I just noticed this issue and wanna ask a question.
What kind of information does $CmdTcID have?
Does this harm my privacy or something?
One more question. Does CIS store data about these ADSs? (like list of $CmdTcIDs, list of filenames, list of filesizes) If so, I really wanna delete them as they’re sensitive private information.
Hello pondpond,
it only contains info about:
- file zone id
- the process that is created this file
There is no sensitive private information.
For your information
Regards
Buket
Thanks very much for that info
Just to be clear what does the ‘Tc’ and ‘Cmd’ stand for in CmdTcId?
what is the state of that issue?
I switched back to CIS 7, as the ADS changed the time stamp of my files (especially problematic using sync tools).
Now CIS 7 nags me with update notifications - I’m not sure wether this update would update to CIS 8 and trigger the nasty ADS issue again.
Also posted here:
Please don’t crosspost. I answered in the other topic:
Stop whining when you can use v8.2 with disabled ADS tracking. :P0l
I split off the rest of your posts and merged them with the help topic where it is more suited. This section is for bug reports only.
What the heck? It seems like the setting was reset. I had problems with my Sync Tool today again - finding out the file tracking was re-enabled for whatever reason (Update of CIS?)
And why is this feature used at all, if it is a Auto-Sandbox-Setting and Auto-Sandbox is disabled?
I agree - file source tracking should have a HUGE warning. I also may have to research a new firewall. I was working on some 700,000 picture files trying to remove duplicates. I found alternate data streams a handy tool to help keep track of these pictures (adding a md5 sum for instance and marking certain files as different so I did not have to process them again) but at some point I noticed that ALL of the files had gotten new filedates making it much harder to determine which of a pair of files i should discard. Going back to the 100’s of cds these came from and trying to match them to current files and fix the date would be a HUGE pain in the but and probably will not happen. - Also I al curious how much file space is being used on my system disk (C:) as it is a solid state drive and does not have large amount of space. In addition solid state drives have a limited number of writes and that this obviously has affected the life of my main drive. For now I have found the “Enable file source tracking” and have turned it off. I assume I still will have to cleanup.
Ok So I probably changed the filedates when I added the ads streams, I see no cis ads on those files. That make sense but it is also the reason you are getting so much flak about changed filedates. Adding the ADS also affects the filedates of the file.you should have noticed that and reset the file-dates of the original file. - I am Still upset.
Arg turning it off does NOT work. For one the ADS files still cannot be removed. Two- Compiled programs will not run properly (file write is blocked) unless this is done or sandbox is turned off. - Turning sandbox off causes problem with the browsers (link not found). 
You need a third party tool to remove the ADS from files. Unfortunately Comodo does not provide such a solution.
I have a third party tool that will remove the file but it is write protected. Somewhere on this thread was a procedure to turn off the procedure that is blocking the delete but it requires another tool (from microsoft) and requires you to reboot, delete the files and reenable the blocking ap. A real pain in the ■■■■ as I do not like to reboot as I then have to repopulate all that I was working on.
What do you mean with ADS files cannot be removed? What files are you referring to?
Alternatestreamview shows over 8000 files containing the id $CmdTcID:$data. Those are the files left over that I could not delete on the system disk(C:). The other disks were not a problem and I was able to delete them (after disabling cmdguard). Looking closer at these files they appear to be all owned by trustedinstaller and off limits to the administrator, even in safe mode and autoruns disabling cmdguard unless I change the owner (which would be a very big pain and would reduce the security on the system. As for my programs on a different drive (a usb drive) where these ADS files have been removed I am unable to compile the program, run it without errors when they try to write to disk when “enable file source tracking” is off and auto-sandbox is enabled, so to keep these files away I have to disable sandbox as well. Someone has not clearly thought this whole mess through.
And in fact I may have to remove it (Comodo) entirely as it is preventing my program from writing it’s own ADS files. >:(
Seriously? You expect me to take ownership of some 8000 files so I can remove ADS? Which btw reduces the security of those files as they now can be deleted by my ID instead of being protected? >:(
You can take ownership of the (tree of) folder(s) they are in in one go. You need to use the inheritance option to inherit the properties to subcontainers.
Its not the taking ownership that is the issue it is the serious damage to the system caused by taking ownership. Most of these files are system files or program files.
Besides I am MUCH more concerned about my own programs as they will no longer run. (Lazarus complied programs). With sandbox on I get
“Exception : Unknown Run-Time error : 150”
when I try to open (write) to a file and with sandbox off (or in fact all of comodo disabled) I ether get
“An unhandled exception occurred at $0040294D :
Exception : Unknown Run-Time error : 1392”
or
“An unhandled exception occurred at $0040294D :
An unhandled exception occurred at $0041B5A2 :
EInOutError : Disk Full”
when it tries to open(write) an ADS file. This did not occur before I turned off “enable source tracking” And could be what that parameter does is prevent programs (including it self) from writing ADS data. If I can’t figure this out then Comodo will be uninstalled as my trust level for the software is failing fast.
Ok the first error is apparently caused by sandbox (must be turned off to use). The second error apparently is because of a damaged file system. (Chkdsk was run and it fixed the issue).