homepage Welcome to WebmasterWorld Guest from 54.198.148.191
register, free tools, login, search, subscribe, help, library, announcements, recent posts, open posts,
Subscribe to WebmasterWorld

Visit PubCon.com
Home / Forums Index / Hardware and OS Related Technologies / Website Technology Issues
Forum Library, Charter, Moderators: phranque

Website Technology Issues Forum

    
Beyond Cookies?
Strange HTM files in Windows\Temp
Robert Charlton




msg:671878
 7:06 am on Mar 20, 2001 (gmt 0)

While cleaning out TMP files in my Windows\Temp folder, I encountered a huge number of tri*.HTM files. Trying to open them crashes IE, with an "illegal operation" message... but, when looking at the contents in Lister (a text viewer), some show no text content, even though they're 1.2K or so. A bunch of them, though, show text in the following form:

{[AltaVista LookSmart Directory]}
Search the
AltaVista Directory
Your query:
etc

When I ran my cursor over the text to copy it for this message, I got a text flag at my cursor position, along with a little "e" IExplorer icon. For the above text, when the cursor is over the first line, the flag reads [ad.doubleclick.net...] etc until %2flooksmart.altavista.com --- Most, in fact, seem to be AV/LS related.

On another, the text is {[L90 adMonitor Ad]} -- and the url in the flag is [ads.admonitor.net...] etc.

I assume these are tracking files, but I'm stumped about why I can't open them and why I'm seeing a url at my cursor. Are they an attempt to get around cookie detection? Might this also be a way of tracking visits for popularity?

Anyone have an idea what they are and how I can keep them off my system?

 

DaveAtIFG




msg:671879
 7:50 am on Mar 22, 2001 (gmt 0)

Hey Robert, we're not ignoring you, honest! :) I'll "rally the troops," call everyone's attention to your question in the mods forum. No promises but hopefully someone will have a few ideas...

Robert Charlton




msg:671880
 8:31 am on Mar 22, 2001 (gmt 0)

Dave - Thanks. These things are fairly recent... I can say that. I've been cleaning out Windows\Temp for a long time, and this is the first time I've noticed these.

Brett_Tabke




msg:671881
 8:52 am on Mar 22, 2001 (gmt 0)

Must have installed some new software in the last few weeks? Sounds like spyware caching ads to temp.

engine




msg:671882
 8:53 am on Mar 22, 2001 (gmt 0)

Robert,
Take a look here [webmasterworld.com] which may be a possibility. Try this page, [privacyfoundation.org] and this page too. [users.rcn.com]

Could this be what it is?

henki




msg:671883
 9:17 am on Mar 22, 2001 (gmt 0)

You all remember the DC turmoil last year?

My guess is that they are up to something similar.

[websearch.about.com...]

grnidone




msg:671884
 1:26 pm on Mar 22, 2001 (gmt 0)

Henki,

how old is that article? There is no date on it.

-G

drbill




msg:671885
 1:50 pm on Mar 22, 2001 (gmt 0)

Grnidone,

That artical looks to be Feb 16, 2000 is the date Looks like a year old.. Correct me if I am wrong

DaveAtIFG




msg:671886
 6:03 pm on Mar 22, 2001 (gmt 0)

Robert - Your question got me doing some digging and I came up with AdAware at [lavasoft.de...]
It's a freeware Winders scanner and file/cookie manager that handles most of the known spyware. So far I like it! It won't keep the temp files off your disk but it will identify the ones you want to know about and delete...

Robert Charlton




msg:671887
 6:31 pm on Mar 22, 2001 (gmt 0)

Thanks for much interesting information... I've spent part of the morning following up. Since I've also been losing the last-read tags on these forums, I decided to purge all my cookies. Noticed that many of the recent ones contained a mediaplex.com ID inside them, with my name in the cookie name... so somehow I was being tracked.

>>Must have installed some new software in the last few weeks? Sounds like spyware caching ads to temp.<<

Two possibilities...

One, with great misgivings a couple of weeks ago I installed Shockwave, which I believe also installs Active-X. I'm not really sure where Active-X resides, etc... can't find much documentation about it. I remembered at the time that there had been, on my earlier versions of IE, an advanced option for disabling Active-X, but on IE4 I can't find it.

The other... at the same time I installed Shockwave (for a media project), I also needed to exchange a large file, and we decided on one of the free virtual hard drive sites (after trying several). As it turns out, these are email address gathering sites... so one of these??

I'm trying to find out how to detect whatever it is and disable it. The lavasoft site is looking interesting.

Thanks.

Robert Charlton




msg:671888
 8:27 pm on Mar 22, 2001 (gmt 0)

PS to the above... I downloaded AdAware and it's great. They also offer a real time monitoring version for $12, if you want that.

AdAware isn't really a cookie manager, though. It lets you scan your system and detect files that are implicated in privacy intrusion, based on an associated database. First scan caught one Windows\Temp file that I hadn't already deleted... but it didn't find any program file that would have introduced these.

Should I assume from this that Windows and/or IE Explorer makes us all vulnerable to whatever introduces these temp HTM files and there's nothing I can do but keep checking?... or should I assume that I simply haven't located whatever on my system is introducing these?

Another question, following up on the cleansing of my temp files and cookies... I assumed that the index.dat file in my Cookies folder would get rebuilt when I got rid of all my cookies. Not so... It still goes back to the first cookie I ever crunched, and it can't be deleted. I'm guessing its size has got to be slowing down something. Any thoughts on how to refresh this... and further thoughts on the HTM files?

Brett_Tabke




msg:671889
 1:04 pm on Mar 23, 2001 (gmt 0)

I would guess that if you didn't detect any known spyware on your system, that it must have been from a java or active X banner system you visited. That could have been anywhere.

Could see a url in them at all?

Robert Charlton




msg:671890
 6:22 pm on Mar 23, 2001 (gmt 0)

I've dumped the files in the housecleaning process, so mediaplex.com and the urls noted in my first post are the only ones I have noted.

>>it must have been from a java or active X banner system you visited<<

Is the medium security setting on the Internet Zone sufficient? I'm not sure I could be functioning on the web with the high security setting... but the thought of what Active-X can do has always made me nervous.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Hardware and OS Related Technologies / Website Technology Issues
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About
© Webmaster World 1996-2014 all rights reserved