Windows uses a file named INDEX.DAT primarily as a way to store metadata about files that Internet Explorer has downloaded and cached. I've usually discussed this file in terms of its occasionally getting corrupted and needing to be deleted (usually with a third-party utility) in order for IE to work properly.
Now let's discuss what details the file contains and how to examine them.
Programmer Steven Gould has written a handy utility called Index Dat Spy, which allows users to explore their system for INDEX.DAT files and examine the contents. This can be useful for administrators, since they'd be able to perform some limited forensics by inspecting the INDEX.DAT files for details about what the user has browsed through IE. It can also help programmers determine whether or not IE is behaving correctly when it encounters certain material (such as a site they've put together).
Once installed, the program can either open an INDEX.DAT file of the user's choosing, or scan the whole system for existing INDEX.DAT files. Note: The scan does not discriminate between INDEX.DAT files that are in the current user's profile or any others that it finds; it just looks for anything that fits the bill. The most common location for the currently logged-in user's IE INDEX.DAT file is either in %userprofile%\Cookies or %userprofile%\Local Settings\History\History.IE5\, which are typically hidden directories.
When you open a valid INDEX.DAT file, you'll get a list of the type of record entries in the file, the data in each entry, its size (typically 128 or 256 bytes), the modified/access dates and the cache directory or filename (if applicable). Every now and then you might come across a record marked "BAD FOOD" (it's actually a hex value, 0BADF00Dh—get it?). This is a record that was previously deleted, and has been overwritten with those values in a repeating sequence.
You can't edit the records in an INDEX.DAT file; that's something that should only typically be done by IE itself. But you can save a .CSV or plaintext file that contains a report of the data harvested, which can be useful for further analysis.
About the author: Serdar Yegulalp is editor of the Windows Power Users Newsletter, which is devoted to hints, tips, tricks, news and goodies for Windows NT, Windows 2000 and Windows XP users and administrators. He has more than 10 years of Windows experience under his belt, and contributes regularly to SearchWinComputing.com and SearchSQLServer.com.
More information on this topic:
- Tip: Readers' Choice: 15 admin tools you can't live without
- Topics: Windows Desktop Management
- RSS: Sign up for our RSS feed to receive expert advice every day.