All Things Microsoft > Microsoft Software
"Really Hidden Files"?
<IsraeliTerrorist>:
quote:I) A "really hidden" file/folder is one that cannot be seen in Windows Explorer after enabling it to view all files...
--- End quote ---
Could one give an example of such a file/folder?
quote:The UICLSID line cloaks the folder in both DOS and Explorer. The CLSID line disables the "FIND" utility from searching through the folder. (Additionally, it gives a folder the appearance of the "History" folder.)
--- End quote ---
How can the folder be cloaked yet have the appearance of the "'History' folder?"
System folders are quite visible in Windows Explorer and in DOS when the appropriate settings or methods are used. For example, in Windows Explorer (in Win Me) go to the "Tools" menu and click on "Folders options...". View the "View" tab and uncheck the option "Hide protected operating system files (Recommended)."
Additionally, in DOS one can also view such folders quite easily. Such information has seemingly been excluded from the featured article, however. At the command prompt, type:
dir c:\ /s /ads
...to view all system directories on the C drive. Alternatively, one can replace the "s" in "/ads" with an R or H to view read-only files or hidden files, respectively. The process can be repeated once inside a system directory by typing:
dir /s /ads
...where the "s" can be replaced as needed as well.
ChakanTGM:
Um, sorry, that will not work. The "really" hidden folders CANNOT be viewed under DOS without first patching command.com. (Going into the code and stop whatever mechinism is hiding the files.)
An example of such folders would be
C:\windows\tempor~1\content.ie5
and
C:\windows\history\history.ie5
Without knowing the names of these files, you will never find them. These files also have subdirectories in them, which makes them particularly interesting. Go take a look.
While you're at it, copy the index.dat file out of this folder and prepare to be astonished. I realize that not many people know about these folders. There isn't anything very *evil* about them, because I guess they do have some practical use. But just try and delete them, and watch them pop back up after you restart windows. When you're ready to know more go here:
http://crackice.cjb.net
My website will give you a little more insight into these folders.
{Oh, and you CAN find the content.ie5 folder using Explorer. The only problem is that it will look like the folder is empty. THAT IS A LIE!}
ChakanTGM:
Oh, I apoligize, the first DIR command you've listed doesn't work. The second one did if you first go into the parent folder where the secret directory is stored. This is still a bit misleading though.
Sorry. ;)
voidmain:
quote:Originally posted by ChakanTGM:
Um, sorry, that will not work. The "really" hidden folders CANNOT be viewed under DOS without first patching command.com. (Going into the code and stop whatever mechinism is hiding the files.)
An example of such folders would be
C:\windows\tempor~1\content.ie5
--- End quote ---
Without doing *any* research on this subject and rather than booting into Windows on my dual boot machine I just looked at the Windows partition from my Linux side. Under "/c/windows/Temp*/Content.IE5" I see directories that I believe are IE browser cache directories, similar to the cache directories you will find in Netscape or on a Squid proxy. I believe they are the files/directories you will see if you right click on the IE icon, then "properties", then "settings" then "view files". The index.dat file would be an index to these files and would be where the list you see in the IE settings come from (in Linux do a "strings index.dat | more" and compare). So they are special folders and files that are in my guess built for speed (hash DB etc). There is nothing wrong with this in my opinion, as much as I would like to find something to slam MS with. Nothing any of the other OSs aren't doing... e.g. /proc filesystem, "loop" devices etc...
If you can't find the files in the Win partition from the Linux side then they aren't really files at all. They are probably a data file that when viewed with a special program or driver may contain what can be displayed as files/directories through that driver/program.
For instance, take a CD ISO image file on a Linux hard drive. In that form it is just a file, an image of an ISO file system. Now if you mount that file using a "loop" device you can use it as a real filesystem and make it appear as part of your current filesystem.
Am I off on this, or do you have examples other than IE cache or history?
voidmain:
quote:Originally posted by ChakanTGM:
Oh, I apoligize, the first DIR command you've listed doesn't work. The second one did if you first go into the parent folder where the secret directory is stored. This is still a bit misleading though.
Sorry. ;)
--- End quote ---
And did you try looking at and changing the attributes of the directory/files using the "attrib" command? I'm taking another guess that these may have hidden/system attributes and that doing an "attrib | more" would see these directories, and if you did an "attrib -r -h -s tempor~1.ie5" you will be able to see it with a normal "dir" command and be able to cd into it.
This is not rocket science and not sinister.... I'll surely be happy to be wrong... let me know.
Navigation
[0] Message Index
[#] Next page
Go to full version