Feeds

Don't let Windows Indexing Service know too much

Keeping index files under control

  • alert
  • submit to reddit

Security for virtualized datacentres

Now you are rid of all your old index files. Those who wish to use the Indexing Service should re-enable it, and select the particular directories to be indexed.

1. Go to the Start menu and choose Run.

2. Type in services.msc and click OK. The Services dialogue will launch.

3. Right-click on the Indexing Service to bring up the Properties dialogue box, select "Automatic", and click Apply. Then click "Start" and exit the dialogue.

4. Go to My Computer ==> Hard Disk Drives ==> Local Disk (C:), and left-click.

5. Browse your filesystem and right-click on any directory you wish to index. Choose Properties, then click "Advanced" toward the bottom of the Properties dialogue box.

6. In the Advanced Attributes dialogue box, select the tick-box beside the option "For fast searching, allow Indexing Service to index this folder". Click OK, and you will be given the option to include that directory's subfolders and their files if you like. Repeat as needed.

This way, you can use the Indexing Service while preventing it from making duplicate data traces of directories that contain sensitive files.

One little irritant here is that if you use the Search Companion, with or without the Indexing Service, your search queries will be stored in the Windows Registry, under HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru. You can delete the contents within that key whenever you please, but you will find that there is no option to write-protect it, so your search terms will be stashed there, regardless of how you feel about it.

You can delete the entries manually from time to time using the Windows Registry Editor, or you can make a backup Registry just after purging data traces, and then restore that "clean" version whenever you like. But this is a real inconvenience, since every time you alter your system configuration or install software, you will have to make a new, clean Registry backup. The best option is simply to remain aware of this fact and take care when searching your computer for files with, let's say, "controversial" names.

Just what you've been searching for

Related to this are several important files, all named "index.dat", that you'll find in numerous locations. These are, essentially, mini-databases cataloguing the contents of directories related to your internet behaviour. Your search queries, cookies, web history, and several other peculiar items are recorded for posterity. Did you ever wonder how forensic examiners can tell that a person searched the web for "undetectable poisons", "dismembering a dead body at home", and "how to explain a spouse's sudden disappearance" a week before, well, a spouse's sudden disappearance? Index.dat.

You can delete the contents of the Internet Explorer directories, but you can't easily delete the index.dat files that record their contents. Oddly, Microsoft does not want you to play with these index files, so if you attempt to delete them, access will be denied, even to an Administrator. This is because they are "open", or in use, even when IE is not running.

To remove these tattletale files, you must restart in Safe Mode:

1. Reboot.

2. As the computer boots, but before Windows starts, press F8.

3. Use the arrow keys to highlight the Safe Mode option, then press Enter.

4. You will be able to search for the files in Safe Mode. Whether or not your wipe utility will work is another matter. If it does not, you can delete the files, restart Windows normally, then use your utility to wipe free space and file slack.

Secure remote control for conventional and virtual desktops

Next page: System Restore

More from The Register

next story
NASTY SSL 3.0 vuln to be revealed soon – sources (Update: It's POODLE)
So nasty no one's even whispering until patch is out
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
Microsoft pulls another dodgy patch
Redmond makes a hash of hashing add-on
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
Forget passwords, let's use SELFIES, says Obama's cyber tsar
Michael Daniel wants to kill passwords dead
FBI boss: We don't want a backdoor, we want the front door to phones
Claims it's what the Founding Fathers would have wanted – catching killers and pedos
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.