I’ve used CleanUp! 4.5.2 for a long time for purging temporary folders, especially before rescanning for malware or defragging a disk. It’s worked very well for me on XP and Windows 2000 computers. It cleans up browser cache folders and Temp folders for all users and it even makes an amusing flushing sound as you run it (optional).
It doesn’t work so happily on Vista or Windows 7.
Now I should say that CleanUp! 4.5.2 doesn’t say it supports any operating system past XP and it does warn “it is strongly recommended that you first run it in the new demo mode and verify the files that would be deleted before you first run it for real.”
I didn’t use the demo mode. I got so used to it working so nicely in XP that I didn’t think about it. Mea culpe. (That’s how the ancient Romans used to say “my bad”.)
In Vista and Windows 7, CleanUp! ends up deleting the default shortcuts that you see in your Start Menu / All Programs. Not nice.
These shortcuts in XP would be stored in C:\Documents and Settings\<User>\Start Menu and C:\Documents and Settings\All Users\Start Menu.
In Vista and Windows 7 you can find them in C:\Users\<User>\AppData\Roaming\Microsoft\Windows\Start Menu and for All Users in C:\ProgramData\Microsoft\Windows\Start Menu.
Ok, so you know where they are supposed to go but how do you get them back?
Some very nice folks explain “How to Restore Missing Default Start Menu Shortcuts” and even provide a zipped package of shortcuts belonging to the Current User and All Users for the various editions of Vista and Windows 7.
That’s great. The links in the zipped files are correct and safe and just what you want but when you extract them to the correct folder and try to use them you get “Open File – Security Warning” each time. That’s very annoying. If you check their Properties you’ll see “This file came from another computer and might be blocked to help protect this computer”. Look, there’s a handy Unblock button that eliminates this security warning. Now do we have to do this over and over again for each individual file?
Fortunately the answer is no. I got the solution and some discussion from this page and this page. They both suggest downloading the Streams CLI executable from Microsoft’s Windows Sysinternals pages. From a command line, type “streams -s –d” followed by the name of the file or directory you want to fix.
The reason you have to Unblock the files is that when they are downloaded to an NTFS file system a small Alternate Data Stream (ADS) is added to say they might be unsafe to run. Running “streams –d” deletes that data stream which turns off the warning.
Some of the discussion on the second page mentioned above talks about the potential dangers of deleting Alternate Data Streams, but apparently downloading a file strips it of any streams it has and just adds the “:Zone.Identifier:$DATA” unsafe to run warning as the only stream. It should be safe to delete the streams of any downloaded file. Just be careful around other files sitting on your NTFS drive. You can use AlternateStreamView from Nirsoft to view streams and delete them specifically.
(Because ADS is a function of NTFS, you could also copy the files to a FAT formatted flash drive and back again and they should be unblocked.)
For more information check out the “About Alternate Streams in NTFS File System” section of the AlternateStreamView page.
NirSoft has many other really cool utilities that you should check out. I especially like CurrPorts: TCP/IP Connections Viewer, ShellExView, BlueScreenView and WirelessKeyView. Be advised that while I’ve found NirSoft to be reputable and their tools to be safe, some anti-virus programs flag their password recovery utilities as Potentially Unwanted Programs or Hacktools. Don’t worry. They could be used for nefarious purposes but there is nothing wrong with them in and of themselves.
If you want to learn more about Alternate Data Streams, you can check out the Practical Guide to Alternative Data Streams in NTFS as a primer or to read about the security risk in ADS check out Symantec’s Windows NTFS Alternate Data Streams.
If you have any suggestions for a really good temp file clean up utilities that work in newer versions of Windows, please let me know. The classic is CCleaner but I wish I could more easily turn off wiping Most Recently Used (MRU) entries from the default settings when I install it on a client’s machine. TFC - Temp File Cleaner by OldTimer is simple and effective but it can’t be used remotely because it kills the remote access process and then when it’s done it waits for user input before rebooting.
No comments:
Post a Comment