C:\ windows\temporary internet files

In an attempt to solve another problem I deleted all the files in C:\ windows\temporary internet files. About 221 files went to the recycle bin. I shutdown a short time later. I have checked “empty temporary internet files when browser is shutdown”.
I found another in the same folder after I logged in about 4 hours later.
There were about 338 files this time. I can’t believe what I am seeing. I tried to paste the lists into Word so that I could send them along with this question, but couldn’t find a way to do it.
The long file names really have me concerned. Here’s the cache nameof one or the files: FUCWKCCQJLKLBNLJMNWQJGCXIMXQNNTPUHLKMIORYIPRMILEHLQNLJLFKEONXDWMJLEVOCFHGLY/
The only way I could copy it was to open it in a new window and it opened in the address bar of
I.E. Is this a cookie and could this be because I have a bunch of cookies sitting in a cookie bin waiting to be deleted when they arrive? Is it time to find a new cookie monster or isn't that the problem?
Please advise.
Who is Participating?
The explorer view of the Temporary Internet Files folder is a bit distorted. The view is changed by a system routine. There is a hidden Desktop.ini file in it. The result is display of the IE cache with the cookies in it, while all cookies are physicaly in the C\WINDOWS\COOKIES folder. The files in the Temporary Internet Files folder are hidden that way, so you should not remove them with windows explorer.

If you want to play a bit with what the Windows Explorer does to the folder view, copy the Desktop.ini file to some other folder. You will see the browser cache in that folder as well, and all files in it will be hidden.

The way to deal with folders like that one is to do file operations from DOS prompt of from some non Windows Explorer file manager (a file manager not paying attention to Desktop.ini files).
i certainly would run a scan for malware suggest to run ALL these, updated :
     adaware :      http://www.lavasoftusa.com/
     Spybot :        http://www.download.com/3000-8022-10122137.html
http://housecall.trendmicro.com/                                                               online scan for trojans
http://www.spychecker.com/program/hijackthis.html                                   download
http://www.hijackthis.de/index.php?langselect=english                                check the log
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

In general, the text-based files that show as being left in the Temporary Internet Files folder after you use the Control Panel > Internet Options to delete files (then "all offline content") are insignificant in file size.

That cleanup option is intended to remove cached Flash files, Images, JavaScript files (*.js), Cascading Style Sheet files (*.css), and copies of the *.htm and *.html files that are all stored as a web page loads, and which allow the pages to load quickly from the cache when you click the "Back" button.  THOSE are the files that DO take up some significant space if allowed to build up there, and which can cause some problems with opening pages again if not deleted.

The CCleaner utility suggested by jvuz has an option in it to mark specific cookies to be retained while you delete all the temporary internet files and cookies (Options > Cookies > Cookies to Keep), plus a lot more.  If you have ever tried copying out cookies to another folder using Windows Explorer, deleting the ones left, and then copying the cookies back to their now empty folder, you will more than likely have discovered that it doesn't work as intended.  This is best left to a program like CCleaner.

NOTE:  UNTICK the option shown during setup to install the Yahoo Internet Explorer Toolbar - unless you particularly want it.

There are batch files that you can run just as Windows begins to load which allow you to delete temporary internet files and such without the restrictions that Windows then places on those folders which are regarded as special System Folders once Windows loads fully.

Fred Langa has written some batch files for this purpose:

I don't really advise using these UNLESS you have some very specific problems where you need to delete everything for a clean start, or if you REALLY know what you are doing.  Some of the batch files need to be modified to suit YOUR system, and he has been careful to include his disclaimer.

I don't like the sound of the temporary internet file name you have given, but there's one thing you should be aware of, and it is best served by giving an example.  Here's the "name" of one of the temporary internet files currently in my TIF folder:


If I Right-Click that file and select "Properties", I see that the actual "cache name" is "ratings[1].htm", and that it is a cached "HTML Document".

So clearly the name of the file as it shows in Windows Explorer is NOT the actual file name, and this becomes clear when you copy that file out to some other folder such as your desktop.  In this case, it copies out as the "cache name" (ratings[1].htm).

Copy the file that shows as:
out to your desktop or some other folder created temporarily for this purpose, and see what file name it copies out as.
Open it in Notepad (nothing else) and see what type of content it has.

There is something vaguely reminiscent about those first 5 characters, and I believe I heard someone on the street in a rough neighbourhood being called that just the other day ;-)

I thought at first that the name may be somehow have been derived from Microsoft CD-Keys.  Look at the following restructuring I did out of curiosity:
They don't contain any numbers though, so they aren't the standard format for any MS application CD-Keys that I know of.  I was being typically suspicious and wondering if some trojan had been extracting registration keys from your registry, but I'm a paranoid person.  It's most likely just a random name or some weird indexing used by a website.

I would definitely scan the system for viruses and Spyware though, just to be sure.
frankoravecAuthor Commented:
I have  few questions after running CCleaner.

1. I still have 4 files in the C:\Windows\Temporary Internet Files Folder: ipC244, ipC245, ip250 and ip252 . I can't delete them because "Access is denied". Also there was a msdownload.tmp folder.
What's the significance of that?

2. By doing a System Tools Disk Cleanup I found 14+MB of "old scandisk files in the root folder? What should I do with that?

>>    I found 14+MB of "old scandisk files in the root folder   <<  chkdsk files ? delete them
if you want to delete those other files, use killbox : www.bleepingcomputer.com/files/killbox.php 
The significance of the "access denied" message when trying to delete any file tends to indicate that it is actively being created, written to, or otherwise used by a program or process.  Usually such files can be deleted from within full DOS, because the application or process that is using the files will not yet have started.

Can you COPY the files out to another folder?

That's about the only way you'll be able to try and open them in Notepad and see if the contents reflect anything about what created the files, or what is being logged in them.  My guess is something like a Firewall or AntiVirus program that is active.

You might be able to identify what program is using the files by disabling all non essential startup programs (with MSCONFIG), deleting the files, and then re-enabling them one at a time (reboot in between each) until they are created and made inaccessible again.
frankoravecAuthor Commented:
I’ve been running lavasoft for some time now and, to my knowledge, it never got rid of any temporary internet files. After I deleted the ones as described in the question, I found 1329 more files in the temporary Internet Files folder this morning.
That all, despite having selected and checked the  “Empty temporary internet files when browser is closed” option. That, after shutting down and re-starting several times.
Any thoughts on that?
did you run the scans i suggested ?
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.