C:\ windows\temporary internet files

Posted on 2006-11-29
Last Modified: 2013-12-29
In an attempt to solve another problem I deleted all the files in C:\ windows\temporary internet files. About 221 files went to the recycle bin. I shutdown a short time later. I have checked “empty temporary internet files when browser is shutdown”.
I found another in the same folder after I logged in about 4 hours later.
There were about 338 files this time. I can’t believe what I am seeing. I tried to paste the lists into Word so that I could send them along with this question, but couldn’t find a way to do it.
The long file names really have me concerned. Here’s the cache nameof one or the files: FUCWKCCQJLKLBNLJMNWQJGCXIMXQNNTPUHLKMIORYIPRMILEHLQNLJLFKEONXDWMJLEVOCFHGLY/
The only way I could copy it was to open it in a new window and it opened in the address bar of
I.E. Is this a cookie and could this be because I have a bunch of cookies sitting in a cookie bin waiting to be deleted when they arrive? Is it time to find a new cookie monster or isn't that the problem?
Please advise.
Question by:frankoravec
  • 3
  • 2
  • 2
  • +2
LVL 10

Expert Comment

ID: 18043542
The explorer view of the Temporary Internet Files folder is a bit distorted. The view is changed by a system routine. There is a hidden Desktop.ini file in it. The result is display of the IE cache with the cookies in it, while all cookies are physicaly in the C\WINDOWS\COOKIES folder. The files in the Temporary Internet Files folder are hidden that way, so you should not remove them with windows explorer.

If you want to play a bit with what the Windows Explorer does to the folder view, copy the Desktop.ini file to some other folder. You will see the browser cache in that folder as well, and all files in it will be hidden.

The way to deal with folders like that one is to do file operations from DOS prompt of from some non Windows Explorer file manager (a file manager not paying attention to Desktop.ini files).
LVL 92

Assisted Solution

nobus earned 50 total points
ID: 18043799
i certainly would run a scan for malware suggest to run ALL these, updated :
     adaware :
     Spybot :                                                               online scan for trojans                                   download                                check the log
LVL 21

Accepted Solution

jvuz earned 50 total points
ID: 18044257
Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

LVL 38

Expert Comment

ID: 18045557
In general, the text-based files that show as being left in the Temporary Internet Files folder after you use the Control Panel > Internet Options to delete files (then "all offline content") are insignificant in file size.

That cleanup option is intended to remove cached Flash files, Images, JavaScript files (*.js), Cascading Style Sheet files (*.css), and copies of the *.htm and *.html files that are all stored as a web page loads, and which allow the pages to load quickly from the cache when you click the "Back" button.  THOSE are the files that DO take up some significant space if allowed to build up there, and which can cause some problems with opening pages again if not deleted.

The CCleaner utility suggested by jvuz has an option in it to mark specific cookies to be retained while you delete all the temporary internet files and cookies (Options > Cookies > Cookies to Keep), plus a lot more.  If you have ever tried copying out cookies to another folder using Windows Explorer, deleting the ones left, and then copying the cookies back to their now empty folder, you will more than likely have discovered that it doesn't work as intended.  This is best left to a program like CCleaner.

NOTE:  UNTICK the option shown during setup to install the Yahoo Internet Explorer Toolbar - unless you particularly want it.

There are batch files that you can run just as Windows begins to load which allow you to delete temporary internet files and such without the restrictions that Windows then places on those folders which are regarded as special System Folders once Windows loads fully.

Fred Langa has written some batch files for this purpose:

I don't really advise using these UNLESS you have some very specific problems where you need to delete everything for a clean start, or if you REALLY know what you are doing.  Some of the batch files need to be modified to suit YOUR system, and he has been careful to include his disclaimer.

I don't like the sound of the temporary internet file name you have given, but there's one thing you should be aware of, and it is best served by giving an example.  Here's the "name" of one of the temporary internet files currently in my TIF folder:

If I Right-Click that file and select "Properties", I see that the actual "cache name" is "ratings[1].htm", and that it is a cached "HTML Document".

So clearly the name of the file as it shows in Windows Explorer is NOT the actual file name, and this becomes clear when you copy that file out to some other folder such as your desktop.  In this case, it copies out as the "cache name" (ratings[1].htm).

Copy the file that shows as:
out to your desktop or some other folder created temporarily for this purpose, and see what file name it copies out as.
Open it in Notepad (nothing else) and see what type of content it has.

There is something vaguely reminiscent about those first 5 characters, and I believe I heard someone on the street in a rough neighbourhood being called that just the other day ;-)

I thought at first that the name may be somehow have been derived from Microsoft CD-Keys.  Look at the following restructuring I did out of curiosity:
They don't contain any numbers though, so they aren't the standard format for any MS application CD-Keys that I know of.  I was being typically suspicious and wondering if some trojan had been extracting registration keys from your registry, but I'm a paranoid person.  It's most likely just a random name or some weird indexing used by a website.

I would definitely scan the system for viruses and Spyware though, just to be sure.

Author Comment

ID: 18055143
I have  few questions after running CCleaner.

1. I still have 4 files in the C:\Windows\Temporary Internet Files Folder: ipC244, ipC245, ip250 and ip252 . I can't delete them because "Access is denied". Also there was a msdownload.tmp folder.
What's the significance of that?

2. By doing a System Tools Disk Cleanup I found 14+MB of "old scandisk files in the root folder? What should I do with that?

LVL 92

Expert Comment

ID: 18055363
>>    I found 14+MB of "old scandisk files in the root folder   <<  chkdsk files ? delete them
if you want to delete those other files, use killbox : 
LVL 38

Expert Comment

ID: 18058995
The significance of the "access denied" message when trying to delete any file tends to indicate that it is actively being created, written to, or otherwise used by a program or process.  Usually such files can be deleted from within full DOS, because the application or process that is using the files will not yet have started.

Can you COPY the files out to another folder?

That's about the only way you'll be able to try and open them in Notepad and see if the contents reflect anything about what created the files, or what is being logged in them.  My guess is something like a Firewall or AntiVirus program that is active.

You might be able to identify what program is using the files by disabling all non essential startup programs (with MSCONFIG), deleting the files, and then re-enabling them one at a time (reboot in between each) until they are created and made inaccessible again.

Author Comment

ID: 18064344
I’ve been running lavasoft for some time now and, to my knowledge, it never got rid of any temporary internet files. After I deleted the ones as described in the question, I found 1329 more files in the temporary Internet Files folder this morning.
That all, despite having selected and checked the  “Empty temporary internet files when browser is closed” option. That, after shutting down and re-starting several times.
Any thoughts on that?
LVL 92

Expert Comment

ID: 18066843
did you run the scans i suggested ?

Featured Post

Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
In this article, I will show you HOW TO: Install VMware Tools for Windows on a VMware Windows virtual machine on a VMware vSphere Hypervisor 6.5 (ESXi 6.5) Host Server, using the VMware Host Client. The virtual machine has Windows Server 2016 instal…
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question