLanViewer\Data\SubnetMonitor|devices_auto.dat FileKey6=%ProgramFiles%\MyLanViewer\Data\History|history_auto.dat FileKey7=%ProgramFiles%\MyLanViewer\Data\Scanner|scanner_auto.dat FileKey8=%ProgramFiles%\MyLanViewer\Data\SubnetMonitor|devices_auto.dat FileKey9=%ProgramFiles%\MyLanViewer\Logs|*.*|RECURSE

[PotPlayer *] ... FileKey3=%LocalAppData%\Daum\PotPlayer\Log|*.xml

[Spybot AntiBeacon *] ... FileKey1=%LocalAppData%\Safer-Networking Ltd\Spybot*|*.log

[Paradox Interactive Launcher *] Section=Games DetectFile=%LocalAppData%\Paradox Interactive\Launcher* FileKey1=%LocalAppData%\Paradox Interactive\Launcher*|*.log FileKey2=%LocalAppData%\Paradox Interactive\Launcher*\Logs|*.log FileKey3=%LocalAppData%\Paradox Interactive\Launcher*\chromium-data|*.old;LOG|RECURSE FileKey4=%LocalAppData%\Paradox Interactive\Launcher*\chromium-data\*Cache|*.*|REMOVESELF

[Sony ACID Pro 5.0 *] LangSecRef=3023 DetectFile=%ProgramFiles%\Sony\ACID Pro 5.0 FileKey1=%Documents%\ACID Pro 5.0 projects|*.bak FileKey2=%ProgramFiles%\Sony\ACID Pro 5.0|Acid*.log

[MonoSnap *] LangSecRef=3023 DetectFile=%LocalAppData%\MonoSnap FileKey1=%LocalAppData%\MonoSnap\lastscreenshot|*.* FileKey2=%LocalAppData%\MonoSnap\logs|*.xml FileKey3=%LocalAppData%\MonoSnap\recent|*.* FileKey4=%LocalAppData%\MonoSnap\temp|*.*

[GameRanger *] Section=Games DetectFile=%AppData%\GameRanger\GameRanger\GameRanger.exe FileKey1=%AppData%\GameRanger\GameRanger Prefs|Icon Cache;Image Cache FileKey2=%AppData%\GameRanger\GameRanger Prefs\WCache|*-journal;*.old;ChromeDWriteFontCache;data_*;f_*;index;LOG|RECURSE FileKey3=%AppData%\GameRanger\GameRanger Prefs\WCache\*Cache|*.*

[Logitech Camera *] ... FileKey2=%AppData%\Logishrd\LGS8_setup|*.log

[PicoPDF PDF Editor *] LangSecRef=3021 Detect=HKCU\Software\NCH Software\PicoPDF DetectFile=%ProgramFiles%\NCH Software\PicoPDF\picopdf.exe FileKey1=%ProgramFiles%\NCH Software\PicoPDF|picopdfsetup_*.exe RegKey1=HKCU\Software\NCH Software\PicoPDF\General|lastfile RegKey2=HKCU\Software\NCH Software\PicoPDF\General|lastimagefolder RegKey3=HKCU\Software\NCH Software\PicoPDF\RecentFileList RegKey4=HKLM\Software\NCH Software\PicoPDF\Settings|InstallerName RegKey5=HKLM\Software\NCH Software\PicoPDF\Software|Installer

[Alchemy Mindworks GIF Construction Set *] LangSecRef=3023 DetectFile=%AppData%\Alchemy Mindworks\GIF Construction Set Professional* FileKey1=%AppData%\Alchemy Mindworks\GIF Construction Set Professional*\FileMenuHistory.txt FileKey2=%AppData%\Alchemy Mindworks\GIF Construction Set Professional*\temp|*.* FileKey3=%AppData%\Alchemy Mindworks\Up To Date\temp|*.*

[Noise Blocker *] LangSecRef=3023 DetectFile=%AppData%\Noise Blocker\Noise Blocker.exe FileKey1=%AppData%\Noise Blocker|info.log FileKey2=%AppData%\Noise Blocker\licenses|*.*|REMOVESELF

[Ant Video Downloader *] LangSecRef=3022 Detect=HKCU\SOFTWARE\Ant.com\AVD\Ant Video downloader RegKey1=HKCU\SOFTWARE\Ant.com\AVD\Ant Video downloader\Settings|TemporaryFilesLocation

[SecurityXploded Windows Spy Keylogger *] LangSecRef=3024 Detect=HKCU\SOFTWARE\WinSKApp RegKey1=HKCU\SOFTWARE\WinSKApp

[Sysinternals Process Explorer *] LangSecRef=3024 Detect1=HKU\.DEFAULT\Software\Sysinternals\Process Explorer Detect2=HKU\S-1-5-18\Software\Sysinternals\Process Explorer Detect3=HKCU\Software\Sysinternals\Process Explorer RegKey1=HKU\.DEFAULT\Software\Sysinternals\Process Explorer|SymbolPath RegKey2=HKU\S-1-5-18\Software\Sysinternals\Process Explorer|SymbolPath RegKey3=HKCU\Software\Sysinternals\Process Explorer|SymbolPath

[Postman *] LangSecRef=3022 DetectFile=%LocalAppData%\Postman\Postman.exe FileKey1=%AppData%\Postman\*Cache|*.* FileKey2=%AppData%\Postman\Logs|*.log FileKey3=%LocalAppData%\Postman|*.log|RECURSE

[Spotify *] LangSecRef=3022 DetectFile=%AppData%\Spotify\Spotify.exe FileKey1=%AppData%\Spotify|*.log FileKey2=%AppData%\Spotify\users\*|log

[OneSafe PC Cleaner *] LangSecRef=3024 Detect=HKCU\Software\OneSafe PC Cleaner FileKey1=%AppData%g\OneSafe PC Cleaner\Log|*.xml RegKey1=HKCU\Software\OneSafe PC Cleaner|InstallationDate RegKey2=HKCU\Software\OneSafe PC Cleaner|InstallerName RegKey3=HKCU\Software\OneSafe PC Cleaner|LastScanDate RegKey4=HKCU\Software\OneSafe PC Cleaner|LastUpdCheck

[Ares Galaxy *] LangSecRef=3022 DetectFile=%LocalAppData%\Ares FileKey1=%LocalAppData%\Ares\Temp|*temp.txt

[ManiacTools mp3Tag Pro *] LangSecRef=3023 Detect=HKCU\Software\ManiacTools\mp3Tag Pro FileKey1=%AppData%\mp3tagpro|Temp.~Txt RegKey1=HKCU\Software\ManiacTools\mp3Tag Pro|fmImageOpen RegKey2=HKCU\Software\ManiacTools\mp3Tag Pro|fmImageSave RegKey3=HKCU\Software\ManiacTools\mp3Tag Pro|fmTextOpen RegKey4=HKCU\Software\ManiacTools\mp3Tag Pro|fmTextSave RegKey5=HKCU\Software\ManiacTools\mp3Tag Pro|StartDir RegKey6=HKCU\Software\ManiacTools\mp3Tag Pro|StartFile

[ManiacTools Music Duplicate] LangSecRef=3023 Detect=HKCU\Software\ManiacTools\MusicDuplicate RegKey1=HKCU\Software\ManiacTools\MusicDuplicate|DateLastLaunch RegKey2=HKCU\Software\ManiacTools\MusicDuplicate|DuplicatesFolders RegKey3=HKCU\Software\ManiacTools\MusicDuplicate|MoveFilesFolder RegKey4=HKCU\Software\ManiacTools\MusicDuplicate|NotDuplicatesFolders RegKey5=HKCU\Software\ManiacTools\MusicDuplicate|SavedFoldersList

[Amazon Music *] LangSecRef=3022 DetectFile=%LocalAppData%\Amazon Music\Amazon Music.exe FileKey1=%LocalAppData%\Amazon Music\crash dumps|*.* FileKey2=%LocalAppData%\Amazon Music\data\app cache|*-journal;ChromeDWriteFontCache;data_*;f_*;index FileKey3=%LocalAppData%\Amazon Music\data\app cache\application cache|*.*|RECURSE FileKey4=%LocalAppData%\Amazon Music\data\app cache\gpucache|*.* FileKey5=%LocalAppData%\Amazon Music\data\artwork cache|*.jpg;*.png FileKey6=%LocalAppData%\Amazon Music\data\artwork cache\tmp|*.jpeg FileKey7=%LocalAppData%\Amazon Music\data\hammer cache|*.* FileKey8=%LocalAppData%\Amazon Music\data\streaming cache|cache.ini;*.stream FileKey9=%LocalAppData%\Amazon Music\Logs|*.log

[Atomic Cleaner 3 *] ... Detect=HKCU\Software\AtomicWare\Atomic Cleaner ... RegKey1=HKCU\Software\AtomicWare\Atomic Cleaner|Last Scan RegKey2=HKCU\Software\AtomicWare\Atomic Cleaner|Last Used

[Infonautics File Date Corrector *] LangSecRef=3024 Detect=HKCU\Software\Infonautics\FileDateCorrector FileKey1=%AppData%\FileDateCorrector\Logs|*.*

[Evince Document Viewer *] LangSecRef=3021 DetectFile=%LocalAppData%\Apps\Evince-* FileKey1=%LocalAppData%\Apps\Evince-*\share\license|*.*|REMOVESELF FileKey2=%UserProfile%\.gnome2\evince|ev-metadata.xml

[Jetico Personal Firewall *] ... Detect=HKCU\Software\Jetico\Personal Firewall DetectFile=%ProgramFiles%\Jetico\Jetico Personal Firewall\jpf.exe FileKey1=%ProgramFiles%\Jetico\Jetico Personal Firewall|firewall*.log;jpfsrv.log

[uTorrent Web *] LangSecRef=3022 DetectFile=%AppData%\uTorrent Web\utweb.exe FileKey1=%AppData%\uTorrent Web|*.bak;*.log* FileKey2=%AppData%\uTorrent Web\crashdumps|*.*|RECURSE

APMichael commented 3 years ago

Thank you very much!

A small request: We try to keep the file as small as possible. If there is a "Detect=" line then in most cases no additional "DetectFile=" line is needed. This should then also be omitted. Furthermore, specifying an ".exe" in a "DetectFile=" line is not really necessary either, as long as the path is unique. Thanks!