Now let's discuss what details the file contains and how to examine them.
Programmer Steven Gould has written a handy utility called
Once installed, the program can either open an INDEX.DAT file of the user's choosing, or scan the whole system for existing INDEX.DAT files. Note: The scan does not discriminate between INDEX.DAT files that are in the current user's profile or any others that it finds; it just looks for anything that fits the bill. The most common location for the currently logged-in user's IE INDEX.DAT file is either in %userprofile%\Cookies or %userprofile%\Local Settings\History\History.IE5\, which are typically hidden directories.
When you open a valid INDEX.DAT file, you'll get a list of the type of record entries in the file, the data in each entry, its size (typically 128 or 256 bytes), the modified/access dates and the cache directory or filename (if applicable). Every now and then you might come across a record marked "BAD FOOD" (it's actually a hex value, 0BADF00Dh—get it?). This is a record that was previously deleted, and has been overwritten with those values in a repeating sequence.
You can't edit the records in an INDEX.DAT file; that's something that should only typically be done by IE itself. But you can save a .CSV or plaintext file that contains a report of the data harvested, which can be useful for further analysis.
About the author: Serdar Yegulalp is editor of the Windows Power Users Newsletter, which is devoted to hints, tips, tricks, news and goodies for Windows NT, Windows 2000 and Windows XP users and administrators. He has more than 10 years of Windows experience under his belt, and contributes regularly to SearchWinComputing.com and SearchSQLServer.com.
More information on this topic:
- Tip: Readers' Choice: 15 admin tools you can't live without
- Topics: Windows Desktop Management
- RSS: Sign up for our RSS feed to receive expert advice every day.
This was first published in October 2006