Alan_B Posted March 15, 2013 Share Posted March 15, 2013 Travellers beware - Dragons be here. When Registry Cleaning "Unused File Extensions" was enhanced a year or two ago, and it suddenly reported problems with something related to "ehome". I found at that time that this was related to Windows Media Center which was not part of my system, and had no presence in either System32 of SysWow64 but was plastered all over WinSXS. I have just used Locate32 to search for ehome and found 189 files and 164 directories. I am surprised that a HDD can hold all of that Windows Media Center stuff and also find space to accommodate some media to be played I have selected C:\Windows\winsxs\amd64_ehome-bdatunepia_31bf3856ad364e35_6.1.7601.17514_none_4bcd40fd63f3f7b4\ This holds the file BDATunePIA.dll 243 KB (249,344 bytes) Created & Modified & Accessed 21 November 2010, 03:24:42 I used Search on Defraggler 2.13.670 and it found 4 instances of this file at BDATunePIA.dll 1 238080 C:\Windows\winsxs\wow64_ehome-bdatunepia_31bf3856ad364e35_6.1.7601.17514_none_5621eb4f9854b9af\ BDATunePIA.dll 1 249344 C:\Windows\winsxs\amd64_ehome-bdatunepia_31bf3856ad364e35_6.1.7601.17514_none_4bcd40fd63f3f7b4\ BDATunePIA.dll 1 249344 C:\Windows\winsxs\amd64_bdatunepia_31bf3856ad364e35_6.1.7601.17514_none_c81348afa0c88995\ BDATunePIA.dll 1 238080 C:\Windows\winsxs\x86_bdatunepia_31bf3856ad364e35_6.1.7601.17514_none_6bf4ad2be86b185f\ It is worth noting that these CANNOT be hard links to files in System32 or SysWow64 because if they were then Defraggler should have found these files on those paths also. I also think it would be naughty of Defraggler to try to defrag Hard Links - Bug Report Naughty I am absolutely convinced that some real files consume real amounts of Disk space within WinSXS. I am strongly inclined to believe the experts who claim that all the files that appear to live within System32 and SysWow64 are actually Hard Links to the alternative realities within WinSXS, But I recognise the diabolical deviousness of Microsoft's underhand methology, and would not be surprised if Microsoft kept us confused by NOT placing hard links as they are required in System32 etc. but instead MOVED the files from WinSXS into System32 and then placed Hard Links in WinSXS to make it seem as though they still lived in WinSXS I Used Defraggler to search for a file that I knew could be found in System32 and SysWow64, namely CMD.EXE This is what it found cmd.exe 1 345088 C:\Windows\System32\ cmd.exe 1 302592 C:\Windows\winsxs\wow64_microsoft-windows-commandprompt_31bf3856ad364e35_6.1.7601.17514_none_f387767e655cd5ab\ This indicates that there is a real presence in both System32 and also WinSXS\WOW64 ( WOW - I never knew that before ) Now using Locate32 and searching for CMD.EXE the results are Name Size Date Modified In Folder Type cmd 337 KB 21/11/2010 03:23 C:\Windows\System32 cmd 337 KB 21/11/2010 03:23 C:\Windows\winsxs\amd64_microsoftwindowscommandprompt_31bf3856ad364e35_6.1.7601.17514_none_e932cc2c30fc13b0 cmd 296 KB 21/11/2010 03:24 C:\Windows\SysWOW64 cmd 296 KB 21/11/2010 03:24 C:\Windows\winsxs\wow64_microsoft-windowscommandprompt_31bf3856ad364e35_6.1.7601.17514_none_f387767e655cd5ab Conclusion :- CMD.EXE appears in 4 locations, and two of those locations are real and two are Hard Link smoke-n-mirrows phantoms. quite surprisingly the larger 64 bit executable lives in System32 but the smaller 32 bit execuatble lives in WinSXS\SysWOW64. I have now tested Attrib.EXE This really exists in both System32 and SysWOW64 But Locate32 finds the real plus the Hard Links at Name Size Date Modified In Folder attrib 18 KB 14/07/2009 01:38 C:\Windows\System32 attrib 18 KB 14/07/2009 01:38 C:\Windows\winsxs\amd64_microsoft-windows-m..ommandlineutilities_31bf3856ad364e35_6.1.7600.16385_none_d911df4e81059b22 attrib 16 KB 14/07/2009 01:14 C:\Windows\SysWOW64 attrib 16 KB 14/07/2009 01:14 C:\Windows\winsxs\x86_microsoft-windows-m..ommandlineutilities_31bf3856ad364e35_6.1.7600.16385_none_7cf343cac8a829ec The excitement is too much. My brain hurts. I am giving up whilst I am ahead. Regards Alan Link to comment Share on other sites More sharing options...
Willy2 Posted March 15, 2013 Share Posted March 15, 2013 @Alan: How do you know for sure that these are hard links and not the real stuff (files) ? It looks to me that MS simply updates a file and places a copy in WinSXS. Sure, this is an "Evil MS Conspiracy", right ? More info: http://windows7theme...-windows-7.html http://windows7theme...olic-links.html System setup: http://speccy.piriform.com/results/gcNzIPEjEb0B2khOOBVCHPc A discussion always stimulates the braincells !!! Link to comment Share on other sites More sharing options...
Alan_B Posted March 15, 2013 Author Share Posted March 15, 2013 I know for sure that Defraggler is intended to defragment ALL genuine files, and not some form of reparse point or Hard Link. Unless of course you know different Therefore when Locate32 or Windows Explorer or any other sort for File Finder can find on a path something that LOOKS like a file but is not seen by Defraggler I can only assume it to be some form of reparse point or Hard Link. Alan Link to comment Share on other sites More sharing options...
Willy2 Posted March 15, 2013 Share Posted March 15, 2013 I see. I tried the Search function in Defraggler and "wasn't impressed". I've dumped both Locate32 and Everything. Even a simple MSDOS command "Dir ....." was better, found more. I switched to "SearchMyfiles". Much better, IMO. http://www.nirsoft.net/utils/search_my_files.html System setup: http://speccy.piriform.com/results/gcNzIPEjEb0B2khOOBVCHPc A discussion always stimulates the braincells !!! Link to comment Share on other sites More sharing options...
Alan_B Posted March 15, 2013 Author Share Posted March 15, 2013 I agree that Nirsoft is better - if you want to time the boiling of an Egg SearchMyFies took 15 Seconds to search for CMD.EXE in partition C:\, and it reported the same 4 items that Locate32 reported. Defraggler is 6 times faster - it took 2.5 seconds to report the two GENUINE files that actually exist and consume Hard Drive space. I will however concede that it takes an extra 0.5 seconds to click on the Filename header to sort in name order so that both cmd.exe appear together between appcmd.exe.mui and cmd.exe.mui O.K. - it is 5 times faster. Defraggler walks where angels fear to tread I have just searched for "tracking.log" in partition C:\. The search was completed in two seconds, finding one instance within C:\System Volume Information\ SearchMyFiles scanned C:\ for 13 Seconds and found nothing at all - it could not penetrate Access Control Level exclusion. I accept that SearchMyFies has many more options that can be configured if you wish to spend the time optimising it, BUT for a quick detection Defraggler searches 6 times faster and does NOT repeat the lies of File Searchers such as SearchMyFiles that believe Hard Links are real files. I value truth, and would prefer to wait twice as long for a true fact rather than a comfortable fiction, and I am exuberant that in fact the truth comes 6 times faster than the peddling of Microsoft Fiction Regards Alan Link to comment Share on other sites More sharing options...
Willy2 Posted March 17, 2013 Share Posted March 17, 2013 I DO like boiled eggs !!! I must confess the latest Defraggler version does an amazing job finding files. (I stopped using this feature MANY versions ago). Whereas Locate32 finds e.g. deleted files as well !! And it's this "finding too much" is the reason why I don't like the program. Too much confusion. System setup: http://speccy.piriform.com/results/gcNzIPEjEb0B2khOOBVCHPc A discussion always stimulates the braincells !!! Link to comment Share on other sites More sharing options...
login123 Posted March 17, 2013 Share Posted March 17, 2013 OK, I'm hooked, which Defraggler version are you using, Alan? I don't even care if it cooks or not. The CCleaner SLIM version is always released a bit after any new version; when it is it will be HERE :-) Pssssst: ... It isn't really a cloud. Its a bunch of big, giant servers. Link to comment Share on other sites More sharing options...
Alan_B Posted March 17, 2013 Author Share Posted March 17, 2013 I found this feature on DF v2.11 and it remains on v2.13.670 (64 bit) I was disappointed by a limitation in v2.11 and it remains in v2.13 Basically it will only find files that are 613 bytes or bigger. I would really like to specify the name of a file and know if it exists - even if it is small enough to fit in the MFT - even if it is zero bytes. Please note that to search with defraggler you simply launch and select a partition. There is no need to Analyze or Defrag Then you click on Search TAB Then you tick TWO boxes "Filename contains:" "Include non-fragmented files" Then type the filename and click the Search BUTTON. My bug report is at http://forum.pirifor...showtopic=38192 You are welcome to "Like" it and bump it up. Alan Link to comment Share on other sites More sharing options...
login123 Posted March 18, 2013 Share Posted March 18, 2013 Thank you. Much exploring to do now. The CCleaner SLIM version is always released a bit after any new version; when it is it will be HERE :-) Pssssst: ... It isn't really a cloud. Its a bunch of big, giant servers. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now