# Reading contents of Index.dat folder in DOS



## beaglehound (Jul 15, 2003)

September 21, 2003

Hi everyone:

I'm using Windows '98. I recently read an article having to do with reading the contents of the index.dat file in MS-DOS. The article is quite long so I've only posted the relevant section below. I attempted to follow steps on my computer. I was doing fine until I got to step 6 which I've asterisked for you. I saw the blue screen with all the binary. But I saw no lists of URLs the author of the article describes. (By the way I can't get hold of who wrote the article but continue to try.) All I can see are thousands and thousands of repeating symbols. There are basically 3 symbols. One is a musical note. Another is the symbol for 'man' and the third is made up of 3 short horizontal lines, one above the other about 1cm in length. I hope I've created a good visual for you. This combination of symbols was repeated hundreds of thousands of times as you scrolled down the page using the arrow key. There is a menu of sorts at the top of the page. I'm able to navigate to the different buttons using my alt key and/or arrow keys but I have no luck. I'm still not able to read any of the material on the page. If anyone is familiar enough with DOS and has actually done what section 4.0 below describes I'd really like hearing from you. My 3 issues are:

1. Though the writer says to enter IE5, I'm using IE6 but it doesn't work so I entered IE5 anyway. I don't understand why it wouldn't work when I'm using IE6.
2. What must I do to change the screen so I can read it?
3. I also asterisked part of #8 below. I'm assuming TIF is referring to Temporary Internet Files. The author says to, "replace "cd\windows" with the location of your TIF folder if different". I'm not quite sure what the author is meaning.

Anyways, if anyone out there is comfortable working with DOS your help would really be appreciated. I would also like to suggest that if you're like me and enjoy experimenting to be very very careful.

Beagle

Here's the excerpt:

4.0. STEP-BY-STEP GUIDE THROUGH YOUR HIDDEN FILES 
This next section is intended for the savvy user. 
The most important files to be paying attention to are your "index.dat" files. These are database files that reference your history, cache and cookies. The first thing you should know is that the index.dat files is that they don't exist in less you know they do. They second thing you should know about them is that some will *not* get cleared after deleting your history and cache. 
The result: A log of your browsing history hidden away on your computer after you thought you cleared it. 
To view these files, follow these steps:

In MSIE 5.x, you can skip this first step by opening MSIE and going to Tools > Internet Options > [Settings] > [View Files]. Now write down the names of your alphanumeric folders on a piece of paper. If you can't see any alphanumeric folders then start with step 1 here:

1) First, drop to a DOS box and type this at prompt (in all lower-case). It will bring up Windows Explorer under the correct directory, c:\windows\explorer /e,c:\windows\tempor~\content.ie5\

You see all those alphanumeric names listed under "content.ie5?" (left-hand side.) That's Microsoft's idea of making this project as hard as possible. Actually, these are your alphanumeric folders that was created to keep your cache. Write these names down on a piece of paper. (They should look something like this: 6YQ2GSWF, QRM7KL3F, U7YHQKI4, 7YMZ516U, etc.) If you click on any of the alphanumeric folders then nothing will be displayed. Not because there aren't any files here, but because Windows Explorer has lied to you. If you want to view the contents of these alphanumeric folders you will have to do so in DOS. (Actually, this is not always true. Sometimes Windows Explorer will display the contents of these folders -- but mostly it won't. I can't explain this.)

2) Then you must restart in MS-DOS mode. (Start > Shutdown > Restart in MS-DOS mode. ME users use a bootdisk.) 
Note that you must restart to DOS because windows has locked down some of the files and they can only be accessed in real DOS mode.

3) Type this in at prompt:

CD\WINDOWS\TEMPOR~1\CONTENT.IE5

CD %alphanumeric%
(replace the "%alphanumeric%" with the first name that you just wrote down.)

DIR/P

4) The cache files you are now looking at are directly responsible for the mysterious erosion of HD space you may have been noticing. One thing particularly interesting is the ability to view some your old e-mail if you happen to have a Hotmail account. (Oddly, I've only been able to retreive Hotmail e-mail, and not e-mail from my other web-based e-mail accounts. Send me your experiences with this.) To see them for yourself you must first copy them into another directory and THEN open them with your browser. Don't ask me why this works. 
A note about these files: These are your cache files that help speed up your internet browsing. It is quite normal to use this cache system, as every major browser does. On the other hand. It isn't normal for some cache files to be left behind after you have instructed your browser to erase it.

5) Type this in:

CD\WINDOWS\TEMPOR~1\CONTENT.IE5
EDIT /75 INDEX.DAT
You will be brought to a blue screen with a bunch of binary.

*6) Press and hold the [Page Down] button until you start seeing lists of URLs. These are all the sites that you've ever visited as well as a brief description of each. You'll notice it records everything you've searched for in a search engine in plain text, in addition to the URL.

7) When you get done searching around you can go to File > Exit. If you don't have mouse support in DOS then use the [ALT] and arrow keys.

8) Next you'll probably want to erase these files by typing this:

C:\WINDOWS\SMARTDRV

CD\WINDOWS

DELTREE/Y TEMPOR~1
*(replace "cd\windows" with the location of your TIF folder if different.) 
This will take a seriously long time to process. Even with Smartdrive loaded.


----------



## codejockey (Feb 11, 2002)

I suspect you don't need to do anything except the final step (deltree tempor~1\content.ie5). This will remove everything in the content.ie5 tree, including the index.dat files. I routinely do this on the systems I maintain. I use a much-abbreviated method, however:

boot to DOS (real DOS, not a DOS box under Windoze)
cd c:\windows\tempor~1
smartdrv /X
deltree content.ie5

That's it -- cache cleared, index.dat files removed, etc. The author is correct about the time required though. Depending on how much is in your cache, the deltree command could take some time to complete (and in general, having smartdrv loaded is a liability for this type of operation, which is why I use the smardrv /X command to disable write-behind caching on all drives).

Note that the ie5 is part of the directory name (content.ie5); the directory name has nothing to do with the browser version you are using. Since there was no directory on your system named content.ie6, you couldn't enter it.

Unless you are curious, you don't have to read the contents of the index.dat file. As an alternative method, you might try the following command to look at some of the URLs that are contained there:

boot to DOS (a real DOS, not a DOS box under Windoze)
cd c:\windows\tempor~1\content.ie5
edit index.dat
use the pageup/pagedown and arrow keys to scroll through the file
when ready to exit, use ALT-F (should bring down a File menu) 
select the exit option from the file menu

The location of your TIF (temporary internet files, as you suspected) would only be different from c:\windows if you had installed Windoze in a different directory (for example, c:\win -- in that case, your temporary internet files would be in c:\win\tempor~1 instead of c:\windows\tempor~1). Virtually everyone installs Windoze in c:\windows, however.

Hope this helps.


----------



## beaglehound (Jul 15, 2003)

Thanks for the help Codejockey. I really needed some of this explained to me. I'll give it a try.

Beagle


----------



## beaglehound (Jul 15, 2003)

Thanks for the help Codejocky.

Beagle.


----------



## codejockey (Feb 11, 2002)

You're more than welcome -- glad I could help out. Feel free to post again if you run into problems -- DOS is rapidly becomming a lost art ...

In case you were wondering, the directory content.ie5 is automatically created by Windows, so you don't have to worry if you remove the directory and everything below it.

-codejockey


----------

