Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Stop Application Data folder replicating?


26 Nov 2011   #61

Windows 8.1 Pro (x64)
 
 

Quote   Quote: Originally Posted by RobinHood View Post
Keep well writhzin....nice talking to you bud...Just a reminder ---> "weird" i got it right to make 30+ junctions to become 3...INCLUDING backing it up...i never heard about a loop within a loop that had something in it to backup up ( im not talking about deleting the OFFICIAL junctions hey, but the "nested" ones... )....which I just managed to do...Like one guy said...it's just a different angle you go to aproach the same file...which is 100% correct ( somewhere earlier in this thread someone mentioned it )....what i did, i just made Windows "neater"....
PS: some good INFO why you get multiple "nested" junctions ---->

[Gelöst] Trojan.Mayachok/1 - Seite 3 - Viren und andere Sicherheitsrisiken - Avira Support Forum
That virus information you linked to...Its not storing anything in those junctions. It is just that the user opened all of those junctions by changing the PERMISSIONS and now see duplicated data again and again. However the files in question are only located at "C:\Users\[username]\AppData\Local\Temp" That is all. The permissions applied to these junctions are there to prevent this kind of confusion. If you can access "Document and Settings" you have just screwed up.


My System SpecsSystem Spec
.

27 Nov 2011   #62

windows 7
 
 

Quote   Quote: Originally Posted by whocares View Post
@RobinHood
What you call something is important. If you call the liquid in a glass water, I expect water when I drink it, and my thirst will be quenched. If instead it is Hydrochloric Acid, I still expect water, but my mouth, throat, esophagus, and stomach will be burned. It would matter to me.

Quote   Quote: Originally Posted by RobinHood View Post
Keep well writhzin....nice talking to you bud...Just a reminder ---> "weird" i got it right to make 30+ junctions to become 3...INCLUDING backing it up...i never heard about a loop within a loop that had something in it to backup up ( im not talking about deleting the OFFICIAL junctions hey, but the "nested" ones... )....which I just managed to do...Like one guy said...it's just a different angle you go to aproach the same file...which is 100% correct ( somewhere earlier in this thread someone mentioned it )....what i did, i just made Windows "neater"....
PS: some good INFO why you get multiple "nested" junctions ---->

[Gelöst] Trojan.Mayachok/1 - Seite 3 - Viren und andere Sicherheitsrisiken - Avira Support Forum
This link provides a clue as to what you are talking about. I am using Google Translate, but it is still hard for me to follow. I will specifically address the file & folder issue. Since there is no way to tell what is an actual folder and what is a Junction, I cannot know for sure what is happening. I will make an educated guess, but I could be very wrong.

The following is Windows 7 specific. There are significant differences between Windows versions, and you will hose an Windows XP machine if you do not know what you are doing.

It appears the Windows User Account is named "user". This is going to become complicated. Also, I am not going to use strict terminology. It is going to be too complicated as it is.

There are 4 files in a Temp folder:
1. "~DFA06C7F2ABC5DDBB9.TMP"
2. "~DFA1EBB77C6D9C4AC3.TMP"
3. "~DF2F4081AA39B0A691.TMP"
4. "~DFB112217E9F34CD1D.TMP"

1 & 2 are always grouped together. 1 & 2 & 3 begin to be grouped, and finally, all four files are grouped. The listing would be better if it started at the beginning of the tree and worked down. I think this would show that the tree starts with the four files, and the number of files diminishes as you go deeper into the tree. At the lowest level, only 1&2 are included.

My guess is that these are actual folders with actual files in them. It is possible that there could be a combination of Junctions and folders, but it would be an even more tangled mess. Furthermore, this was not necessarily caused by a virus, and Trojan.Mayachok/1 indicates it is a trojan not a virus. Google returned a list of sites that did not include any of the major anti-malware vendors. It was a list of mostly Russian sites, and it would take too much time to setup a Virtual Machine to investigate it.

Without knowing which, if any, are Junctions, cleaning up this mess may not work as expected. If it is actual folders you have, you could clean it up and restore the Junctions with security/permissions. "C:\ Documents and Settings" should be a Junction. If you are dealing with a nasty trojan, the creator could have stored the actual data in a different location. One of the "Application Data" folders could be a Junction pointing somewhere else. If the trojan has not been eradicated, it could recreate the Junction, and the original data would still be present.

I do not have enough knowledge of HijackThis to know what is being displayed. I would be wary of doing anything based upon the report, but you may know more. The Wikipedia and MSDN links you provided have little to do with the problem you are trying to solve. I still think you are in over your head, but as you noted, WHO CARES WHAT I THINK.

I cannot provide a single link that details the knowledge I have shared here. There is no single place where this is fully discussed, but this may have changed. I have researched this myself, but I am indebted to several people for some of this. Pulling together bits from different places, I was able to figure it out, but I am not an expert. I would encourage to research some of the "50% junk" to learn more. I would request you post a list of the junk. Even a few entries would be helpful to anybody reading this.
NOW you are talking sense (with all due respect...and i mean it) . THIS was my whole issue...Hope you dont mind, but i'm going to use the word "Virtual"-links and "Virtual" files...call them whatever you like
What I'm trying to do is, seeing MS only ( or at least TRY to ) manage these virtual links/files to only about 2-3 levels deep, and i work with an "infected" PC ( only a nut will try this on a PC thats NOT infected...there i agree 100% with you ), the program backs-up the the data up to the 2nd link ( which i call a "level 3" ), then DELETES the remaining link...chances are you might loose "links"...but the data will remain. This way you dont need to do a Format of Windows 7. A lot of my clients treasure data more than their PC's...therefore i need to ceate a utility, that can AT LEAST HELP me....to recover most of their data. To try and "locate" data, that extends from a link 200 deep, well...now we're talking a day's work. I will rather loose the program and save my data, than save my program and loose my data...if you know what i mean? This utility is also NOT meant to be stuffed-around with as you will do more damage than good....the Utility was/is meant for Techs that needs to recover data on an ALREADY infected PC...
My System SpecsSystem Spec
27 Nov 2011   #63

Windows 7 Professional x64
 
 

@RobinHood
On a Windows 7 machine, there is no "C:\Documents and Settings" folder. It is a Junction that points to "C\Users". If this is still the case, @logicearth has provided the solution several times. Fix the permissions on "C:\Documents and Settings", and all the files and folders below it will go away. Rinse and repeat for the "Application Data" Junctions, and your problem will be solved. The folders never existed, and therefore, there is nothing to cleanup. If "C:\Documents and Settings" is an actual folder, you have bigger problems, and you should keep reading.

Quote   Quote: Originally Posted by RobinHood View Post
NOW you are talking sense (with all due respect...and i mean it) . THIS was my whole issue...Hope you dont mind, but i'm going to use the word "Virtual"-links and "Virtual" files...call them whatever you like
What I'm trying to do is, seeing MS only ( or at least TRY to ) manage these virtual links/files to only about 2-3 levels deep, and i work with an "infected" PC ( only a nut will try this on a PC thats NOT infected...there i agree 100% with you ), the program backs-up the the data up to the 2nd link ( which i call a "level 3" ), then DELETES the remaining link...chances are you might loose "links"...but the data will remain. This way you dont need to do a Format of Windows 7. A lot of my clients treasure data more than their PC's...therefore i need to ceate a utility, that can AT LEAST HELP me....to recover most of their data. To try and "locate" data, that extends from a link 200 deep, well...now we're talking a day's work. I will rather loose the program and save my data, than save my program and loose my data...if you know what i mean? This utility is also NOT meant to be stuffed-around with as you will do more damage than good....the Utility was/is meant for Techs that needs to recover data on an ALREADY infected PC...
The reason for using technical terms when possible is to avoid confusion. For example, the word "cat" can refer to several different animals, and a house "cat" is vastly different from a lion "cat". Which "cat" you are referring to can make a big difference. What you mean by "Virtual" is important, and I do not think you are using it the way we are.

The "Special Folders" link is a no-technical overview, but technically, it is worthless. The "virtual folders" they are discussing are actually Shell Namespace, and the article does mention this. Shell Namespace can be displayed as a folder, but they are not folders. A better description of Shell Namespace would be "an amalgamated set of data presented as a virtual folder", but that is still not technically adequate. Using this article as a technical reference will lead result in problems at best.

System Folders are not virtual. They are real directories. In Windows 7, Microsoft has changed the locations again, but they have tried to fix the mess they have been causing. All the previous System Folders are included as Junctions, but this has resulted in a tangled web of connections. The "Application Data" Junction points to its parent folder, and this regression results in multiple nested "Application Data" folders. For the end user, it is confusing, and it can be dangerous. Deleting files in the 200th "Application Data" folder also deletes it in all the "Application Data" folders. In addition, Copy/Paste do not understand Junctions, and they are treated as actual folders. As I noted in an earlier post, this will result in an increased storage space used. Backup applications can also duplicate Junctions as folders, and the result is that the backup has more data than the original. Through the use of security/permissions and a special User, Microsoft eliminated this issue.

If "C:\Documents and Settings" is still a Junction, everything being displayed in the it is actually in the "C:\Users" folder, and deleting files in one place will delete them in both. On Windows 7, deleting a Junction in Windows Explorer will not delete the files and folders, but on Windows XP, all the files and folders will be deleted. If you write a utility that deletes a Junction, it needs to be able to identify the Operating System version. Otherwise, it is irresponsible and dangerous. I have a serious problem with that.

Unless you can determine whether "C:\Documents and Settings" is a Junction or an actual folder, your utility will be either useless or dangerous. If you have access to the machine, use the command from my previous post to identify the Junctions, and proceed from there. You could write a script that could do some of this, but it should only be used by someone who understands the technical aspects. Using a HighjackThis report, you cannot determine if you have a Junction or a folder. Furthermore, I know that there should be more files in "Application Data" than four temp files. I do not know why the HighjackThis report is filtering the files, but this could cause problems.

I could be wrong, but my guess is that this is not related to the trojan being discussed in the linked discussion. The user probably took ownership of the C: drive, and he/she gave themselves full permissions. The machine then was infected with the trojan. A HighjackThis report was submitted, or you have access to the machine. In this scenario, the folders and files you are seeing do not exist, and therefore, you cannot delete only the additional subdirs without deleting everything else as well. Here is the command "dir /al /s c:\". Run it without the quotes
My System SpecsSystem Spec
.


12 Sep 2012   #64

Windows XP/Windows 7 dual boot
 
 

JunkTidy all it does it locks up on me everytime. So I am sticking with JunctionBox at least it works.
My System SpecsSystem Spec
29 May 2013   #65

Windows 7 Home Premium (64 bit) SP1
 
 

Quote   Quote: Originally Posted by logicearth View Post
All you need to do is verify the root of each folder is a junction and set the below permission.
That is all there is to it. One single DENY permission.
I'm sorry to be the N00b... but I can't find a way to get to that permissions screen.

I've got recursive "Application Data" folders in [C:\Users\All Users\] and [C:\Users\Default\], both of which (I gather) aren't real directories, but are themselves somehow junctions or libraries or something.

I've read through this thread and a bunch of other Google-y helpfulness, but before I run JunkTidy or JunctionBox or anything, I thought it might be easiest to just do the "Everyone - Deny" fix.... But I can't find my way to that screen.

... Actually - I found it w/r/t "Default;" I had to "show hidden files" in Windows-Control Panel-Folder Options....

But I don't know if this actually helped.

I realize this whole thread is almost a year old, but I'm hoping for a pointer (get it!?) to some help.

I'm kinda old school, and when I (for instance) misplace a file, I'll pop into DOS and do a [dir /s *somethingunique*.* >C:\listy.txt], but all I get now is pages and pages of "The directory name..... is too long."

Thanks in advance.

--Bennie
My System SpecsSystem Spec
29 May 2013   #66

Windows 7 Home Premium (64 bit) SP1
 
 

Quote   Quote: Originally Posted by bmanevitz View Post
Quote   Quote: Originally Posted by logicearth View Post
All you need to do is verify the root of each folder is a junction and set the below permission.
That is all there is to it. One single DENY permission.
I'm sorry to be the N00b... but I can't find a way to get to that permissions screen.

I've got recursive "Application Data" folders in [C:\Users\All Users\] and [C:\Users\Default\], both of which (I gather) aren't real directories, but are themselves somehow junctions or libraries or something.

I've read through this thread and a bunch of other Google-y helpfulness, but before I run JunkTidy or JunctionBox or anything, I thought it might be easiest to just do the "Everyone - Deny" fix.... But I can't find my way to that screen.

... Actually - I found it w/r/t "Default;" I had to "show hidden files" in Windows-Control Panel-Folder Options....

But I don't know if this actually helped.

I realize this whole thread is almost a year old, but I'm hoping for a pointer (get it!?) to some help.

I'm kinda old school, and when I (for instance) misplace a file, I'll pop into DOS and do a [dir /s *somethingunique*.* >C:\listy.txt], but all I get now is pages and pages of "The directory name..... is too long."

Thanks in advance.

--Bennie
Actually - it just took a little more digging.
I'm not going to edit the post above, but put my next steps here, in case someone else in my position comes along.

In [Folder Options - View: Hidden files - radio button for 'show...'] AND AND AND
In [Folder Options - View: UNCHECK 'hide protected operating system files']

Then I was able to "see" "All Users" and right click it.

I didn't do the permissions thing, But I shift-right click - open command window here
dir /a showed me the application data junction.
I went down two or three steps, then just did:
rd "Application Data"
Which probably deeply screwed something up. Because now there's NO "all users - Application Data." anywhere.

Probably JunctionBox will fix that... but at least it seems to have relieved the recursive Application Data problem.

Okay - I hope I didn't confuse issues.
--Bennie
My System SpecsSystem Spec
12 Jun 2013   #67
RWB

Win7 Home Premium 64bit
 
 

There is also a SetACL.exe inside the zip file that downloads JunctionBox. What is that file for ?
My System SpecsSystem Spec
27 Jun 2013   #68

Windows 7 Ultimate x64
 
 
JunctionBox's home is Sourceforge, not Rumania

Just wanted to take a minute to encourage people who are downloading JunctionBox to do so from sourceforge: Junction Box | Free Security & Utilities software downloads at SourceForge.net - not softoxi, softonic, softpedia, brothersoft, or any of those other Rumania-based malware peddlers that Microsoft and Google seem to be diverting large amounts of traffic to.
My System SpecsSystem Spec
30 Aug 2013   #69

windows 7
 
 

Quote   Quote: Originally Posted by molitar View Post
JunkTidy all it does it locks up on me everytime. So I am sticking with JunctionBox at least it works.
...soon as i get a chance, i'll look into it. SO far its only for 32-bit systems...
My System SpecsSystem Spec
08 Dec 2013   #70

Window 7 64bit, Windows XP 32 bit
 
 

Just wanted to let everyone know I tried that JunctionBox Utility and it seems to have fixed things, even though I still do not understand the Permissions garbage.
My thanks to all contributors.
My System SpecsSystem Spec
Reply

 Stop Application Data folder replicating?




Thread Tools



Similar help and support threads for2: Stop Application Data folder replicating?
Thread Forum
Infinite Application Data General Discussion
move application data folder? General Discussion
Application Data folders keep going on and on General Discussion
All users Application Data General Discussion
Accessing Application Data General Discussion
Replicating Generation Data Groups on W7 Software
Application Data in XP Mode Virtualization

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 08:47 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33