It’s one thing clearing your tracks, but make sure you clear out index.dat too

Readers who are sensitive to shocking content should stop reading now – the following screenshot contains text that might offend!

I am asked on a rather regular basis to “fix” laptops and desktop. Typically they’ve started running slower or have started to automatically run applications that perform untoward actions. “Internet Security 20xx”-type of applications seem to be more common; certainly the last 5-6 laptops that I’ve been asked to fix have had some variation installed. If you’re running good anti-virus software, you don’t need anything else. If you’re browsing the web and are suddenly told “your computer is infected, click here to fix it”…it’s probably a hoax.

Today, I was invited to deal with a blue screen of death on a friend’s laptop. On the surface, it looked like it was a driver issue stemming from Nero. However further inspection revealed a sordid history!

I use CCleaner as part of my regular Windows maintenance. It’s a great application that will remove unwanted files from your PC, without actually breaking it. Fewer files on your hard drive mean that anti-virus, malware scanners, etc. can run a little faster – they’ve got fewer files to scan.

By default, CCleaner will clear any temporary internet files left behind by your browser of choice. My friend was using Internet Explorer…whilst the temporary files had been cleaned up, the index.dat file had not. If you are using Windows 7, the index.dat file can be found here: C:\Users\<>\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 Essentially, it contains a list of the sites you’ve visited, even if you’ve cleared out your temporary internet files.

Upon inspection of the index.dat file, it was soon clear why the laptop was experiencing problems!

Busted. Next time, my friend will remember to check the index.dat box in CCleaner! I should note that this isn’t the most offensive list of sites that I’ve discovered whilst cleaning up a PC – I couldn’t bring myself to take a screenshot from that PC!

Further reading:

Browser history can help determine rebuild vs clean up, but can be revealing…
“It wasnae me” – browser history, real world example 2