Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Apparantly empty folder

  1. #1
    Senior Member
    Join Date
    Oct 2004
    Posts
    183

    Apparantly empty folder

    The system is XP Pro SP2. I've been told that a folder can be made to appear empty (in Windows Explorer) by having a desktop.ini file containing:

    CLSID={645FF040-5081-101B-9F08-00AA002F954E}

    I've not seen this in action nor have I been able to reproduce it on my laptop, whether I have the line [.ShellClassInfo] before the CLSID line or not. Does anyone know anything about this? The files in the folder can still be seen via DOS commands but are invisible in Windows Explorer whether the hidden files are set to be seen or not.

  2. #2
    AO's Resident Redneck The Texan's Avatar
    Join Date
    Aug 2003
    Location
    Texas
    Posts
    1,539
    why do you want it to appear empty? why dont you just hide it by clicking hidden or going to folder options and clicking Don't show hidden folders?"
    Git R Dun - Ty
    A tribe is wanted

  3. #3
    Right turn Clyde Nokia's Avatar
    Join Date
    Aug 2003
    Location
    Button Moon
    Posts
    1,696
    I would say no, Ive never heard of it before but thinking about it logically it does not make sense what you are tying to do, so I would say the answer to your question would be nope!

  4. #4
    Well, if you made it to appear empty, you can hide all the nasty stuff you are storing there and other users or snoopy people won't be able to see it unless they know it's there and know how to access it.

    Some of the trojans and spyware try to use this kind of thing to hide their files and activity from the user. Folks who plop keyloggers on systems try to hide their stuff this way, too.

    Kinda makes you wonder why our friend Ignatius wants to do it.

  5. #5
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Did you try looking at it from the cmd prompt? It often gives different results
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  6. #6
    Senior Member
    Join Date
    Oct 2004
    Posts
    183
    I know it's possible to hide files by setting the +H attribute, but so do many folks. Similarly, folders can be encrypted and I just wondered if this technique is a more obscure way of hiding files.

    The question "why?" is an obvious one. I can assure everyone that it's not to hide illegal, illicit or immoral material! I'm aware of hiding files inside others using NTFS Alternate Data Stream and I've seen sysmin770's tutorial. I'm also aware just how easily computer forensic experts can uncover hidden material so I'm going to even consider dealing with such matter on any computer to which I have access.

    I'll get back to my source to see if they can explain exactly how they got this to work. I've tried it myself and just wondered if it only affected files added to the folder *after* creation of the desktop.ini, but that drew a blank too. I certainly know that there is unusual behaviour of the recycle bins and recycler folder on my own laptop which has limited and admin accounts.

  7. #7
    Security by obscurity is almost always a lame method. If you are looking to secure something, the Windows EFS is probably the more reliable, in an NTFS partition.

    Also, your source may be working in a FAT32 environment, rather than an NTFS environment. All kinds of silly things can be done in FAT32, most of them bad.

  8. #8
    The ******* Shadow dalek's Avatar
    Join Date
    Sep 2005
    Posts
    1,564
    Ignatius

    Is this what you are looking for?

    http://www.antionline.com/printpost.php?postid=754322


    Luck
    PC Registered user # 2,336,789,457...

    "When the water reaches the upper level, follow the rats."
    Claude Swanson

  9. #9
    Senior Member
    Join Date
    Oct 2004
    Posts
    183
    Thank you rapier57. Perhaps the word "obscurity" wasn't quite the right one. I meant something which isn't widely known as, fo instance, +H and +S are known. I realise that I could use Windows EFS for security.

    Thanks to you, too, dalek. I'd seen something about this elsewhere and tried it a while ago but the extension remained visible. I know there's a registry modification to add <NeverShowExt=""> to the CLSID but I'm not keen to do that, just in case in messes my registry. I just tried it again, using the CLSID of the Control Panel and sure enough, the desktop icon changed, as did it's behaviour when I clicked it. Do you think it would do any harm to add <NeverShowExt=""> to this one, or any of the other special folder CLSIDs which are listed in the article?

  10. #10
    The ******* Shadow dalek's Avatar
    Join Date
    Sep 2005
    Posts
    1,564
    Do you think it would do any harm to add <NeverShowExt=""> to this one, or any of the other special folder CLSIDs which are listed in the article?
    I'm not too keen on mucking about with the regedit, but if you do a backup and then export the key, you might want to try it that way to see if it will work, if not you can always restore the registry key.....http://support.microsoft.com/default...b;en-us;322756

    The only other resource I could find was this: http://www.kellys-korner-xp.com/xp_tweaks.htm Line 190 is for Hide Selected/Specific File Extension Paths............
    PC Registered user # 2,336,789,457...

    "When the water reaches the upper level, follow the rats."
    Claude Swanson

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •