Cleanse all profiles AND Protect against Unexpected Update disasters

CCleaner for Windows CCleaner Windows Suggestions
1

Microsoft sometimes take zero notice of your selected mode of "Automatic Updates". Either by wilful disobedience or by ?accident?.

You then get an UN-expected download without notification. It can even be installed without notice, typically when you shut down the computer.

My approach is to NOT shut down the computer myself, but to run Ccleaner in Auto Shutdown mode to purge any lurking downloads and shutdown. If the system is primed to install - tough - nothing left to install ! !

I do of course allow a normal shut down and install when the download has been with my full approval.

My Solution is SHUTDOWN.cmd :-

COPY  Minimal.ini  Ccleaner.ini   > NULSTART CCLEANER /AUTO /SHUTDOWN

The above is placed in the Ccleaner folder, and simply requires that Ccleaner be configured so safely that you trust it without seeing a list of what will be deleted,

and you must stipulate in Options / Include / Files and Folders the item :- C:\WINDOWS\SoftwareDistribution\Download\*.*

and then close Ccleaner.exe and rename Ccleaner.ini as Minimal.ini. This works with Portable Ccleaner.ini, and should work with installed Ccleaner if the save to ini option is set.

So long as Minimal.ini cleanses the user profile, and each user closes with SHUTDOWN.cmd,

then when anyone is logged on they will have maximum free space - there will not be GBytes wasted in all the Firefox caches etc.

The above should keep you safe, with all user profiles cleansed, and illustrates the essential features.

My current solution is a more complex SHUTDOWN.cmd :-

IF EXIST %1.INI ( COPY %1.INI  Ccleaner.ini  > NUL) ELSE ( COPY Minimal.ini  Ccleaner.ini  > NUL)START CCLEANER %2 %3

On the desktop I have a shortcut link that invokes "H:\New Portable\CCleaner\SHUTDOWN.cmd" - /AUTO /SHUTDOWN

that by default uses Minimal.ini, and I also have other shortcuts such as "H:\New Portable\CCleaner\SHUTDOWN.cmd" %USERNAME%

and alternative variants of Ccleaner.ini have been created to allow more extreme cleaning that can be entrusted to various users.

I am the only one to use a link invoking "H:\New Portable\CCleaner\SHUTDOWN.cmd" Maximal.ini

which cleans out the entire system within an inch of its life, subject to my review (no /AUTO mode).

End of solution.

An "Out-of-cycle" patch is coming this week - BE PREPARED ! !

Background to problems :-

Very recent postings :- http://windowssecrets.com/comp/090625,

http://windowssecrets.com/comp/090702, http://windowssecrets.com/comp/090723

A couple of years ago it was common for I.T. administrators to set Windows Automatic Updates to Automatic if they Trusted M.S.,

and the more experienced set "Download but allow me to choose when to Install" so they could first test on a company-non-critical computer.

Then M.S. did a secret install in violation of the "... allow me to choose ... " stipulation, and major systems crashed,

Whistles were blown, and M.S. explained that the download and installation was vital for the benefit of a future update.

Standard wisdom changed to use "Notify but Don't download or install."

I however read between the lines.

M.S. were saying they had a secret backdoor into your system, but what they planned for the future needed a bigger backdoor.

My wisdom became to "Turn off Automatic Updates", apart from when I am fresh, alert, and ready to switch to the "Notify but Don't ..." setting and closely monitor what is on offer.

I also realised at the outset, that "Turn off Automatic Updates" is merely a request, and that M.S. can ignore my desires,

(and if anything impedes their ability they can fix it through their secret backdoors.)

System Updates cannot be installed under my daughter's credentials, but only when an administrator is logged in ? OFFICIALLY.

But is that really true, and will it always be true ? Escalation of privileges ! ! Backdoors and trapdoors ! !

I will not risk it ? my protection applies and is just as necessary when my daughter is logged on.

Some months ago, on two occasions, I switched to "notify" and was offered Silverlight. I absolutely refused to allow that to be downloaded.

I was horrified to subsequently find that even so they downloaded a Silverlight EULA which seems to give an entire group of themselves and "partners" the right to obtain information from my P.C. when I visit any of their sites and to share that information within that group (and I think I remember it could also leak outside that group.)

Regards

Alan

2

Interesting read Alan. I've never trusted MS enough to ever change from my "Inform but don't download" setting to anything else.

And like yourself I check each and every offering over very carefully, but in reality are we actually getting what's written on the tin, or could there be some hidden bonus items MS are gifting us free of charge.

The inclusion of C:\WINDOWS\SoftwareDistribution\Download\*.* seems an interesting one, and I can't recollect that one being mentioned on here before.

And before anyone gives me a dozen links to the contrary, it won't change the fact that I don't recollect them. :)

To be honest I googled it after reading your post, and it seems to be one of these delete it if you feel the need but leave it if it's not too big.

I didn't find a mention of "pending installations", which is the bit which interests me more so than the mb in that folder.

Based upon what you've written, and what I've read, I'm gonna give that inclusion a try in my daily Auto\Shutdown of CCleaner. Would be interested to hear other opinions.

3
And like yourself I check each and every offering over very carefully, but in reality are we actually getting what's written on the tin, or could there be some hidden bonus items MS are gifting us free of charge.

The inclusion of C:\WINDOWS\SoftwareDistribution\Download\*.* seems an interesting one, and I can't recollect that one being mentioned on here before.

Twice they gave me the bonus of a Silverlight EULA ! !

Last year I became exasperated by the extra 100 MB or so being dumped in ...\Download and left there for 3 weeks after a Patch Tuesday.

I did not understand why they left it there when it had done its job, and have no clue on the mysterious inner workings of Windows that came back to complete the job just before the next Patch Tuesday.

Even more exasperating was another 100 Mb of ancient updates that came from 1 and also 2 years earlier.

I think I posted a query here, with no success.

I Googled and found similar advice to what you found.

I then included this in CCleaner targets and now feel the system is not so cluttered and dirty.

That has worked beautifully ever since. Patch Updates still happen, but the next time I use CCleaner the junk goes.

When I read http://windowssecrets.com/comp/090625 I realised that running CCleaner before I shut down would remove the updates before they could be installed, so this last month I have investigated the /AUTO /SHUTDOWN facility, and created and been testing the command script to support my additional manual cleansing to deeper depths.

I now find that when my daughter runs CCleaner, the Windows system files are outside her control, but I expect to fix that with CACLS. Otherwise it meets all my targets.

Regards

Alan