Temporary Internet Files - Permissions (re KB 913768 navcancl erro

I could not work out how to get cacls to report the permissions for a folder
so I ran it on the index.dat file in the content.IE5 folder within the TIF
folder.

On the relocated folder (T:\Temporary Internet Files) the result was:
"index.dat Everyone:F"

On my other XP SP2 machine with the TIF folder in the default location and
which is not affected by the navcancl error, the result was:
"index.dat CPQ30672249671\Alan:F
NTAUTHORITY\SYSTEM:F
BUILTIN\Administrators:F"

("Alan" is the account username)

So the permissions are different, as Robert Aldwinckle had sepeculated.

Where do I go from here?

Having found a workaround for the navcancl error I think the permissions
issue was a red herring. I applied my workaround, moved the TIF folder from
its default location back to where I wanted it and permissions were
Everyone:F as before, although IE7 is now working.

"AlanB" wrote:

> I could not work out how to get cacls to report the permissions for a folder
> so I ran it on the index.dat file in the content.IE5 folder within the TIF
> folder.
>
> On the relocated folder (T:\Temporary Internet Files) the result was:
> "index.dat Everyone:F"
>
> On my other XP SP2 machine with the TIF folder in the default location and
> which is not affected by the navcancl error, the result was:
> "index.dat CPQ30672249671\Alan:F
> NTAUTHORITY\SYSTEM:F
> BUILTIN\Administrators:F"
>
> ("Alan" is the account username)
>
> So the permissions are different, as Robert Aldwinckle had sepeculated.
>
> Where do I go from here?

"AlanB" <> wrote in message
news:859EB8F9-FC2F-467D-A93A-...
>I could not work out how to get cacls to report the permissions for a folder
> so I ran it on the index.dat file in the content.IE5 folder within the TIF
> folder.


To get the permissions of the "current directory" enter:

cacls .

(Note the period; that represents the current directory.)


>
> On the relocated folder (T:\Temporary Internet Files) the result was:
> "index.dat Everyone:F"
>
> On my other XP SP2 machine with the TIF folder in the default location and
> which is not affected by the navcancl error, the result was:
> "index.dat CPQ30672249671\Alan:F
> NTAUTHORITY\SYSTEM:F
> BUILTIN\Administrators:F"
>
> ("Alan" is the account username)
>
> So the permissions are different, as Robert Aldwinckle had sepeculated.
>
> Where do I go from here?


Did you notice (in different threads) Jan Wagner's comments
about the permissions seen for the AntiPhishing subdirectory
and Ottmar Freudenberger's suggestion (today) to try deleting it?

BTW I think it could be a good idea to run ProcMon filtering
on iexplore.exe and highlighting AntiPhishing to see how
this idea might work... ; )

Also, does your solution survive reboot? <eg>
(Jan's problem with it.)


Good luck

Robert
---

"Robert Aldwinckle" <> schrieb:

> Did you notice (in different threads) Jan Wagner's comments
> about the permissions seen for the AntiPhishing subdirectory
> and Ottmar Freudenberger's suggestion (today) to try deleting it?

FWIW: Moving the folder for the Temporary Internet Files into another
folder deletes the AntiPhishing folder too. That may be the cause for
those relocating the TIF folder to it's default folder seems to have
worked. In short terms: Moving the Temporary Internet Files folder via
the "Internet Options -> General -> Browserhistory -> Move" option will
most likely fix the issue in any case.

Bye,
Freudi

P.S.:
I've noticed, that after moving the Temporary Internet Files folder
to the new location the folder "Temporary Internet Files" got renamed
to "Temporäre Internetdateien" on German languaged Windows XP SP2
versions. I don't know, whether the localization of the folder's name
is intendend or not.

My workaround of relocating the TIF folder (to its default location)
continues to be effective despite several reboots of the computer and despite
the fact that I moved the TIF folder back to another drive after I applied
the workaround. The method I used to move the TIF folder was via "Internet
Options -> General -> Browserhistory -> Move"

With Robert Aldwinckle's advice on how to apply cacls to a dirctory I see
that the relocated TIF folder has permissions EVERYONE:<OI><CI>F . This
differs from the permissions in the default location (on another machine) in
which case the user account, NTAUTHORITY\SYSTEM and BUILTIN\Administrators
are all listed with :F and :<OI><CI>F . I have no idea what this actually
means.

How do I recognise the AntiPhishing folder?

"Ottmar Freudenberger" wrote:

> "Robert Aldwinckle" <> schrieb:
>
> > Did you notice (in different threads) Jan Wagner's comments
> > about the permissions seen for the AntiPhishing subdirectory
> > and Ottmar Freudenberger's suggestion (today) to try deleting it?
>
> FWIW: Moving the folder for the Temporary Internet Files into another
> folder deletes the AntiPhishing folder too. That may be the cause for
> those relocating the TIF folder to it's default folder seems to have
> worked. In short terms: Moving the Temporary Internet Files folder via
> the "Internet Options -> General -> Browserhistory -> Move" option will
> most likely fix the issue in any case.
>
> Bye,
> Freudi
>
> P.S.:
> I've noticed, that after moving the Temporary Internet Files folder
> to the new location the folder "Temporary Internet Files" got renamed
> to "Temporäre Internetdateien" on German languaged Windows XP SP2
> versions. I don't know, whether the localization of the folder's name
> is intendend or not.
>
>

"AlanB" wrote:

> .....
> How do I recognise the AntiPhishing folder?

To clarify this remark, I have now discovered that AntiPhishing is a
subfolder of Temporary Internet Files BUT Windows hides all subfolders of the
TIF folder from the User Account the folder belongs to (even when you show
hidden files and don't hide operating system files).

You can view these subfolders in another User Account or via a CMD window.

"AlanB" <> wrote in message
news:E783F42E-79F3-4632-B54A-...
> "AlanB" wrote:
>
>> .....
>> How do I recognise the AntiPhishing folder?
>
> To clarify this remark, I have now discovered that AntiPhishing is a
> subfolder of Temporary Internet Files BUT Windows hides all subfolders of the
> TIF folder from the User Account the folder belongs to (even when you show
> hidden files and don't hide operating system files).
>
> You can view these subfolders in another User Account or via a CMD window.


Good work. So did you look at the permissions of that subdirectory too? ; )
and is the acccount which created it the same as the one that uses it?

FWIW I only have one account involved but the only permission
I have on the AntiPhishing subdirectory is :C (change aka write) for that
one account. I wonder if others who are having the problem see that one
account as the (admin) account which did the install, instead of the the account
which needs to use it? Etc.

Another thing you could look at is testing Freudi's idea about the versions
of shdocvw.dll shlwapi.dll and browseui.dll. The most useful detail would
be the source file version (not just the module version), e.g. to know whether
you have the base version, the latest GDR version or the latest QFE version
as documented in the TechNet security bulletin. You can get that using a
module's properties page but, if you have the XP Support Tools installed,
the simplest way would be in a cmd window under the System32 directory:

For example:

<cmd_output>
F:\WINDOWS\system32>for %m in (shdocvw shlwapi browseui) do filever %m.dll /v | find "FileVersion"

F:\WINDOWS\system32>filever shdocvw.dll /v | find "FileVersion"
FileVersion 6.00.2900.2987 (xpsp.060901-0211)

F:\WINDOWS\system32>filever shlwapi.dll /v | find "FileVersion"
FileVersion 6.00.2900.2995 (xpsp.060913-0019)

F:\WINDOWS\system32>filever browseui.dll /v | find "FileVersion"
FileVersion 6.00.2900.2995 (xpsp.060913-0019)
</cmd_output>

Hint: copy and right-click paste the above for loop for the least amount
of typing or copying and pasting for you. ; )

I just installed KB931768, so Freudi's right: we don't get the full cumulative
update--neither the GDR nor the QFE version. But perhaps it's only that
those are just the old GDR source compiled en masse and there were no
significant changes in the actual binary code? Etc.


Robert
---

"AlanB" <> schrieb:

> FWIW: Moving the folder for the Temporary Internet Files into another
> folder deletes the AntiPhishing folder too. That may be the cause for
> those relocating the TIF folder to it's default folder seems to have
> worked. In short terms: Moving the Temporary Internet Files folder via
> the "Internet Options -> General -> Browserhistory -> Move" option will
> most likely fix the issue in any case.

> My workaround of relocating the TIF folder (to its default location)
> continues to be effective despite several reboots of the computer and despite
> the fact that I moved the TIF folder back to another drive after I applied
> the workaround. The method I used to move the TIF folder was via "Internet
> Options -> General -> Browserhistory -> Move"

Okay, that results in a deleted "AntiPhising" folder anyway. And yes,
that's what's healing broken IE7 cache quirks effectively.

Bye,
Freudi

"Robert Aldwinckle" <> schrieb:

> I just installed KB931768, so Freudi's right: we don't get the full cumulative
> update--neither the GDR nor the QFE version.

Ehm, just to clearify that:
KB931768 for IE*7* does *not* include browseui.dll, shdocvw.dll and
shwapi.dll at all, while KB931768 for IE*6* for Windows XP SP2 updates
the DLLs mentioned above - on either GDR or QFE.

I can ensure, that at least one bug (occuring at least on German
languaged Windows XP SP2 versions) will be fixed with browseui.dll
version > 6.0.2900.30xx with IE7 installed:
Start Windows Explorer and choose a favorite via the Favorites
menu. With browseui.dll <= 6.0.2900.2995 you may see *two*
starting IE7 windows, while with a more actual version of browsui.dll
only one IE window will open.

Bye,
Freudi