E L I M I N A T E _ H I D D E N _ B R O W S E R _ H I S T O R Y

Printable View

02-02-2008, 07:55 PM
franklynxxx

E L I M I N A T E _ H I D D E N _ B R O W S E R _ H I S T O R Y

Quote:

You want a real scare? Go to your Temporary Internet Files directory.
Add " \Content.IE5 " (no quotes) typing it to the end of what is in the address bar.
Press enter, see all those funny folder names? They contain records of your web surfing!
Notice how you cannot delete them? See the file called index.dat?
Thats got every URL you have ever visited.
Are you also aware that Outlook never actually deletes an email?
You can get rid of all this stuff, though, read on.

__________________________________________________ _

http://www.microsuck.com/content/ms-hidden-files.shtml
the same also here it takes time to download _
http://www.devhood.com/tutorials/tutorial_details.aspx?tutorial_id=671

Scroll down to post #4 by Anonymouse
About DW15.EXE & DW20.EXE
http://forums.slickdeals.net/showthread.php?t=191508

Of course these
can be deleted, the reason it is difficult is because although Internet Explorer
and Windows Explorer have a different focus they are the same application. You
cannot easily delete a file that is in use by a running program. Don't believe it ?
Do this, open Windows Explorer by clicking the recycle bin icon which is usually
handy on the desktop and click the next level up arrow of the toolbar. This puts
you on the desktop duh. Well anyway, hit ALT and D , and type into the address
bar something like www.google.com or http://facialforum.net/index.php
or whatever you like , and hit enter.
Suprise ! Internet Explorer opens up to that page.
Allright now do this, hit ALT and D , and type into the address bar of this new
window of Internet Explorer , C:\Documents and Settings\Administrator , and
again hit enter , behold you are now taken to that folder , neat huh.
This shows you the reason there are so many holes in the supposed security of
the Windows OS. It's also the reason an alternative browser means little to your
peace of mind. How's that ?
Your browser stores the content you visited in the cache right !
The cache is stored by and available through Windows Explorer right !
Windows Explorer and Internet Explorer are the same thing right !
I rest my case.

Index.dat files hidden on your computer contain all of the Web sites that
you have ever visited. Every URL, and every Web page is listed there. Not only
that but all of the email that has been sent or received through Outlook or
Outlook Express is also being logged
To obtain permission to access this and other locked directories and view the
contents or just delete what is in there , do this :
Open an Explorer window and click " Tools " at the top and select " Folder Options "
click the " View " tab and scroll down to " Hidden files and folders ",
uncheck " Do not show hidden files and folders ", just below also uncheck
" Hide extensions for known file types " and also
" Hide protected operating system files ( Recommended ) ",
also at the bottom, uncheck the box that says " Use simple file sharing "
click apply and OK.
Now, in your root disk (usually C:\) the hidden directories will show up. But you
will indeed find out that you cannot access them.
Here is what you do next in Windows XP Pro :
Right-click the folder, and click on " Sharing and security " go to the Security tab.
There you will see that the only user allowed to access that folder is "SYSTEM ".
Let's assume your username is " psYchotic ". <- actual author of this tip from here
http://www.geeknewz.com/board/lofiversion/index.php/t2949.html
Click the " Add " button, then type " psYchotic " ( without quotes ).
Click the Check Names button. That should change the username to
" OCTAGON\psYchotic " where octagon is the name of your computer and psYchotic
your username. Check the " Full access " box, then click OK.
Now you have full access to hidden system folders and directories, for
security reasons, on shared computers It's advisable to undo everything you
did and remove your username from the access list.
More details this site here _
http://www.theeldergeek.com/system_volume_information_folder1.htm

In Windows XP Home Edition, you'll have to use cacls.exe, a command
line utility for modifying access control , and permissions , if you do not
have it in your system32 folder , place it there , it is available here _
http://www.computerperformance.co.uk/ScriptsGuy/cacls.zip
How to Gain Access to the System Volume Information Folder
Hit the Windows Key and R , type in " cmd.exe " without quotes and press enter
At the command prompt type the following with the quotes :
cacls.exe "C:\System Volume Information" /E /G username:F
The above command assumes that the current Windows installation is in C:\ If not,
change the drive-letter/Path accordingly.
Substitute for " username " your own account name, this is added to the ACL and
grants you Full Control.
After cleaning it out, the following command removes your username from the
access control list:
cacls.exe "C:\System Volume Information" /E /R username
In this case you D O use the quotes ( this allows DOS to recognize the spaces in
the folder name ) and " username " is your windows account without quotes.

or use this utility here that also will modify Permissions _
http://www.dougknox.com/xp/utils/xp_securityconsole.htm

Another way shown here _ http://web.archive.org/web/20060621231446/http://www.nearlyclever.com/?p=4
To gain access to hidden areas of Windows XP and Windows 2000 - Part 1
Do you know that there are areas of Windows that the Adminstrator account
can’t access? Have you ever tried to see what is in the
“ C:\System Volume Information ” folder? Would you like to know?
Viruses are starting to hide inside areas of the files system that users can’t even
get into, such as the “ System Volume Information ” folders.
Here is a simple way to access these areas.
First, as an administrator, you have the rights to request that the system execute
commands on your behalf. One such request is of the scheduler service, which
runs under the SYSTEM account. By scheduling a interactive command session,
you run programs under the SYSTEM account.
1. Open a Command Prompt ( Windows Key and R , type in cmd.exe press enter )
2. Type the following: " at time /interactive C:\windows\system32\cmd.exe "
. (without quotes ) replace the word time with the time you want the
. command to execute. ( I usually just add one minute to the current time.)
3. After running the above command, a second cmd.exe window will appear.
. However, it will be running under local system authority. Notice the title bar
. " C:\WINDOWS\System32\svchost.exe " differs from the previous cmd.exe window.
* Note - If this new command prompt does not appear , go to Control Panel ,
System Tools , Scheduled Tasks , there you will see " At1 ", right click
this icon and select " Run " first on the pop up menu. Now you have it.

Continued here _ http://web.archive.org/web/20060621231325/http://www.nearlyclever.com/?p=17
To gain access to hidden areas of Windows XP and Windows 2000 - Part 2
In part 1 of this Howto, I explained how to get windows to open a cmd.exe window
running under the SYSTEM account. This is the highest set of rights on a Windows
system, the system itself. Due to the dangerous nature of this state, please be
careful. Windows has many safety checks in place to protect even the vaunted
Administrator account. There are no safety nets with the SYSTEM account.
Ok. Let’s get started. Most of us like using a graphical shell, so let’s run explorer.
Type in explorer.exe at the cmd.exe window running under the SYSTEM account.
Hmm…. What happened? Well if your screen looks like mine, nothing happened.
Explorer has a built in check to make sure that only one instance runs at a time,
even under the rights of another user. How do we get around this?
Thank goodness for Internet Explorer! ( I can’t believe I said that )
Internet explorer can browse your file system with ease. ( remember it's the same )
Type this “C:\Program Files\Internet Explorer\iexplore.exe” at the command prompt
WITH THE QUOTES.
In the address bar, type in C:\ Now we are browsing as the SYSTEM account.
* Note - Actually there is a way to have multiple instances of explorer running
Click " Tools " at the top and " Folder options " then " View ", scroll
down and check " Launch folder windows in a separate process "
02-02-2008, 07:56 PM
franklynxxx

E L I M I N A T E _ H I D D E N _ B R O W S E R _ H I S T O R Y - Pt I I

THIS TOPIC IS SO LARGE IT NEEDS TO BE SHOWN IN TWO INSTALLMENTS

- The source of the following quoted experience is no longer online -
Explorer has a folder called " System Volume Information ", where the restore
points of the System Restore function are kept. A 40 gig hard disk, inexplicably
nearly full, after checking all the directories there is nothing evident to
explain the loss of free space. The only possibility is the System Volume
Information directory, which is locked by NTFS permissions. Disabling System
Restore and rebooting did NOT return the free space and nor did using the
System Restore cleanup function of Disk Cleanup. After enabling access to
inspect these folders sure enough, there was nearly 30 gigabytes worth of
disconnected system restore crap in there. Deleted all to recover the space,
then enabled system restore again and created a new restore point.
( I recommend shutting off XP's system restore and using ERUNT instead,
described further on below here, but read on )
A warning to everyone using Windows XP with the NTFS filesystem who can't
account for their disk usage, that it's probably the " System Volume Information "'
directory. Temporarily disable System Restore, and clean out that directory. It
appears that just like Internet Explorer's Temporary Internet Files. When files
get disconnected from the tracking mechanism, they pile up and are never
removed.
When Window's user settings cannot be repaired it is because of faulty or
malicious entries in the registry. If, unknown to you, you've had some maloderous
excreta deposited by a " drive by installation " and now need to reposess control of
your system. You can do so by having first created an initial ERUNT backup when
your PC is running just the way you want. Go here for a tutorial on how to use
the " ERUNT " " Emergency Registry Utlity NT " to save backup copies for replacing
the entire registry. This is much more elegant than the bloated Windows System
Restore, which you can then deactivate. ERUNT with instructions for use is here _
http://www.winxptutor.com/regback.htm

How else can you manually delete Index.dat file ?
The index.dat files are used by Internet Explorer and Windows Explorer. Since you
cannot delete a file that is in use by a running program, if you feel you need to
delete these folders, you will have to shutdown all instances of Explorer and IE. This
includes applications that may host the Webbrowser control: Outlook, Messenger,
IE, Product Studio, Visual Studio, Help, Windows Media Player, etc. Your best bet
is just close everything. When you are left with a desktop and a start menu, you
will still need to shutdown Explorer.

1. Close all open programs.
2. Open a Command Prompt ( Windows Key and R , type in cmd.exe press enter )
. and leave it open.
3. Press , CTRL SHIFT ESC together or just right click the taskbar and select Task Manager
4. To shutdown Explorer go to the Processes tab of Task Manager and right click
. Explorer.exe and select End Process
5. Next click " File " at upper left in Task Manager's tool bar and select " New Task Run "
. type EXPLORER.EXE and leave the Create New Task box and Task Manager open.
6. Go back to the Command Prompt window and change to the directory the
. undeletable file is located in by typing CD and the path
. "C:\Documents and Settings\name of folder" ( or the offending undeletable file )
. with the quotes , then hit enter.
7. At the command prompt now type DEL filename ( filename with extension )
. at this point you should be able to delete the index.dat file.
8. Go back to Task Manager, and press OK in the Create New Task box to restart
. the Windows Explorer GUI shell
9. Close Task Manager.

If you don't like to do this manually here is software that will do the same ,
these Freeware utilities will delete all internet related files including index.dat

Index.dat Suite
http://support.it-mate.co.uk/?mode=Products&p=index.datsuite
http://www.snapfiles.com/get/indexdatsuite.html

MRUBlaster
http://www.javacoolsoftware.com/mrublaster.html
Install and run, click " settings " and " Go to Plugins "
enable " IE Temporary Internet File Cleaner " this
completely automates erasing the index.dat file

For other stubborn files that don't know their place try this Unlocker utility
http://ccollomb.free.fr/unlocker

CLEAN OUT STORED CRAP AND REGAIN YOUR DISK SPACE.

Windows Clean Disk utility will only clean out the cache not the index.dat
1. Reboot and to start up in Safe Mode, press F8 while booting and choose " Safe Mode "
. Press the Windows and R keys and type " cleanmgr /sageset:50 " without quotes.
. Leave a space between " cleanmgr " and " /sageset:50 " , and click OK. In the
. resulting screen, choose your options by checking the boxes.
2. To automate this process without rebooting into safe mode, type this instead
. cleanmgr /d C: /sageset:50
. NOTE: / d parameter is used to specify the drive-letter. The above command
. assumes that the current Windows installation is in C:\. If not, change the
. drive-letter/Path accordingly.
3. Select Temporary Internet Files and any other options by checking the boxes.
. Click OK to save the changes.
. Now, the cleanup configuration is stored in the registry. You can invoke the
. cleanup of Temporary Internet Files by calling this saved configuration. To do
. so, whenever you wish to clear the Temporary Internet Files cache, you just
. hit Windows key and R and type the original command cleanmgr/sagerun:50
. into " Run "

NOTE: When using / sagerun, you don't need to specify the drive-letter, as the
drive-letter configuration is already stored in the registry by step 2 - using the
/ d parameter )

Of course the best and easiest thing is to have this ability as a built in
feature of your browser , Avant Browser is a shell that runs with IExplorer
and provides extensive and delightful additions and enhancements.
http://www.avantbrowser.com

Other Utilities to empty the trash _
I Use all of them often . these do no harm
CrapCleaner
http://www.ccleaner.com
DustBuster
http://www.pcworld.com/downloads/file/fid,22384-order,1-page,1-c,harddisk/description.html
EasyCleaner
http://personal.inet.fi/business/toniarts/ecleane.htm
EmptyTemp
www.snapfiles.com/get/emptytemp.html

BE AWARE THAT WHATEVER METHOD DESCRIBED ABOVE YOU USE ,
DELETING FILES ONLY MAKES THE DISK SPACE THEY OCCUPY AVAILABLE FOR
OVERWRITING. TO REMOVE THE FILES IT IS STILL NECESSARY TO ERASE THEM
WITH ANOTHER UTILITY.

Entering the " cipher " command at a DOS prompt in XP and Win2K will securely erase
already deleted files inside a directory. Type cipher /? for a list of options.
Hit the Windows Key and R , type in " cmd.exe " without quotes and press enter
At the command prompt type the following :
cipher /W:C:\"Documents and Settings\Username\Local Settings\Temporary Internet Files\Content.IE5"
this will clean the Content.IE5 directory.
In this case you D O use the quotes ( this allows DOS to recognize the spaces in
the folder name ) and \Username\ is your windows account name.

Other file overwriting utilities
Shredder
http://www.analogx.com/contents/download/system/shred.htm
Simple file shredder
http://www.softpedia.com/get/Security/Secure-cleaning/Simple-File-Shredder.shtml
Ultra Shredder
http://www.xtort.net/xtort/ultra.php
BCWipe
http://www.jetico.com/index.htm#/bcwipe3.htm
Earaser
http://www.heidi.ie/eraser
Necrofile
http://www.nthsystem.com/nfinfo.html

IT IS BEST THAT THESE OPERATIONS BE DONE ON A DISK THAT HAS BEEN DEFRAGMENTED

.
02-02-2008, 09:08 PM
franklynxxx

DID I SAY TWO INSTALLMENTS :# Pt I I I

THE BEST FOR LAST

BETTER STILL INSTALL 1/2 GIGABYTE OR MORE OF RAM AND ELIMINATE THE PAGE FILE
ALLTOGETHER. THEN INSTALL A " RAMDRIVE " DRIVER. THIS CREATES A VIRTUAL DRIVE
IN RAM.http://www.surasoft.com/articles/ramdisk.php
SO WHAT?
YOU CAN THEN ASSIGN TEMPORARY INTERNET FILES, COOKIES, HISTORY, AND TEMP
FOLDERS TO IT. EVERYTHING DISAPPEARS WHEN YOU REBOOT !
- NOTHING ELSE EVEN COMES CLOSE TO THE PERFORMANCE BOOST THIS WILL GIVE
YOUR COMPUTER, AND SINCE THE DISK IS USED SO MUCH LESS IT WILL LAST LONGER !
GET IT HERE ->www.ramdisk.tk _ An unbelievable value !

After it is installed and configured _
Click Start > Control Panel > Internet Options > General Tab > Settings > Move Folder
( MAKE IT B:\ )
Click Start > Run > ( type ) Regedit, Go to these two keys here _
HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\Shell Folders
HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\User Shell Folders
( Click Shell Folders and User Shell Folders itself , not the [+] )
Locate " Cache ", " Cookies " and " History ", Right Click each , select " Modify " and
change the drive letter to B:\ LEAVE EVERYTHING ELSE THE SAME

Last , Click Start > Control Panel > System > Advanced Tab > Enviornment Variables ( below )
In those two boxes upper and lower , Edit the four instances of " TEMP " and " TMP "
enter for all the value B:\Temp

Just one more thing , the Temp Folder has to be created each time you boot up.
This can be done automatically at bootup by keeping this batch file in the
C:\WINDOWS\System32 , folder. In Notepad write this

@ECHO OFF
MD B:\Temp
TEMP = B:\Temp
TMP = B:\Temp
MD B:\PRINTER_SPOOLER

Save it , name it CREATETMP and change the extension from *.txt , to *.bat .
Put it in the C:\WINDOWS\System32 Folder.
You now need to list the batch file in the Registry to invoke it at startup
Hit Windows key and R , type in Regedit and enter. Go to this Registry Key _
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run

Right click it and select New and from the drop down list click " String Value "
A new entry highlighted in the right Window pane appears called New Value
click this and type in it's name CREATETMP.
Now right click it , select Modify and a text box appears. Type in
C:\WINDOWS\System32\CREATETMP.bat
and click O K, close all the trees and the Registry editor.

YOU'RE DONE !

If you want your printer's job folder , called the Printer Spooler to be in the
Ram disk also , then do this
1. Click Start, Control Panel then DOUBLE CLICK " Printers and Faxes "
2. In the " File " menu of the Tool bar at top , click Server Properties.
3. Click the Advanced tab.
4. In the Spool Folder text box, type the complete path to the new folder
. B:\PRINTER_SPOOLER
5. Click Apply , Click Yes , Click OK , and then close the Printers and Faxes folder.

IF YOU DON'T WANT THE PRINT SPOOLER TO WORK OFF THE RAMDISK , THEN
REMOVE THIS LAST ENTRY -> MD B:\PRINTER_SPOOLER , FROM THE BATCH FILE.

A MINOR BUT ANNOYING BUG IS THAT THE RECYCLE BIN ALWAYS ASSIGNS AND
SETS ASIDE A DEFAULT VALUE OF 10% IN THE RAMDISK. JUST REMEMBER TO
RIGHT CLICK " PROPERTIES " ON THE RECYCLE BIN AND SET B:\TO ZERO
AND " DELETE FILES IMMEDIATELY " WHEN YOU FIRST BOOT-UP THE SYSTEM.
02-03-2008, 06:13 PM
SimonKemp

Gawd Amighty franklyn. Thank you very much dood. Glad you are here :D
07-14-2008, 08:39 AM
franklynxxx

1 Attachment(s)

Quote:

safn1949 wrote _
I downloaded and hopefully installed ramdisk.I followed your directions and the
disk is reappearing after restart.However the install directions from the
company are not real clear to me. How large of a disk should I run? I
have 2gigs of ram.And how do I set up firefox to get temp files into the disk?
I have the disk set at 64mb at the moment.

I had corresponded with Christiaan Ghijselinck in 2005 when his ramdisk was still
in beta development about the short explaination. He is Belgian so english is not
his first language. Here is what he said :

Quote:

" In general , drivers can be renewed using the
standard Microsoft procedure "Update Driver". This applies to
my RAMDisk too. In fact , the "update driver" is recommended
because ( most of ) the previous settings are preserved. Only
when running versions 5.2.9.* and older, it is recommended
to uninstall the older version first and install 5.2.10.2 afterwards.

Problems I encountered before with users are mostly due to the
fact that they do not STRICTLY follow the instructions. Some
people even delete RAMDisk.dll and/or RAMDisk.sys manually
before the "unsinstalled" according the procedure. "

The size you can select depends on how much memory remains after the
operating system is satisfied. WinXP needs perhaps 300 MB. After that it
depends on what software you have running at the same time. Some
video cards also use system memory , if yours is one of these that amount
of memory must be available for it to run as well. The Browser cache should
be big enough to keep whatever you download say for example a 100 MB
rapidshare file unless you assign it to a folder on the hard disk other than
in the ramdisk. With 2 GB memory I am able to assign 1 GB , BUT DO NOT
TAKE THIS AS AN EXAMPLE , you may end up unable to boot into windows
and unless you know how to undo this you will be sunk. A very reasonable
figure is anything under 500 MB but only if you really want to have on hand
everything you browse online. Anyway it will all be gone when you reboot.
The browser just as other software is only an attachment to the operating
system which is what actually reads and writes to the hard disk, that's
why it's called a disk operating system :)

The question of how to configure the settings are covered in the post above
http://www.facialforum.net/showpost....53&postcount=3

But the following may be easier to do . This applies to WinXP

Copy and Paste the following BLUE text between the horizontal lines into a notepad .txt file
and name it RAMDISK then change the extension from .txt to .reg

__________________________________

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Session Manager\Environment]
"TEMP"="B:\\Temp"
"TMP"="B:\\Temp"

[HKEY_CURRENT_USER\Environment]
"TEMP"="B:\\Temp"
"TMP"="B:\\Temp"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\Shell Folders]
"Cache"="B:\\Temporary Internet Files"
"Cookies"="B:\\Cookies"
"History"="B:\\History"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\User Shell Folders]
"Cache"="B:\\Temporary Internet Files"
"Cookies"="B:\\Cookies"
"History"="B:\\History"

[HKEY_USERS\.DEFAULT\Environment]
"TEMP"="B:\\Temp"
"TMP"="B:\\Temp"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run]
"CREATETMP"="M:\\WINDOWS\\System32\\CREATETMP. bat"

_______________________________________

Double-click this RAMDISK.REG file to merge it into the registry.
The keys in the RAMDISK.REG file provide the following functionality:

Session Manager\Environment
- Sets the System TEMP and TMP environment variables to drive B:

HKEY_CURRENT_USER\Environment
- Sets the current user TEMP and TMP environment variables to drive B:

Both HKCU Shell Folders
- Sets the current user Temporary Internet Files to drive B:

HKU\.DEFAULT keys
- Sets the default user TEMP, TMP and Temporary Internet Files to drive B:

The last entry HKLM\Software\Microsoft\WINDOWS\CurrentVersion\Run
Invokes the CREATETMP.bat in the %system32% Folder

You must now create the CREATETMP.bat file.
Copy and paste the following BLUE text between the horizontal lines into a notepad .txt file and name it CREATETMP
then change the extension from .txt to .bat , place this in the Windows system32 folder.

_____________________________________

@ECHO OFF
MD B:\Temp
TEMP = B:\Temp
TMP = B:\Temp

_____________________________________

Below is a screenshot of my B:\ , ramdisk

* note you can create a shortcut to the hidden .Dat files by right clicking inside B:\ , and select " new shortcut "
paste the following text into the dialog box that appears , B:\Temporary Internet Files\Content.IE5
Now copy this to a folder outside of the ramdisk and enter this location and drive letter into the .bat file above
as follows:
Enter your drive letter and folder path locating this link in place of " L: " shown below.

COPY L:\Content.IE5.lnk B:\

Listing this entry in the CREATETMP.bat above copies the Content.IE5 shortcut from the other folder at boot.

.
07-14-2008, 11:24 AM
elgrego

Interesting stuff this. Certainly food for thought :)
07-14-2008, 08:48 PM
nutritionshake

couldn't you avoid all that?

moral of the story is: use firefox?