Directories that are not likely to contain user executable files ('.exes')

Question

I am writting a client-server laucher application.

An administrator will, from the server side, select executable files ('.exes') from a list and add these to a short-list of the apps that standard users can run on the client. To complile this list, my client app will reculsively search though all the folders in the system for exes and send this list over to the server via wcf.

To save search time, and keep the list short, I would like to avoid searching through folders that are not LIKELY to contain '.exes' that human users are intended to run directly.

Examples (i think) :

%windir%\WinSxS - Windows Side-by-Side - used to store versions of Windows components that are built to reduce configuration problems with Dynamic Link Libraries.

%windir%\installer - used to store installation information for installed programs

C:\MSOCache - MS Office local install source

Most hidden folders

What other folders should I avoid searching through and what are they likely to contain?

I am interested in WinXP/WinVista/Win7.

EDIT:

Search time is not the most important factor. It is very important not to exclude exes that the user may need to run AND to exclude exes like:

c:\Windows\winsxs\x86_microsoft-windows-x..rtificateenrollment_31bf3856ad364e35_6.1.7600.20520_none_f43289dd08ebec20\CertEnrollCtrl.exe

that were never meant to be directly launched by the user.

Answer 1

Since any heuristic approach dealing in "likely" will need the ability to add further items to catch cases deemed "unlikely" but which were actually important, you can't be "wrong" as such, just not "perfect".

With this in mind, I would take the opposite approach, and concentrate on those that are likely to have executables.

1. Recurse through the directories contained in the directory %ProgramFiles% points to.
2. Look in all other directories mentioned by the %Path% system variable (semicolon-delimited) but do not recurse it.
3. Look for shortcuts on desktops, start menus and quicklaunch folders.

As a rule, one would expect the former to find executables used by people selecting executables from the start menu and icons, and for the second to find executables used from the command-line and by the system. Between the two you'll find the large majority of executables on a system with relatively little wasted directory examinations.

Answer 2

How often are you going to run this program? It doesn't seem like it would take very long at all to just scan the whole drive for all the executables. I have a one-gigabyte drive on my development machine and "dir /b/s *.exe" only takes a minute or two. And it's very likely that my development machine has a whole lot more files on it than the typical user's computer.

Come to think of it, your client program could execute that command, capture the output, and send it to the server. Perhaps after a little pre-processing.

My point is that it shouldn't matter if the process were to take a full five minutes, if it's done only once (or very rarely) on each machine. The benefit is that you won't miss any executables that way.