Really Hidden Files (for XP only) - Page 5
Page 5 of 7 FirstFirst ... 34567 LastLast
Results 41 to 50 of 63

Thread: Really Hidden Files (for XP only)

  1. #41
    Senior Member
    Join Date
    Feb 2002
    Posts
    500
    deftones12, they are 2 different folders, if not, then can you please explain to me why there were full length movies sitting in there on my computer? I mean come on, they have NOTHING to do with IE in any way shape or form.... The temp IE folder and this folder are entirely different folders, as stated somewhere above. If I am wrong, please correct me
    Ron Paul: Hope for America
    http://www.ronpaul2008.com/

  2. #42
    AO Security for Non-Geeks tonybradley's Avatar
    Join Date
    Aug 2002
    Posts
    830
    Thats not spying...it just takes all the files that were originally in the Temp. file and places them into the Content.IE5 folder.
    I disagree. There is a visible, controllable Temporary Internet Files folder. You can see it. You can see what's in it. You can set restrictions on its size and you can delete the files in it.

    This is completely hidden- even after you select to Show All Hidden files and folders.

    I don't know what the intent or use is, but it seems very illegitimate.

  3. #43
    Junior Member
    Join Date
    Sep 2002
    Posts
    18
    In NTSF there are also Alternative Data Streams
    these are the true hidden files, make that file system

    to view these you can employ List Alternative Data Streams (LADS) Freeware

    Alternative Data Streams FAQ
    The Dark Side of NTFS
    Inside Win2K NTFS Part 2 Windows 2000 Magazine
    NTFS Alternative Data Streams Windows and .NET Magazine
    Ntework Trojans: What you really need to know Information Security Bulletin

    Alternative Data Streams pose a unique
    (and thankfully so far, underemployed) security threat

  4. #44
    Junior Member
    Join Date
    Apr 2003
    Posts
    6
    Does anyone know what the official reason for this is? I'm sure they would claim that Microsoft never ever looks in that directory. hehe

  5. #45
    Junior Member
    Join Date
    Apr 2003
    Posts
    5

    Cool Post

    Cool stuff definately.. I saw stuff I browsed for a couple of years ago. One thing that may be a little easier on changing directories from a command line.

    Try: cd docu* instead of having to type the truncated lines. This works under Linux as well.

    Best Regards,

    Brujoh

  6. #46
    Member
    Join Date
    Apr 2003
    Posts
    37

    Question



    I googleed "UICLSID={7BD29E00-76C1-11CF-9DD0-00A0C9034933}"
    http://www.geocities.com/registrylord/desktop.txt

    I dont understand why one would go to all that trouble or buy / download software to delete temporary inet files ?

    All you have to do is to open in IE the Tools menu / select internet options, click on delete files (tick the "delete all offline content"), then click on delete cookies (if you realy want to log into all those websites again) and finaly the clear history button.

    That still leaves a few files and folders, but not those megabytes as some has found according to this thread.

    One good idea is to tick under advanced options the "empty internet files folder when browser is closed" this wount delete cookies or the history, but still those who reported really big temp files should defenetly do this. (exept if still surffing with modem)

    Deleteing cookies from the internet temporary files, will also delete them from the cookies sub dir under the user profile. Guess its the same files, just from a different "view"

    Invasion of privacy ? Am I missing something?
    I did not do it.

  7. #47
    Junior Member
    Join Date
    Sep 2002
    Posts
    18
    Originally posted here by HippoDuck




    I dont understand why one would go to all that trouble

    To protect my plans for World Domination of course

    The CAD files of my death ray must not fall into the hands of the authorities


    In reality, encrypting your hard drive would be a better solution
    ADS (Alternative Data Streams) where originally implemented for Mac interoperability,
    there are many theories as to why Microsoft's index.dat's exist, a forensics trail for the authorities ranks pretty high

    I used to employ Spider to remove these in IE5
    now I use Phoenix

    Now a days if there is something I want to kill I employ a W2K\XP shutdown script

    To create a shutdown script for Win2k/XP...

    Create a new text document with the dos command to delete the file that you want using the old 8.3 filename structure...

    For example "del c:\progra~1\annoying.dll" (without quotes)

    Then save the file as a .cmd file. Then click Start, Run and type in GPEDIT.MSC and click ok.

    From there find the Scripts section (am not in front of a machine at the moment that I can access it) then select shutdown and open the window. Activate your .cmd file in that window and click apply and ok. Close down and reboot the computer to run the file, then check to see if it is still there when your computer comes back on.

    Then go back into gpedit.msc and remove the file from the scripts
    Its one of the most useful things that I have found, I have it set to automatically delete all users temp files and all the internet temp files including the content.ie5 ones every time windows shuts down.

    If I get a trojan that gets past my AV and my firewall, 9 times out of ten gets nuked at reboot
    Its great for any number of things...

    For those that cannot find the scripts setting a direct way in is here:

    Start > Run > GPEDIT.MSC (click ok) > Local Computer Policy > Windows Settings > Scripts(Startup/Shutdown) > Shutdown (double click) > Click Add and then Browse... add your .cmd file there...


    I swiped the above italics from Necropolis

  8. #48
    Junior Member
    Join Date
    Feb 2005
    Posts
    1
    nice....several gigz cleaned now,and ill sleep alittle better....maybe

  9. #49
    Senior Member
    Join Date
    Jan 2005
    Posts
    217

    WELCOME TO AO!

    beyond, welcome to AO!

    This thread is actually way too old (check the flashy thing, if it flashes, it's way too old)...

    Please visit the AO FAQ HerE for more introduction!

    Yo!
    \"Life without FREEDOM is no life at all\". - William Wallace
    MyhomE MyboX StealtH (loop n. see loop.)
    http://www.geocities.com/sebeneleben/SOTBMulti.gif

  10. #50
    Senior Member
    Join Date
    Feb 2005
    Posts
    153
    You all know that just clearing out the temporary internet files via the IE tools and settings, clears this out. Right? Not just the temporary internet files folder, but also this "tin-foil hat" folder that everyone is getting worked up about.

    edit Yeah, that's it. Let's neg me because you don't appreciate someone rehashing old information. God forbid people have more to contribute to this, after all. In fact, bring it on. I'll completely reopen this and expand upon it SINCE it applies to the same subject as the parent poster.

    That's not a bad thing right? Continuing a conversation that is completely relevant to the parent poster? Good.


    A few things to note about this hidden folder "tin-foil" method. The folder is created by Explorer for 2 main reasons:

    1. Microsoft is trying to protect copyright law by moving some data to a secondary hidden folder. Most .mov and .wmv files will be moved here for this exact reason. Granted, all information in the temporary internet folder is copied into the IE tinhat folder, but notice that there are a lot of files in the Ie tinhat folder that are media based and do not exist in the temporary internet folder. This is called "Assisted copyright protection", so non-savvy users can't start pirating data from the web.

    2. Backup. A lot of employess know how to delete their history trail, but not all of them know about registry editing and clearing a secondary Ie folder. Granted, it's a messy hack, but MS learned that employers wanted a feature that would backup the history/cookies/data of employees that surfed the web. Most common-day admins will expand upon this and backup that hidden folder every hour, since doing so won't hinder the box in a way that would make the user suspicious.

    And there you have it. No hidden MS agenda to send off that information. No hidden MS agenda to copy that information to their servers. For those of you who have ran an sniffer, you'll see this first hand. None of that data is sent out. Not weekly, not daily, not 'per reboot', and not when a program is in use.

    There is a LOT of myth and mystery behind a subject that should never be tinfoil hatted.

    Let me also address the people telling me to "read the FAQ!". I already did, so let me read it to you:
    Posts with blinking dates are posts that are older than 336 hours, or 2 weeks. Keep this in mind when you reply to a post with blinking dates.
    That's it. Not OMFGDON0T POST!!!11. Not "I recommend you not posting". But to keep in mind how old a topic may be when posting a reply to it.
    \"It is not the strongest of the species that survive, nor the most intelligent, but the one most responsive to change.\"
    - Charles Darwin

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides