Is it just me or...

[Robert Collinson]

Hey there, I work for the IT department of a busy UK
port. On running the symantec anti virus program, I
noticed on some machines it was taking over an hour to do
what is a generally a 15 minute task. On further
investigation I found that there were a lot of TXT files
in the tempory internet files area. So, as you would, I
preceeded to run the delete tempory internet files option
in Internet Options. This got rid of all VISIBLE un-needed
tempory internet files. So i ran the virus check again.
Same problem it was taking over an hour to complete. So i
went directly into the temp int files section for this
particular user. Still, i found nothing out of the
ordinary, until i specified using settings in the virus
checker which directories to check. I then found that, in
the virus checking software, it was showing a directory
(and sub directories) that was not visible (even after
specifying that i want to see all hidden and system files)
to me in 'my computer' when investigating this particular
users temp int files directory. After atleast half an
hour of clicking options i gave up and tried to physically
type the name of the directory in the my computer search
bar. LO-AND-BEHOLD i was then able to see the directory
and all its sub directories. this is how i accessed the
directory...

I navigated to:-

C:\documents and settings\[main users username]\local
settings\tempory internet files\CONTENT.IE5

the last bit of the directory name is the invisible bit
(ie content.ie5) try it on your comp, it existed on my
comp also.

In the case of the users comp i was investigating, the
size of this content.ie5 directory was 'unlimited' and was
unaffected by the delete tempory internet files option in
internet options. Now is this an inbuilt feature of
windows or is it a previously undiscovered exploit that is
being exploited on mass??

I also noticed that on the sending of the files to the
recycle bin, there were around 40 viruses found within them

any more info then please dont hold back get in touch!!!

 

[Alan Price]

I believe that your problem was that you were not logged
on as that specific user. Windows most liekly made those
files hidden at the system level. If you try to navigate
to Content.IE5 through clicking on the various folders,
you should be able to see it in your name, but nobody
else's. To remedy this, try clicking Tools on the menu
bar, then Folder Options. On the View tab, scoll down a
little and uncheck "Hide protected operating system
files". You should be able to see Content.IE5. BE
CAREFUL! Unchecking this box will allow you to see ALL
files on the hard drvie (except those in C:\System Volume
Information). If you accidentaly delete something
important, you could have a serious problem. Also, make
sure Symantec is not set to exclude any folders. Viruses
will sometimes be captured with the System Restore
sanpshot and then stored in C:\System Volume Information.
Symantec excludes this folder, but I recommend that you
make sure it is scanned to remove and viruses in hiding.
I hope this helps!

-----Original Message-----
Hey there, I work for the IT department of a busy UK
port. On running the symantec anti virus program, I
noticed on some machines it was taking over an hour to do
what is a generally a 15 minute task. On further
investigation I found that there were a lot of TXT files
in the tempory internet files area. So, as you would, I
preceeded to run the delete tempory internet files option
in Internet Options. This got rid of all VISIBLE un- needed
tempory internet files. So i ran the virus check again.
Same problem it was taking over an hour to complete. So i
went directly into the temp int files section for this
particular user. Still, i found nothing out of the
ordinary, until i specified using settings in the virus
checker which directories to check. I then found that, in
the virus checking software, it was showing a directory
(and sub directories) that was not visible (even after
specifying that i want to see all hidden and system files)
to me in 'my computer' when investigating this particular
users temp int files directory. After atleast half an
hour of clicking options i gave up and tried to physically
type the name of the directory in the my computer search
bar. LO-AND-BEHOLD i was then able to see the directory
and all its sub directories. this is how i accessed the
directory...

I navigated to:-

C:\documents and settings\[main users username]\local
settings\tempory internet files\CONTENT.IE5

the last bit of the directory name is the invisible bit
(ie content.ie5) try it on your comp, it existed on my
comp also.

In the case of the users comp i was investigating, the
size of this content.ie5 directory was 'unlimited' and was
unaffected by the delete tempory internet files option in
internet options. Now is this an inbuilt feature of
windows or is it a previously undiscovered exploit that is
being exploited on mass??

I also noticed that on the sending of the files to the
recycle bin, there were around 40 viruses found within them

any more info then please dont hold back get in touch!!!
.

 

[Star Fleet Admiral Q]

So, what's the question? All this rambling and sentence munging I
can't make heads nor tails of your post? Why are other users files
hidden? Why does Norton take so long? Why did Norton not scan other
users files? I think you get the point.

 

[Rudy]

I navigated to:-

C:\documents and settings\[main users username]\local
settings\tempory internet files\CONTENT.IE5

the last bit of the directory name is the invisible bit
(ie content.ie5) try it on your comp, it existed on my
comp also.

Its there on mine too (Win98SE). When I select tools/options Delete files
and delete cookies, it only goes as far as Temporary internet files..doesnt
recognize this CONTENT.IE5 (although I m running IE6) folder.

On a MS MVP s advice, I deleted all the folders and contents in this folder.
Well, once I ran MSIE for a while, it had re-created CONTENT.IE5 with 6
sub foolders and filled them up again. Over > 700 files/9 meg of stuff in a
few days. Deleted the whole bunch again, but it came back

R

 

[Rob Collinson]

no i was in the specific users my docs area and i know
also about the folder options... i have found out what the
content.ie5 folder is now but am still baffeled as to why
it is so hidden that you cannot see it even when you
display view all hidden and system files (its where
microsoft dump all files relating to history of sites
visited as apposed to just tempory internet files)

-----Original Message-----
I believe that your problem was that you were not logged
on as that specific user. Windows most liekly made those
files hidden at the system level. If you try to navigate
to Content.IE5 through clicking on the various folders,
you should be able to see it in your name, but nobody
else's. To remedy this, try clicking Tools on the menu
bar, then Folder Options. On the View tab, scoll down a
little and uncheck "Hide protected operating system
files". You should be able to see Content.IE5. BE
CAREFUL! Unchecking this box will allow you to see ALL
files on the hard drvie (except those in C:\System Volume
Information). If you accidentaly delete something
important, you could have a serious problem. Also, make
sure Symantec is not set to exclude any folders. Viruses
will sometimes be captured with the System Restore
sanpshot and then stored in C:\System Volume Information.
Symantec excludes this folder, but I recommend that you
make sure it is scanned to remove and viruses in hiding.
I hope this helps!

-----Original Message-----
Hey there, I work for the IT department of a busy UK
port. On running the symantec anti virus program, I
noticed on some machines it was taking over an hour to do
what is a generally a 15 minute task. On further
investigation I found that there were a lot of TXT files
in the tempory internet files area. So, as you would, I
preceeded to run the delete tempory internet files option
in Internet Options. This got rid of all VISIBLE un- needed
tempory internet files. So i ran the virus check again.
Same problem it was taking over an hour to complete. So i
went directly into the temp int files section for this
particular user. Still, i found nothing out of the
ordinary, until i specified using settings in the virus
checker which directories to check. I then found that, in
the virus checking software, it was showing a directory
(and sub directories) that was not visible (even after
specifying that i want to see all hidden and system files)
to me in 'my computer' when investigating this particular
users temp int files directory. After atleast half an
hour of clicking options i gave up and tried to physically
type the name of the directory in the my computer search
bar. LO-AND-BEHOLD i was then able to see the directory
and all its sub directories. this is how i accessed the
directory...

I navigated to:-

C:\documents and settings\[main users username]\local
settings\tempory internet files\CONTENT.IE5

the last bit of the directory name is the invisible bit
(ie content.ie5) try it on your comp, it existed on my
comp also.

In the case of the users comp i was investigating, the
size of this content.ie5 directory was 'unlimited' and was
unaffected by the delete tempory internet files option in
internet options. Now is this an inbuilt feature of
windows or is it a previously undiscovered exploit that is
being exploited on mass??

I also noticed that on the sending of the files to the
recycle bin, there were around 40 viruses found within them

any more info then please dont hold back get in touch!!!
.

.

 

[rob collinson]

o you are so unambivuous (yeah i know i spelt it wrong)
right the reason that the virus checker took so long is
because it was seeing the directory called content.ie5,
which contained a SHED LOAD of files. This Content.ie5
directory is invisible to the 'my computer' program even
when you show all hidden and system files. the only way
you can navigate to it is by typing it in to the search
bar. My quarm is that you seemingly cannot delete the
files contained within this directory by using the delete
tempory internet files option in internet options...even
though on the outside they look like they are tempory
internet files. My other quarm is that the virus checker
detected 40 + viruses contained in this directory which to
the naked eye doesnt exist. my final quarm was that the
directory seems to have no purpose and is suspiciously
hidden, however i now know that this directory is related
to the internet history option in internet explorer...its
like an archieve for tempory internet files but the
viruses trapped within it could potentially still be an
issue

-----Original Message-----
So, what's the question? All this rambling and sentence munging I
can't make heads nor tails of your post? Why are other users files
hidden? Why does Norton take so long? Why did Norton not scan other
users files? I think you get the point.

--

Star Fleet Admiral Q @ your service
--------------------------------------------------------

Hey there, I work for the IT department of a busy UK
port. On running the symantec anti virus program, I
noticed on some machines it was taking over an hour to do
what is a generally a 15 minute task. On further
investigation I found that there were a lot of TXT files
in the tempory internet files area. So, as you would, I
preceeded to run the delete tempory internet files option
in Internet Options. This got rid of all VISIBLE un- needed
tempory internet files. So i ran the virus check again.
Same problem it was taking over an hour to complete. So i
went directly into the temp int files section for this
particular user. Still, i found nothing out of the
ordinary, until i specified using settings in the virus
checker which directories to check. I then found that, in
the virus checking software, it was showing a directory
(and sub directories) that was not visible (even after
specifying that i want to see all hidden and system files)
to me in 'my computer' when investigating this particular
users temp int files directory. After atleast half an
hour of clicking options i gave up and tried to physically
type the name of the directory in the my computer search
bar. LO-AND-BEHOLD i was then able to see the directory
and all its sub directories. this is how i accessed the
directory...

I navigated to:-

C:\documents and settings\[main users username]\local
settings\tempory internet files\CONTENT.IE5

the last bit of the directory name is the invisible bit
(ie content.ie5) try it on your comp, it existed on my
comp also.

In the case of the users comp i was investigating, the
size of this content.ie5 directory was 'unlimited' and was
unaffected by the delete tempory internet files option in
internet options. Now is this an inbuilt feature of
windows or is it a previously undiscovered exploit that is
being exploited on mass??

I also noticed that on the sending of the files to the
recycle bin, there were around 40 viruses found within them

any more info then please dont hold back get in touch!!!

.

 

[Robert Collinson]

Hi guys,

Right i've been told that the content.ie5 directory is
like an archieve for tempory internet files. Basically
its where the internet explorer history option retrieves
its info from. However, it still doesnt explain how
whilst the data was in there symantec corporate 8 virus
checker did not find any viruses in it but as soon as they
were in the recycle bin, over 40 were found. And why the
hell is it not documented to tell the user what it is so
that we dont end up panicing when we find it a simple
undeletable text file would have done!!....also it scares
me as how many other directories such as this exist in the
windows system....it's totaly soo 1984 - big bro is
watching!!!