Helping people with computers... one answer at a time.

Internet Explorer uses index.dat as part of its operation. It is not spying on you or growing without bound!

I've known about the index.dat file for years and I have a utility to erase it. I was wondering what purpose does it really serve, other than spying on me? Does not using IE protect you from index.dat? If it never shrinks and I stop erasing it, wouldn't I run out of hard drive space?

In this excerpt from Answercast #42, I look at the fear that index.dat is spying on the computer user – not so. It is just a simple cache management file.

Index.dat spying?

So, I want to be very clear about this:

  • Index.dat has absolutely nothing to do with anybody spying on you.

Index.dat is nothing more than a way for Internet Explorer to use the browser cache more effectively. It's a way that allows Internet Explorer to locate specific files within the cache quickly.

  • In other words, it's a speed enhancement and nothing more.

You could delete it, if you like. It will get regenerated the next time you run Internet Explorer.

  • If you clear your browser cache, you're effectively clearing the contents of index.dat in Internet Explorer.

  • Not using Internet Explorer doesn't protect you from index.dat because there's nothing to be protected from.

  • Internet Explorer uses index.dat as part of its operation.

Index.dat size

Index.dat does not grow without bound. It will not fill up your hard drive.

It, and the contents of your browser cache, will pay attention to a setting in Internet Explorer that says essentially, "Don't let the browser cache get any bigger than this."

Now, index.dat relates indirectly to that in that it contains (or I believe it contains) a list of the number of files that are in your cache:

  • It could be 20,000 small files;

  • Or it could be two or three really big ones;

  • And index.dat probably sizes according to the number of files.

But that's it! It's not something that spies on you. It is nothing more than Internet Explorer trying to do its job as quickly and as efficiently as it possibly can.

Article C5678 - August 9, 2012 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

1 Comment
August 10, 2012 1:36 PM

This is not very far removed from:

"Does having windows in my house mean someone is spying on me? I have a utility to board them up after every time I look out of them."

Note that the questioner is concerned about "spying on me," not about the much more realistic likelihood of his box being silently added to a botnet.

I would suggest that most people are just not that interesting, and if you feel that you have stuff on your computer that is that interesting, you have bigger concerns than index.dat.

Get a router and a good a-v, and when the a-v tells you not to go to a site/open an attachment/execute a download, there is probably a very good reason for that — and even if there isn't, do you really need to go to that particular song-lyrics site/see that shirtless-celebrity picture/run that emoticon installer soooo badly that you are willing to take the risk?

I have been doing this stuff since 8-bit CP/M days (and before), and I have been bitten by a virus/trojan/malware exactly once: sircam got me many years ago because I just had to open an email attachment from a friend's address that had a subject line that sounded just like him. And although I scanned the attachment with two different a-v/malware scanners, it showed clean.

Unfortunately, he was among the very first victims of sircam, and the a-v/anti-malware updates to detect it were still hours from being released.

The irony is that a five-minute phone call would not only have kept me from opening the attachment, but would have alerted him to his infection as well.

That was my first and last instance of being "socially engineered."

And notice: like a vampire, sircam had to be "invited in."

My a-v has detected many hundreds (many thousands?) of pieces of malware in webpages and downloads since.

The one I use now won't let me open a true positive without my taking heroic measures, and warns me repeatedly not to open a heuristically dubious item.

"Fool me once, shame on you. Fool me twice, shame on me."

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to to ask your question.