DarkKnight Posted May 7, 2015 Share Posted May 7, 2015 I have posted this in other tech forums but cannot seem to get an answer, maybe I can get some help here .............I am trying to run cipher.exe in an elevated command prompt using "cipher /w:C:" to wipe free disk space, even though I am the administrator on the administrator account, whether I run at an elevated cmd prompt or not I get the same message ...."This program is blocked by group policy, For more information, contact your system administrator"I get the same message when I try to use SDelete also.People keep pointing me to CCleaner, I know CCleaner wipes free space, but it takes forever to do it, even when it is set on one pass, on a 1TB drive with 630GB free space to wipe CCleaner takes 14+ hours to wipe with one pass. And from what I heard and understand cipher can wipe around 50 gigs free space in just about 25 minutes, so calculating around 600 gigs it should be able to do it in around 5 hours +/- which to me is much better than 14 hours that CCleaner does.How do I get around the above problem in group policy?BTW, I have also tried to reset the group policy editor to default also ....... does not work.Running Windows 8.1 Pro x64 with all Windows updates in place. Link to comment Share on other sites More sharing options...
Tripredacus Posted May 8, 2015 Share Posted May 8, 2015 If the computer is not part of a domain and has no active GPOs on it, I would look for possible infections. There are many viruses (and even their preventative counterparts) that can block applications from being executed. However, running the file from another place and after being renamed may work. Link to comment Share on other sites More sharing options...
jaclaz Posted May 8, 2015 Share Posted May 8, 2015 Also check the good ol' https://technet.microsoft.com/en-us/library/bb457006.aspxHKLM\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\ As often happens the setting remained through later releases, at least up to 7/Server 2008/R2 so it is entirely possible that they are in Windows 8/8.1 as well, see also:http://jon-heidenreich.blogspot.it/2013/09/malwarebytes-this-program-is-blocked-by.html 25 minutes to wipe 50 Gb seems reasonable for a 00 write, besides making cipher or sdelete working, you may also want to try fsutil, you can create a file the size of the free space, then fill it with zeroes with setzerodata:http://ss64.com/nt/fsutil.htmlor try powershell:http://blog.whatsupduck.net/2012/03/powershell-alternative-to-sdelete.html jaclaz 1 Link to comment Share on other sites More sharing options...
DarkKnight Posted May 9, 2015 Author Share Posted May 9, 2015 (edited) If the computer is not part of a domain and has no active GPOs on it, I would look for possible infections. There are many viruses (and even their preventative counterparts) that can block applications from being executed. However, running the file from another place and after being renamed may work. I thought of it ..... then thought again, with my security solution it would highly unlikely, NOT impossible but unlikely. As often happens the setting remained through later releases, at least up to 7/Server 2008/R2 so it is entirely possible that they are in Windows 8/8.1 as well, see also:http://jon-heidenreich.blogspot.it/2013/09/malwarebytes-this-program-is-blocked-by.html jaclaz Believe it or not, that's the one that worked, followed the directions on the page, rebooted, opened a elevated cmd prompt and used the cipher command and .... wammo! it worked, I knew I would find my answer here.Thanks jaclaz! Edited May 9, 2015 by DarkKnight Link to comment Share on other sites More sharing options...
jaclaz Posted May 9, 2015 Share Posted May 9, 2015 Believe it or not, that's the one that worked, followed the directions on the page, rebooted, opened a elevated cmd prompt and used the cipher command and .... wammo! it worked, I knew I would find my answer here.Thanks jaclaz! You are welcome .The good MS guys have a long tradition of keeping previous OS specific settings without documenting them and use deceiving error messages, and on the other hand the good guys that write programs often use some settings without really knowing all the consequences (mainly because the good MS guys never documented them properly), since this behaviour appears to be a not-so-common one my bet is on some third party tool setting those keys, possibly in order to increase the security of the PC. jaclaz Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now