Skip to main content

Notes towards an Open Source Java privacy/security/repair suite

Posted by n_alex on March 28, 2005 at 8:09 AM PST

Index.dat files are pernicious, unnecessary, and just plain frustrating. I never would have noticed them, but last week I wrote a simple maven script to flush out the standard virus and spyware habitats. I thought I would start with a very simple list:

C:/Documents and Settings/<username>/Local Settings/Temp
C:/Documents and Settings/<username>/Local Settings/Temporary Internet Files

I ran a couple of tests, tried out the script, and it worked as intended. Just to satisfy my curiosity, I rebooted the machine, and then navigated to C:/Documents and Settings//Local Settings/ Temporary Internet Files. What's this? The directory was full of cruft again.


I deleted the files, but here they are.


Maybe there's something wrong with how maven deletes files. I'll try manually removing them.

I deleted the files manually, then rebooted the machine again, navigated to the TIF directory, and the files had returned.


I deleted these files, but they still show up in the folder. Unreal.


Maybe these aren't really files.

I punched F3 and ran a file search for one of the files in the directory, but could not find it on the filesystem. I searched around some more, and found the Content.IE5 directory, navigated into it, and discovered the index.dat file. I opened it up in a text editor. Voila. "This must be the source of my trouble," I think. It contained everything which was appearing in my TIF folder.


Maybe the folder really is empty, but it appears otherwise.

I punched F3 again and ran a search for "Temporary Internet Files". I created a shortcut on my desktop to my TIF folder, and opened it.


I have two windows open, each with the same address, which is C:/Documents and Settings//Local Settings/Temporary Internet Files. One is empty, the other is full of files. Same directory, same address. Different contents.


The folders need to be refreshed.

I refreshed each folder, the results did not change.


Windows will lie to the user, and present a list of references to cached files in the TIF folder, if they navigate to the folder using the file system, and not a desktop shortcut or a command line. The erroneous representation is governed by the contents of an index.dat file.

Further research on the internet uncovered thousands of pages on the infamous index.dat file. I was completely revulsed. These files are bulletproof. Several hours of searching only uncovered one program, called "Complete Internet Cleanup" that would actually remove the contents of the file. But, it is not Open Source, so there's no chance of embedding it the desktop cleanup tool I'm working on. I checked SF.Net, googled for references to a Java tool that would wipe out index.dat files, all to no avail. I tried killing system processes, using the "Handle" tool from SysInternals to figure out which processes use the file, all to no avail. I know these files can be wiped clean, but I don't know that anyone's ever devised a way to do it in Java. If they have, please send them my way.

All I really need to do is wipe out the Temp directories and empty the Recycle Bin. Maven can do the first, but these damn index.bat files give the impression that all the files are still there, which is certain to infuriate users.

More notes on this as the process continues.

Related Topics >>