Loading ...
Sorry, an error occurred while loading the content.

RE: [NTO] Malware?

Expand Messages
  • Jason Wellband
    ... antivirus ... Ed, Have you run AdAware and/or Spybot S&D? Thos would find obvious things - otherwise you ll just have to find what files are taking up all
    Message 1 of 12 , Oct 20, 2004
    • 0 Attachment
      : -----Original Message-----
      : Sent: Wednesday, October 20, 2004 11:05 AM
      :
      : Hi everyone,
      : I am not sure what is happening. My hard drive fills up for
      : no reason. I
      : have read about some malware that causes that to happen. My
      antivirus
      : found nothing. I used two other antivirus programs and they found
      : nothing. Yet every day I get a message saying you have zero
      : megabytes on
      : your hard drive, remove 200 -300 megabytes of old programs from your

      : hard drive. The first time I did that. But that did not stop it from

      : filling up again and I have added nothing - no programs,
      : apps, - to the
      : hard drive. Do you have any suggestions as to what to look for?
      : Ed
      :

      Ed,

      Have you run AdAware and/or Spybot S&D? Thos would find obvious things
      - otherwise you'll just have to find what files are taking up all that
      space. I use a program called SequoiaView that shows your files
      graphically and you can immediately pick out the big ones.

      HTH

      Jason
    • Martin Webster
      Ed Brown [EB], wrote: EB I am not sure what is happening. My hard drive fills up for no reason. I EB have read about some malware that causes that to happen.
      Message 2 of 12 , Oct 20, 2004
      • 0 Attachment
        Ed Brown [EB], wrote:

        EB> I am not sure what is happening. My hard drive fills up for no reason. I
        EB> have read about some malware that causes that to happen. My antivirus
        EB> found nothing. I used two other antivirus programs and they found
        EB> nothing. Yet every day I get a message saying you have zero megabytes on
        EB> your hard drive, remove 200 -300 megabytes of old programs from your
        EB> hard drive. The first time I did that. But that did not stop it from
        EB> filling up again and I have added nothing - no programs, apps, - to the
        EB> hard drive. Do you have any suggestions as to what to look for?
        EB> Ed

        How large is you Windows partition/C:\ drive? And how much free space
        do you have? It sounds like you are running very close to your
        drive/partition capacity and that's why you're running low on space.

        In the mean time, here are a few things you can try...

        - Run C:\WINDOWS\system32\cleanmgr.exe (Disk Cleanup)
        - Reduce IE cache to something sensible (same goes for other
        browsers)
        - Uninstall any rarely/never used programs


        --
        .\\artin | ICQ 15893823

        "I must follow them. I am their leader!" ANDREW BONAR LAW
      • Ed Brown
        Jason, I did run Lavasoft Adware daily until I started using WinPatrol the free version and Adware never finds anything anymore. Really like that little
        Message 3 of 12 , Oct 20, 2004
        • 0 Attachment
          Jason,
          I did run Lavasoft Adware daily until I started using WinPatrol the free
          version and Adware never finds anything anymore. Really like that
          little Scotty dog. He sniffs out all that stuff and then I remove the
          cookies every hour or so while on the Internet. Nothing is found by
          Adware anymore, I just ran it. I have a 18.6 gig hard drive
          (useable-actually it is a twenty gig) and I am using 14.2 gig and have a
          free space of 4.4 gig. I have system restore disabled because it is a
          bandwidth hog. But as I was search through my temp files, I found a
          backup file. I do not back things up so when I deleted it, I received a
          message that said this file is too large for the Recycle Bin to you want
          to keep it or delete it for good. I said delete it for good. Perhaps my
          backup has been automatically backing up to that file.
          Ed

          Jason Wellband wrote:
          > :
          > >
          > Ed,
          >
          > Have you run AdAware and/or Spybot S&D? Thos would find obvious things
          > - otherwise you'll just have to find what files are taking up all that
          > space. I use a program called SequoiaView that shows your files
          > graphically and you can immediately pick out the big ones.
          >
          > HTH
          >
          > Jason
          >
          >
          > *Yahoo! Groups Sponsor*
          > ADVERTISEMENT
          > click here
          > <http://us.ard.yahoo.com/SIG=1292ead0c/M=295196.4901138.6071305.3001176/D=groups/S=1705007389:HM/EXP=1098375165/A=2128215/R=0/SIG=10se96mf6/*http://companion.yahoo.com>
          >
          >
          > ------------------------------------------------------------------------
          > *Yahoo! Groups Links*
          >
          > * To visit your group on the web, go to:
          > http://groups.yahoo.com/group/ntb-OffTopic/
          >
          > * To unsubscribe from this group, send an email to:
          > ntb-OffTopic-unsubscribe@yahoogroups.com
          > <mailto:ntb-OffTopic-unsubscribe@yahoogroups.com?subject=Unsubscribe>
          >
          > * Your use of Yahoo! Groups is subject to the Yahoo! Terms of
          > Service <http://docs.yahoo.com/info/terms/>.
          >
          >
        • Ed Brown
          Martin, see my reply to Jason. Have already done everything and my cache is empty. I never, well almost never ever use anything but Mozilla FireFox any more.
          Message 4 of 12 , Oct 20, 2004
          • 0 Attachment
            Martin,
            see my reply to Jason. Have already done everything and my cache is
            empty. I never, well almost never ever use anything but Mozilla FireFox
            any more. It is a great little browser and not a bandwidth hog like IE.
            I have to keep IE to occasionally download things from HP and Microsoft
            patches.
            Ed

            Martin Webster wrote:

            >
            >
            > Ed Brown [EB], wrote:
            >
            > EB> I am not sure what is happening. My hard drive fills up for no reason. I
            > EB> have read about some malware that causes that to happen. My antivirus
            > EB> found nothing. I used two other antivirus programs and they found
            > EB> nothing. Yet every day I get a message saying you have zero megabytes on
            > EB> your hard drive, remove 200 -300 megabytes of old programs from your
            > EB> hard drive. The first time I did that. But that did not stop it from
            > EB> filling up again and I have added nothing - no programs, apps, - to the
            > EB> hard drive. Do you have any suggestions as to what to look for?
            > EB> Ed
            >
            > How large is you Windows partition/C:\ drive? And how much free space
            > do you have? It sounds like you are running very close to your
            > drive/partition capacity and that's why you're running low on space.
            >
            > In the mean time, here are a few things you can try...
            >
            > - Run C:\WINDOWS\system32\cleanmgr.exe (Disk Cleanup)
            > - Reduce IE cache to something sensible (same goes for other
            > browsers)
            > - Uninstall any rarely/never used programs
            >
            >
            > --
            > .\\artin | ICQ 15893823
            >
            > "I must follow them. I am their leader!" ANDREW BONAR LAW
            >
            >
            >
            >
            >
            > *Yahoo! Groups Sponsor*
            > ADVERTISEMENT
            > click here
            > <http://us.ard.yahoo.com/SIG=1290t6qrh/M=315388.5497957.6576270.3001176/D=groups/S=1705007389:HM/EXP=1098376277/A=2372354/R=0/SIG=12id813k2/*https://www.orchardbank.com/hcs/hcsapplication?pf=PLApply&media=EMYHNL40F21004SS>
            >
            >
            > ------------------------------------------------------------------------
            > *Yahoo! Groups Links*
            >
            > * To visit your group on the web, go to:
            > http://groups.yahoo.com/group/ntb-OffTopic/
            >
            > * To unsubscribe from this group, send an email to:
            > ntb-OffTopic-unsubscribe@yahoogroups.com
            > <mailto:ntb-OffTopic-unsubscribe@yahoogroups.com?subject=Unsubscribe>
            >
            > * Your use of Yahoo! Groups is subject to the Yahoo! Terms of
            > Service <http://docs.yahoo.com/info/terms/>.
            >
            >
          • Mordechai
            Hello Ed, You can try this (carefully please): By default, Windows XP creates a restore point after installing Windows XP, once every 10 hours that Windows XP
            Message 5 of 12 , Oct 20, 2004
            • 0 Attachment
              Hello Ed,

              You can try this (carefully please):

              By default, Windows XP creates a restore point after installing Windows XP,
              once every 10 hours that Windows XP is running, or every 24 hours. It also
              creates a restore point when you install a new program, or install an update
              to Windows XP. And you can manually create restore points at any time.
              You can end up with a number of restore point files, which can be large. It
              can cumulate up to 650 MB (mainly on the system partition).

              So how do you clean them out? First, MAKE SURE YOUR SYSTEM IS STABLE!. There
              will be a brief period when you won't have a restore point.

              To clear existing restore points

              1.. Click Start, click All Programs, click Accessories, click System
              Tools, and then click System Restore settings.
              2.. Click to add a check mark beside Turn off System Restore on all
              Drives, and click Apply.
              3.. When you are warned that all existing Restore Points will be deleted,
              click Yes to continue.
              All system restore points are deleted. Now you should manually create a
              restore point.

              1.. Click Start, click All Programs, click Accessories, click System
              Tools, and then click System Restore.
              2.. Click Create a Restore Point, and then click Next.
              3.. Name your restore point. (such as "After Restore Point Deletion.")
              4.. GOOD LUCK!
              Mordechai
              airflow@...

              ----- Original Message -----
              From: "Ed Brown" <ebrown1927@...>
              To: <ntb-OffTopic@yahoogroups.com>
              Sent: Wednesday, October 20, 2004 5:26 PM
              Subject: Re: [NTO] Malware?


              >
              > I forgot to say that I am using win XP pro.
              > ed
              >
              > Ed Brown wrote:
              > > Hi everyone,
              > > I am not sure what is happening. My hard drive fills up for no reason. I
              > > have read about some malware that causes that to happen. My antivirus
              > > found nothing. I used two other antivirus programs and they found
              > > nothing. Yet every day I get a message saying you have zero megabytes on
              > > your hard drive, remove 200 -300 megabytes of old programs from your
              > > hard drive. The first time I did that. But that did not stop it from
              > > filling up again and I have added nothing - no programs, apps, - to the
              > > hard drive. Do you have any suggestions as to what to look for?
              > > Ed
              > >
              > > *Yahoo! Groups Sponsor*
              > > ADVERTISEMENT
              > > click here
              > >
              <http://us.ard.yahoo.com/SIG=129rkorga/M=315388.5500238.6578046.3001176/D=gr
              oups/S=1705007389:HM/EXP=1098371080/A=2372354/R=0/SIG=12id813k2/*https://www
              .orchardbank.com/hcs/hcsapplication?pf=PLApply&media=EMYHNL40F21004SS>
              > >
              > >
              > > ------------------------------------------------------------------------
              > > *Yahoo! Groups Links*
              > >
              > > * To visit your group on the web, go to:
              > > http://groups.yahoo.com/group/ntb-OffTopic/
              > >
              > > * To unsubscribe from this group, send an email to:
              > > ntb-OffTopic-unsubscribe@yahoogroups.com
              > >
              <mailto:ntb-OffTopic-unsubscribe@yahoogroups.com?subject=Unsubscribe>
              > >
              > > * Your use of Yahoo! Groups is subject to the Yahoo! Terms of
              > > Service <http://docs.yahoo.com/info/terms/>.
              > >
              > >
              >
              >
              >
              >
              > Yahoo! Groups Links
              >
              >
              >
              >
              >
              >
              >
            • Alec Burgess
              Ed: If it really is some malware creating files on the fly I can think of two programs that *might* help you track it down: Ava Find Home Page
              Message 6 of 12 , Oct 20, 2004
              • 0 Attachment
                Ed: If it really is some malware creating files on the fly I can think of
                two programs that *might* help you track it down:

                Ava Find Home Page http://www.think-less-do-more.com/avafind/
                FileMon http://www.sysinternals.com/ntw2k/source/filemon.shtml

                AvaFind has a ScoutBot feature that will show all files recently created.
                FileMon (free) can be used with filtering to track all file accesses - it
                can be used to track all file CREATES.

                It does sound pretty unlikely though ....

                Regards ... Alec
                --


                ---- Original Message ----
                From: "Ed Brown" <ebrown1927@...>
                To: <ntb-OffTopic@yahoogroups.com>
                Sent: Wednesday, October 20, 2004 18:24
                Subject: [gla: Re: [NTO] Malware?
              • Martin Webster
                Ed Brown [EB], wrote: EB See my reply to Jason. Have already done everything and my cache is EB empty. I never, well almost never ever use anything but
                Message 7 of 12 , Oct 21, 2004
                • 0 Attachment
                  Ed Brown [EB], wrote:

                  EB> See my reply to Jason. Have already done everything and my cache is
                  EB> empty. I never, well almost never ever use anything but Mozilla FireFox
                  EB> any more. It is a great little browser and not a bandwidth hog like IE.
                  EB> I have to keep IE to occasionally download things from HP and Microsoft
                  EB> patches.

                  Did you run Disk Cleanup? I know you said you found a large file in
                  your temp folder but it's well worth using a cleanup utility to track
                  down unwanted files etc.

                  I still think it's unlikely you have some rogue application filling up
                  your drive... I think it's more likely that Windows is complaining
                  because it doesn't have enough space. Since the problem isn't being
                  rectified properly it continues to alert you.

                  So a couple more ideas... run chkdsk and defrag your hard drive. Also,
                  like you I don't use System Restore. However, if you did use it once
                  you may find the service hasn't freed up disk space even though it's
                  turned off (I'm guessing here.) You could try re-enabling it, reducing
                  the space utilised to minimum, and then turn it off again. Finally,
                  have a look to see if there are lots of chk files or if you have some
                  applications that generate log or tmp files.


                  --
                  .\\artin | ICQ 15893823

                  "Change is certain. Progress is not." E H CARR
                • hsavage
                  ... Martin, Ed, I can vouch that System Restore does delete the files in that folder when disabled, I ve done it several times, and, since it is no longer
                  Message 8 of 12 , Oct 21, 2004
                  • 0 Attachment
                    Martin Webster wrote:
                    >
                    > Ed Brown [EB], wrote:
                    >
                    >> See my reply to Jason. Have already done everything and my cache is
                    >> empty.
                    >
                    > Did you run Disk Cleanup?
                    >
                    > I still think it's unlikely you have some rogue application filling up
                    > your drive...
                    >
                    > So a couple more ideas... run chkdsk and defrag your hard drive. Also,
                    > like you I don't use System Restore. However, if you did use it once
                    > you may find the service hasn't freed up disk space even though it's
                    > turned off (I'm guessing here.)

                    Martin, Ed,

                    I can vouch that System Restore does delete the files in that folder
                    when disabled, I've done it several times, and, since it is no longer
                    active it shouldn't be restricting use of any space allocated for System
                    Restore use.

                    hrs
                  • Ed Brown
                    Thanks for you suggestions as you can see below I am using them. Ed ... Yep did that one too. ... Me too, I think somehow I must have did a back up of several
                    Message 9 of 12 , Oct 21, 2004
                    • 0 Attachment
                      Thanks for you suggestions as you can see below I am using them.
                      Ed

                      Martin Webster wrote:
                      >

                      >
                      > Did you run Disk Cleanup? I know you said you found a large file in
                      > your temp folder but it's well worth using a cleanup utility to track
                      > down unwanted files etc.
                      Yep did that one too.
                      >
                      > I still think it's unlikely you have some rogue application filling up
                      > your drive... I think it's more likely that Windows is complaining
                      > because it doesn't have enough space. Since the problem isn't being
                      > rectified properly it continues to alert you.
                      Me too, I think somehow I must have did a back up of several large
                      programs and put them in the temp file and never transferred them to the
                      other disk. After I dumped it every things seems normal for now.
                      >
                      > So a couple more ideas... run chkdsk and defrag your hard drive. Also,
                      I did those also.
                      > like you I don't use System Restore. However, if you did use it once
                      > you may find the service hasn't freed up disk space even though it's
                      > turned off (I'm guessing here.)
                      Very good possiblity for the time I did use it I turned it to the
                      minimum disk space that it would use.

                      You could try re-enabling it, reducing
                      > the space utilised to minimum, and then turn it off again. Finally,
                      > have a look to see if there are lots of chk files or if you have some
                      > applications that generate log or tmp files.

                      OK I will re-enable and make sure it is still at the minimum and will
                      check the chk files and I dumped all the temp files.

                      > --
                      > .\\artin | ICQ 15893823
                      >
                      > "Change is certain. Progress is not." E H CARR
                      >
                      >
                      > *Yahoo! Groups Sponsor*
                      > ADVERTISEMENT
                      > click here
                      > <http://us.ard.yahoo.com/SIG=1296gqo7l/M=295196.4901138.6071305.3001176/D=groups/S=1705007389:HM/EXP=1098464165/A=2128215/R=0/SIG=10se96mf6/*http://companion.yahoo.com>
                      >
                      >
                      > ------------------------------------------------------------------------
                      > *Yahoo! Groups Links*
                      >
                      > * To visit your group on the web, go to:
                      > http://groups.yahoo.com/group/ntb-OffTopic/
                      >
                      > * To unsubscribe from this group, send an email to:
                      > ntb-OffTopic-unsubscribe@yahoogroups.com
                      > <mailto:ntb-OffTopic-unsubscribe@yahoogroups.com?subject=Unsubscribe>
                      >
                      > * Your use of Yahoo! Groups is subject to the Yahoo! Terms of
                      > Service <http://docs.yahoo.com/info/terms/>.
                      >
                      >
                    • Ed Brown
                      Thanks, will make sure although I know you are correct. Ed
                      Message 10 of 12 , Oct 21, 2004
                      • 0 Attachment
                        Thanks, will make sure although I know you are correct.
                        Ed

                        hsavage wrote:

                        > Martin Webster wrote:
                        > >
                        > > Ed Brown [EB], wrote:
                        > >
                        > >> See my reply to Jason. Have already done everything and my cache is
                        > >> empty.
                        > >
                        > > Did you run Disk Cleanup?
                        > >
                        > > I still think it's unlikely you have some rogue application filling up
                        > > your drive...
                        > >
                        > > So a couple more ideas... run chkdsk and defrag your hard drive. Also,
                        > > like you I don't use System Restore. However, if you did use it once
                        > > you may find the service hasn't freed up disk space even though it's
                        > > turned off (I'm guessing here.)
                        >
                        > Martin, Ed,
                        >
                        > I can vouch that System Restore does delete the files in that folder
                        > when disabled, I've done it several times, and, since it is no longer
                        > active it shouldn't be restricting use of any space allocated for System
                        > Restore use.
                        >
                        > hrs
                        >
                        >
                        > *Yahoo! Groups Sponsor*
                        > ADVERTISEMENT
                        > click here
                        > <http://us.ard.yahoo.com/SIG=129l1l2r5/M=294855.5468653.6549235.3001176/D=groups/S=1705007389:HM/EXP=1098467836/A=2376776/R=0/SIG=11ldm1jvc/*http://promotions.yahoo.com/ydomains2004/index.html>
                        >
                        >
                        > ------------------------------------------------------------------------
                        > *Yahoo! Groups Links*
                        >
                        > * To visit your group on the web, go to:
                        > http://groups.yahoo.com/group/ntb-OffTopic/
                        >
                        > * To unsubscribe from this group, send an email to:
                        > ntb-OffTopic-unsubscribe@yahoogroups.com
                        > <mailto:ntb-OffTopic-unsubscribe@yahoogroups.com?subject=Unsubscribe>
                        >
                        > * Your use of Yahoo! Groups is subject to the Yahoo! Terms of
                        > Service <http://docs.yahoo.com/info/terms/>.
                        >
                        >
                      Your message has been successfully submitted and would be delivered to recipients shortly.