Begone! Dratted (Old) System Files: Begone!

When one member of my mirrored pair of system drives failed earlier this year, I replaced that pair of Seagate 7200.10 320 GB drives with a pair of Samsung SpinPoint HD501LJ SATA II 3.5″ drives with 16MB Cache. I also installed the still-working member of that pair in my system, so as to retain access to all kinds of files and information from that machine.

Recently, I decided that I”d mined some portions of that disk as much as I ever cared to. In the wake of running the Secunia  Personal Software Inspector on my machine, I discovered that lots of system and application files on the old drive were registering as security threats, even though I don”t run them any more. In particular, I found numerous items in the Windows/System32 and Program Files directories that I wanted to get rid of so as to remove the warning, even though I believe they pose no actual threat.

Only one small problem: Vista won”t let anybody (not even the Administrator account itself) delete files from those directories. I tried taking ownership and changing permissions. No go. I tried a couple of different programs that claim to be able to force deletion of just about any Windows file (KillBox and Remove on Reboot). No luck! I ran the Vista Install DVD and got into the command line interface portion of the Repair facility. Nothing doing. I went into the Disk Management utility and made that partition inactive (it was no longer showing system or boot attributes anyway). No joy! Removing those files was proving harder than I”d expected it to be.

OK, that led me to conversations with a trusted “System Wizard” colleague. He told me he had encountered the same problem, and had simply moved the drive to an XP system, which has no such reservations about clobbering these directories. Though my wife”s machine still runs Windows XP (SP3), I was too stubborn to take that route. I wanted to do it on my machine, not on somebody else”s!

Instead, I turned to a completely different OS–namely, Linux. It turns out that a trio of Belgians have created a Website called, where they host their development projects. There triumvirate member Harakiri (Tom Kerremans) makes his excellent Trinity Rescue Kit available to people like me with Windows problems that they know how to fix, but just can”t fix inside Windows itself.

I”m doing an injustice to TRK, the Trinity Rescue Kit, by describing just one of its many functions, but it also turned out to be just the one that I needed. I downloaded  the ISO image from the Web page, then downloaded and installed Alex Feinman”s nice little ISO Recorder (V3 Vista Version) Power Toy. All I needed to do to burn a bootable CD was navigate to the ISO image file in Windows Explorer, then right-click on the “Copy Image to CD” entry that pops up there, thanks to this handy little shell extension.

After that I was able to boot from the TRK CD, which did a peachy job of recognizing all of my hardware and loading all the drivers it needed to access my devices, with no help from me (a big relief for somebody who”s not been terribly active with Unix since the 1980s). After that I used his mountallfs -g  shell script to mount my drives and simply navigated into the directory structure on my old system drive (the -g parameter is very important because the default NTFS driver loaded in TRK when this value is missing from its invocation won”t allow you to delete those files, either). Using the cd, rm, rmdir, and ls commands, with various switches and parameters (I remember that much bash, thank goodness) I was able to remove the whole Windows and Program Files directory trees, and to get rid of the hiberfil.sys hibernation file in my root directory as well.

I”m guessing I probably spent 6-10 hours researching and discussing what took less than 10 minutes to actually do, once I had the right tools in hand. Isn”t that just the way of the Windows world, though? But now those files are gone, and I”m glad to get the extra 40 GB or so of otherwise unusable disk space back, too.


Leave a Reply

Your email address will not be published. Required fields are marked *