No. Enabling Windows Explorer to "show all files" does not show the files in mention. No. DOS does not list the files after receiving a proper directory listing from root. And yes. Microsoft intentionally disabled the "Find" utility from searching through one of the folders.

Oh, but that's not all.

Just from one of these files I would be able to tell you which web sites you previously visited, what types of things you search for in search engines, and probably gather your ethnicity, religion, and sexual preference. Needless to say one can build quite a profile on you from these files. It has the potential to expose and humiliate -- putting your marriage, friendship, and corporation at risk. Here's one good example of the forensic capabilities.

"I've been reading your article as I have a problem with an employee of mine. He has been using the work's PC for the internet and using it to chat and look at porn sites. He was then deleting the &@#&@#&@#&@#&@#&@#s and history in order to cover his tracks. A friend of mine pointed me in the direction of this site and your article. I have found it to be incredibly useful . . ."

-- Concerned Boss, 8/24/01

One more thing. They contain your browsing history at ALL times. Even after you have instructed Microsoft Internet Explorer to clear your history/cache. And so the saying goes, "seeing is believing."

To see for yourself simply do as you would normally do to clear your browsing history. Go to Internet Options under your Control Panel. Click on the [Clear History] and [Delete Files] buttons. (Make sure to include all offline &@#&@#&@#&@#&@#&@#&@#.)

So, has your browsing history been cleared? One would think so.

Skipping the to chase here. These are the names and locations of the "really hidden files":


c:\windows\history\history.ie5\index.dat
c:\windows\tempor~1\&@#&@#&@#&@#&@#&@#&@#.ie5\index.dat
If you have upgraded MSIE several times, they might have alternative names of mm256.dat and mm2048.dat, and may also be located here:


c:\windows\tempor~1\
c:\windows\history\
Not to mention the other alternative locations under:


c:\windows\profiles\%user%\...
c:\windows\application data\...
c:\windows\local settings\...
c:\windows\temp\...
c:\temp\...
(or as defined in your autoexec.bat.)

FYI, there are a couple other index.dat files that get hidden as well, but they are seemingly not very important. See if you can find them.

) Shut your computer down, and turn it back on. 2) While your computer is booting keep pressing the [F8] key until you are given an option screen.
3) Choose "Command Prompt Only" (This will take you to true DOS mode.) Windows ME users must use a boot disk to get into real DOS mode.
4) When your computer is done booting, you will have a C:\> followed by a blinking cursor. Type this in, hitting enter after each line. (Obviously, don't type the comments in parentheses.)



C:\WINDOWS\SMARTDRV (Loads smartdrive to speed things up.)
CD\
DELTREE/Y TEMP (This line removes temporary files.)
CD WINDOWS
DELTREE/Y &@#&@#&@#&@#&@#&@#S (This line removes &@#&@#&@#&@#&@#&@#s.)
DELTREE/Y TEMP (This removes temporary files.)
DELTREE/Y HISTORY (This line removes your browsing history.)
DELTREE/Y TEMPOR~1 (This line removes your internet cache.)

(If that last line doesn't work, then type this:)


CD\WINDOWS\APPLIC~1
DELTREE/Y TEMPOR~1

(If that didn't work, then type this:)


CD\WINDOWS\LOCALS~1
DELTREE/Y TEMPOR~1
(If this still does not work, and you are sure you are using MSIE 5.x, then please e-mail me. If you have profiles turned on, then it is likely located under \windows\profiles\%user%\, while older versions of MSIE keep them under \windows\&@#&@#&@#&@#&@#&@#&@#\.)
This last one will take a ridiculous amount of time to process. The reason it takes so incredibly long is because there is a ton of (semi-) useless cache stored on your HD.

5) Immediately stop using Microsoft Internet Explorer and go with any of the alternative browsers out there (e.g., Netscape 4.7x from netscape.com, Mozilla from mozilla.org, or Opera from opera.com).

FYI, Windows re-creates the index.dat files automatically when you reboot your machine, so don't be surprised when you see them again. They should at least be cleared of your browsing history.

This next section is intended for the savvy user.

The most important files to be paying attention to are your "index.dat" files. These are database files that reference your history, cache and &@#&@#&@#&@#&@#&@#s. The first thing you should know is that the index.dat files is that they don't exist in less you know they do. They second thing you should know about them is that some will *not* get cleared after deleting your history and cache.

The result: A log of your browsing history hidden away on your computer after you thought you cleared it.

To view these files, follow these steps:

In MSIE 5.x, you can skip this first step by opening MSIE and going to Tools > Internet Options > [Settings] > [View Files]. Now write down the names of your alphanumeric folders on a piece of paper. If you can't see any alphanumeric folders then start with step 1 here:

1) First, drop to a DOS box and type this at prompt (in all lower-case). It will bring up Windows Explorer under the correct directory.


c:\windows\explorer /e,c:\windows\tempor~1\&@#&@#&@#&@#&@#&@#&@#.ie5\
You see all those alphanumeric names listed under "&@#&@#&@#&@#&@#&@#&@#.ie5?" (left-hand side.) That's Microsoft's idea of making this project as hard as possible. Actually, these are your alphanumeric folders that was created to keep your cache. Write these names down on a piece of paper. (They should look something like this: 6YQ2G&@#&@#&@#, QRM7KL3F, U7YHQKI4, 7YMZ516U, etc.) If you click on any of the alphanumeric folders then nothing will be displayed. Not because there aren't any files here, but because Windows Explorer has lied to you. If you want to view the &@#&@#&@#&@#&@#&@#&@#s of these alphanumeric folders you will have to do so in DOS. (Actually, this is not always true. Sometimes Windows Explorer will display the &@#&@#&@#&@#&@#&@#&@#s of these folders -- but mostly it won't. I can't explain this.)

2) Then you must restart in MS-DOS mode. (Start > Shutdown > Restart in MS-DOS mode. ME users use a bootdisk.)

Note that you must restart to DOS because windows has locked down some of the files and they can only be accessed in real DOS mode.

3) Type this in at prompt:


CD\WINDOWS\TEMPOR~1\&@#&@#&@#&@#&@#&@#&@#.IE5
CD %alphanumeric%
(replace the "%alphanumeric%" with the first name that you just wrote down.)


DIR/P
The cache files you are now looking at are directly responsible for the mysterious erosion of HD space you may have been noticing. One thing particularly interesting is the ability to view some your old e-mail if you happen to have a Hotmail account. (Oddly, I've only been able to retreive Hotmail e-mail, and not e-mail from my other web-based e-mail accounts. Send me your experiences with this.) To see them for yourself you must first copy them into another directory and THEN open them with your browser. Don't ask me why this works.

A note about these files: These are your cache files that help speed up your internet browsing. It is quite normal to use this cache system, as every major browser does. On the other hand. It isn't normal for some cache files to be left behind after you have instructed your browser to erase it.

5) Type this in:


CD\WINDOWS\TEMPOR~1\&@#&@#&@#&@#&@#&@#&@#.IE5
EDIT /75 INDEX.DAT
You will be brought to a blue screen with a bunch of binary.

6) Press and hold the [Page Down] button until you start seeing lists of URLs. These are all the sites that you've ever visited as well as a brief description of each. You'll notice it records everything you've searched for in a search engine in plain text, in addition to the URL.

7) When you get done searching around you can go to File > Exit. If you don't have mouse support in DOS then use the [ALT] and arrow keys.

8) Next you'll probably want to erase these files by typing this:


C:\WINDOWS\SMARTDRV
CD\WINDOWS
DELTREE/Y TEMPOR~1
(replace "cd\windows" with the location of your TIF folder if different.)

This will take a seriously long time to process. Even with Smartdrive loaded.

9) Then check out the &@#&@#&@#&@#&@#&@#&@#s of your History folder by typing this:


CD\WINDOWS\HISTORY\HISTORY.IE5
EDIT /75 INDEX.DAT
You will be brought to a blue screen with more binary.

10) Press and hold the [Page Down] button until you start seeing lists of URLS again.

This is another database of the sites you've visited.

11) And if you're still with me, type this:


CD\WINDOWS\HISTORY
12) If you see any mmXXXX.dat files here then check them out (and delete them.) Then:


CD\WINDOWS\HISTORY\HISTORY.IE5
CD MSHIST~1
EDIT /75 INDEX.DAT
More URLs from your internet history. Note, there are probably other mshist~x folders here so you can repeat these steps for every occurence if you please.

13) By now, you'll probably want to type in this:


CD\WINDOWS
DELTREE/Y HISTORY

I know it is too long but thats to know what really does do the Microsoft and too see more , visit the

http://fuckmicrosoft.com/

well done & good jop

c ya

thx 4 these information ... keep on ;)