Loading ...
Sorry, an error occurred while loading the content.

Re: [NTO] Malware?

Expand Messages
  • Martin Webster
    Ed Brown [EB], wrote: EB I am not sure what is happening. My hard drive fills up for no reason. I EB have read about some malware that causes that to happen.
    Message 1 of 12 , Oct 20, 2004
    • 0 Attachment
      Ed Brown [EB], wrote:

      EB> I am not sure what is happening. My hard drive fills up for no reason. I
      EB> have read about some malware that causes that to happen. My antivirus
      EB> found nothing. I used two other antivirus programs and they found
      EB> nothing. Yet every day I get a message saying you have zero megabytes on
      EB> your hard drive, remove 200 -300 megabytes of old programs from your
      EB> hard drive. The first time I did that. But that did not stop it from
      EB> filling up again and I have added nothing - no programs, apps, - to the
      EB> hard drive. Do you have any suggestions as to what to look for?
      EB> Ed

      How large is you Windows partition/C:\ drive? And how much free space
      do you have? It sounds like you are running very close to your
      drive/partition capacity and that's why you're running low on space.

      In the mean time, here are a few things you can try...

      - Run C:\WINDOWS\system32\cleanmgr.exe (Disk Cleanup)
      - Reduce IE cache to something sensible (same goes for other
      browsers)
      - Uninstall any rarely/never used programs


      --
      .\\artin | ICQ 15893823

      "I must follow them. I am their leader!" ANDREW BONAR LAW
    • Ed Brown
      Jason, I did run Lavasoft Adware daily until I started using WinPatrol the free version and Adware never finds anything anymore. Really like that little
      Message 2 of 12 , Oct 20, 2004
      • 0 Attachment
        Jason,
        I did run Lavasoft Adware daily until I started using WinPatrol the free
        version and Adware never finds anything anymore. Really like that
        little Scotty dog. He sniffs out all that stuff and then I remove the
        cookies every hour or so while on the Internet. Nothing is found by
        Adware anymore, I just ran it. I have a 18.6 gig hard drive
        (useable-actually it is a twenty gig) and I am using 14.2 gig and have a
        free space of 4.4 gig. I have system restore disabled because it is a
        bandwidth hog. But as I was search through my temp files, I found a
        backup file. I do not back things up so when I deleted it, I received a
        message that said this file is too large for the Recycle Bin to you want
        to keep it or delete it for good. I said delete it for good. Perhaps my
        backup has been automatically backing up to that file.
        Ed

        Jason Wellband wrote:
        > :
        > >
        > Ed,
        >
        > Have you run AdAware and/or Spybot S&D? Thos would find obvious things
        > - otherwise you'll just have to find what files are taking up all that
        > space. I use a program called SequoiaView that shows your files
        > graphically and you can immediately pick out the big ones.
        >
        > HTH
        >
        > Jason
        >
        >
        > *Yahoo! Groups Sponsor*
        > ADVERTISEMENT
        > click here
        > <http://us.ard.yahoo.com/SIG=1292ead0c/M=295196.4901138.6071305.3001176/D=groups/S=1705007389:HM/EXP=1098375165/A=2128215/R=0/SIG=10se96mf6/*http://companion.yahoo.com>
        >
        >
        > ------------------------------------------------------------------------
        > *Yahoo! Groups Links*
        >
        > * To visit your group on the web, go to:
        > http://groups.yahoo.com/group/ntb-OffTopic/
        >
        > * To unsubscribe from this group, send an email to:
        > ntb-OffTopic-unsubscribe@yahoogroups.com
        > <mailto:ntb-OffTopic-unsubscribe@yahoogroups.com?subject=Unsubscribe>
        >
        > * Your use of Yahoo! Groups is subject to the Yahoo! Terms of
        > Service <http://docs.yahoo.com/info/terms/>.
        >
        >
      • Ed Brown
        Martin, see my reply to Jason. Have already done everything and my cache is empty. I never, well almost never ever use anything but Mozilla FireFox any more.
        Message 3 of 12 , Oct 20, 2004
        • 0 Attachment
          Martin,
          see my reply to Jason. Have already done everything and my cache is
          empty. I never, well almost never ever use anything but Mozilla FireFox
          any more. It is a great little browser and not a bandwidth hog like IE.
          I have to keep IE to occasionally download things from HP and Microsoft
          patches.
          Ed

          Martin Webster wrote:

          >
          >
          > Ed Brown [EB], wrote:
          >
          > EB> I am not sure what is happening. My hard drive fills up for no reason. I
          > EB> have read about some malware that causes that to happen. My antivirus
          > EB> found nothing. I used two other antivirus programs and they found
          > EB> nothing. Yet every day I get a message saying you have zero megabytes on
          > EB> your hard drive, remove 200 -300 megabytes of old programs from your
          > EB> hard drive. The first time I did that. But that did not stop it from
          > EB> filling up again and I have added nothing - no programs, apps, - to the
          > EB> hard drive. Do you have any suggestions as to what to look for?
          > EB> Ed
          >
          > How large is you Windows partition/C:\ drive? And how much free space
          > do you have? It sounds like you are running very close to your
          > drive/partition capacity and that's why you're running low on space.
          >
          > In the mean time, here are a few things you can try...
          >
          > - Run C:\WINDOWS\system32\cleanmgr.exe (Disk Cleanup)
          > - Reduce IE cache to something sensible (same goes for other
          > browsers)
          > - Uninstall any rarely/never used programs
          >
          >
          > --
          > .\\artin | ICQ 15893823
          >
          > "I must follow them. I am their leader!" ANDREW BONAR LAW
          >
          >
          >
          >
          >
          > *Yahoo! Groups Sponsor*
          > ADVERTISEMENT
          > click here
          > <http://us.ard.yahoo.com/SIG=1290t6qrh/M=315388.5497957.6576270.3001176/D=groups/S=1705007389:HM/EXP=1098376277/A=2372354/R=0/SIG=12id813k2/*https://www.orchardbank.com/hcs/hcsapplication?pf=PLApply&media=EMYHNL40F21004SS>
          >
          >
          > ------------------------------------------------------------------------
          > *Yahoo! Groups Links*
          >
          > * To visit your group on the web, go to:
          > http://groups.yahoo.com/group/ntb-OffTopic/
          >
          > * To unsubscribe from this group, send an email to:
          > ntb-OffTopic-unsubscribe@yahoogroups.com
          > <mailto:ntb-OffTopic-unsubscribe@yahoogroups.com?subject=Unsubscribe>
          >
          > * Your use of Yahoo! Groups is subject to the Yahoo! Terms of
          > Service <http://docs.yahoo.com/info/terms/>.
          >
          >
        • Mordechai
          Hello Ed, You can try this (carefully please): By default, Windows XP creates a restore point after installing Windows XP, once every 10 hours that Windows XP
          Message 4 of 12 , Oct 20, 2004
          • 0 Attachment
            Hello Ed,

            You can try this (carefully please):

            By default, Windows XP creates a restore point after installing Windows XP,
            once every 10 hours that Windows XP is running, or every 24 hours. It also
            creates a restore point when you install a new program, or install an update
            to Windows XP. And you can manually create restore points at any time.
            You can end up with a number of restore point files, which can be large. It
            can cumulate up to 650 MB (mainly on the system partition).

            So how do you clean them out? First, MAKE SURE YOUR SYSTEM IS STABLE!. There
            will be a brief period when you won't have a restore point.

            To clear existing restore points

            1.. Click Start, click All Programs, click Accessories, click System
            Tools, and then click System Restore settings.
            2.. Click to add a check mark beside Turn off System Restore on all
            Drives, and click Apply.
            3.. When you are warned that all existing Restore Points will be deleted,
            click Yes to continue.
            All system restore points are deleted. Now you should manually create a
            restore point.

            1.. Click Start, click All Programs, click Accessories, click System
            Tools, and then click System Restore.
            2.. Click Create a Restore Point, and then click Next.
            3.. Name your restore point. (such as "After Restore Point Deletion.")
            4.. GOOD LUCK!
            Mordechai
            airflow@...

            ----- Original Message -----
            From: "Ed Brown" <ebrown1927@...>
            To: <ntb-OffTopic@yahoogroups.com>
            Sent: Wednesday, October 20, 2004 5:26 PM
            Subject: Re: [NTO] Malware?


            >
            > I forgot to say that I am using win XP pro.
            > ed
            >
            > Ed Brown wrote:
            > > Hi everyone,
            > > I am not sure what is happening. My hard drive fills up for no reason. I
            > > have read about some malware that causes that to happen. My antivirus
            > > found nothing. I used two other antivirus programs and they found
            > > nothing. Yet every day I get a message saying you have zero megabytes on
            > > your hard drive, remove 200 -300 megabytes of old programs from your
            > > hard drive. The first time I did that. But that did not stop it from
            > > filling up again and I have added nothing - no programs, apps, - to the
            > > hard drive. Do you have any suggestions as to what to look for?
            > > Ed
            > >
            > > *Yahoo! Groups Sponsor*
            > > ADVERTISEMENT
            > > click here
            > >
            <http://us.ard.yahoo.com/SIG=129rkorga/M=315388.5500238.6578046.3001176/D=gr
            oups/S=1705007389:HM/EXP=1098371080/A=2372354/R=0/SIG=12id813k2/*https://www
            .orchardbank.com/hcs/hcsapplication?pf=PLApply&media=EMYHNL40F21004SS>
            > >
            > >
            > > ------------------------------------------------------------------------
            > > *Yahoo! Groups Links*
            > >
            > > * To visit your group on the web, go to:
            > > http://groups.yahoo.com/group/ntb-OffTopic/
            > >
            > > * To unsubscribe from this group, send an email to:
            > > ntb-OffTopic-unsubscribe@yahoogroups.com
            > >
            <mailto:ntb-OffTopic-unsubscribe@yahoogroups.com?subject=Unsubscribe>
            > >
            > > * Your use of Yahoo! Groups is subject to the Yahoo! Terms of
            > > Service <http://docs.yahoo.com/info/terms/>.
            > >
            > >
            >
            >
            >
            >
            > Yahoo! Groups Links
            >
            >
            >
            >
            >
            >
            >
          • Alec Burgess
            Ed: If it really is some malware creating files on the fly I can think of two programs that *might* help you track it down: Ava Find Home Page
            Message 5 of 12 , Oct 20, 2004
            • 0 Attachment
              Ed: If it really is some malware creating files on the fly I can think of
              two programs that *might* help you track it down:

              Ava Find Home Page http://www.think-less-do-more.com/avafind/
              FileMon http://www.sysinternals.com/ntw2k/source/filemon.shtml

              AvaFind has a ScoutBot feature that will show all files recently created.
              FileMon (free) can be used with filtering to track all file accesses - it
              can be used to track all file CREATES.

              It does sound pretty unlikely though ....

              Regards ... Alec
              --


              ---- Original Message ----
              From: "Ed Brown" <ebrown1927@...>
              To: <ntb-OffTopic@yahoogroups.com>
              Sent: Wednesday, October 20, 2004 18:24
              Subject: [gla: Re: [NTO] Malware?
            • Martin Webster
              Ed Brown [EB], wrote: EB See my reply to Jason. Have already done everything and my cache is EB empty. I never, well almost never ever use anything but
              Message 6 of 12 , Oct 21, 2004
              • 0 Attachment
                Ed Brown [EB], wrote:

                EB> See my reply to Jason. Have already done everything and my cache is
                EB> empty. I never, well almost never ever use anything but Mozilla FireFox
                EB> any more. It is a great little browser and not a bandwidth hog like IE.
                EB> I have to keep IE to occasionally download things from HP and Microsoft
                EB> patches.

                Did you run Disk Cleanup? I know you said you found a large file in
                your temp folder but it's well worth using a cleanup utility to track
                down unwanted files etc.

                I still think it's unlikely you have some rogue application filling up
                your drive... I think it's more likely that Windows is complaining
                because it doesn't have enough space. Since the problem isn't being
                rectified properly it continues to alert you.

                So a couple more ideas... run chkdsk and defrag your hard drive. Also,
                like you I don't use System Restore. However, if you did use it once
                you may find the service hasn't freed up disk space even though it's
                turned off (I'm guessing here.) You could try re-enabling it, reducing
                the space utilised to minimum, and then turn it off again. Finally,
                have a look to see if there are lots of chk files or if you have some
                applications that generate log or tmp files.


                --
                .\\artin | ICQ 15893823

                "Change is certain. Progress is not." E H CARR
              • hsavage
                ... Martin, Ed, I can vouch that System Restore does delete the files in that folder when disabled, I ve done it several times, and, since it is no longer
                Message 7 of 12 , Oct 21, 2004
                • 0 Attachment
                  Martin Webster wrote:
                  >
                  > Ed Brown [EB], wrote:
                  >
                  >> See my reply to Jason. Have already done everything and my cache is
                  >> empty.
                  >
                  > Did you run Disk Cleanup?
                  >
                  > I still think it's unlikely you have some rogue application filling up
                  > your drive...
                  >
                  > So a couple more ideas... run chkdsk and defrag your hard drive. Also,
                  > like you I don't use System Restore. However, if you did use it once
                  > you may find the service hasn't freed up disk space even though it's
                  > turned off (I'm guessing here.)

                  Martin, Ed,

                  I can vouch that System Restore does delete the files in that folder
                  when disabled, I've done it several times, and, since it is no longer
                  active it shouldn't be restricting use of any space allocated for System
                  Restore use.

                  hrs
                • Ed Brown
                  Thanks for you suggestions as you can see below I am using them. Ed ... Yep did that one too. ... Me too, I think somehow I must have did a back up of several
                  Message 8 of 12 , Oct 21, 2004
                  • 0 Attachment
                    Thanks for you suggestions as you can see below I am using them.
                    Ed

                    Martin Webster wrote:
                    >

                    >
                    > Did you run Disk Cleanup? I know you said you found a large file in
                    > your temp folder but it's well worth using a cleanup utility to track
                    > down unwanted files etc.
                    Yep did that one too.
                    >
                    > I still think it's unlikely you have some rogue application filling up
                    > your drive... I think it's more likely that Windows is complaining
                    > because it doesn't have enough space. Since the problem isn't being
                    > rectified properly it continues to alert you.
                    Me too, I think somehow I must have did a back up of several large
                    programs and put them in the temp file and never transferred them to the
                    other disk. After I dumped it every things seems normal for now.
                    >
                    > So a couple more ideas... run chkdsk and defrag your hard drive. Also,
                    I did those also.
                    > like you I don't use System Restore. However, if you did use it once
                    > you may find the service hasn't freed up disk space even though it's
                    > turned off (I'm guessing here.)
                    Very good possiblity for the time I did use it I turned it to the
                    minimum disk space that it would use.

                    You could try re-enabling it, reducing
                    > the space utilised to minimum, and then turn it off again. Finally,
                    > have a look to see if there are lots of chk files or if you have some
                    > applications that generate log or tmp files.

                    OK I will re-enable and make sure it is still at the minimum and will
                    check the chk files and I dumped all the temp files.

                    > --
                    > .\\artin | ICQ 15893823
                    >
                    > "Change is certain. Progress is not." E H CARR
                    >
                    >
                    > *Yahoo! Groups Sponsor*
                    > ADVERTISEMENT
                    > click here
                    > <http://us.ard.yahoo.com/SIG=1296gqo7l/M=295196.4901138.6071305.3001176/D=groups/S=1705007389:HM/EXP=1098464165/A=2128215/R=0/SIG=10se96mf6/*http://companion.yahoo.com>
                    >
                    >
                    > ------------------------------------------------------------------------
                    > *Yahoo! Groups Links*
                    >
                    > * To visit your group on the web, go to:
                    > http://groups.yahoo.com/group/ntb-OffTopic/
                    >
                    > * To unsubscribe from this group, send an email to:
                    > ntb-OffTopic-unsubscribe@yahoogroups.com
                    > <mailto:ntb-OffTopic-unsubscribe@yahoogroups.com?subject=Unsubscribe>
                    >
                    > * Your use of Yahoo! Groups is subject to the Yahoo! Terms of
                    > Service <http://docs.yahoo.com/info/terms/>.
                    >
                    >
                  • Ed Brown
                    Thanks, will make sure although I know you are correct. Ed
                    Message 9 of 12 , Oct 21, 2004
                    • 0 Attachment
                      Thanks, will make sure although I know you are correct.
                      Ed

                      hsavage wrote:

                      > Martin Webster wrote:
                      > >
                      > > Ed Brown [EB], wrote:
                      > >
                      > >> See my reply to Jason. Have already done everything and my cache is
                      > >> empty.
                      > >
                      > > Did you run Disk Cleanup?
                      > >
                      > > I still think it's unlikely you have some rogue application filling up
                      > > your drive...
                      > >
                      > > So a couple more ideas... run chkdsk and defrag your hard drive. Also,
                      > > like you I don't use System Restore. However, if you did use it once
                      > > you may find the service hasn't freed up disk space even though it's
                      > > turned off (I'm guessing here.)
                      >
                      > Martin, Ed,
                      >
                      > I can vouch that System Restore does delete the files in that folder
                      > when disabled, I've done it several times, and, since it is no longer
                      > active it shouldn't be restricting use of any space allocated for System
                      > Restore use.
                      >
                      > hrs
                      >
                      >
                      > *Yahoo! Groups Sponsor*
                      > ADVERTISEMENT
                      > click here
                      > <http://us.ard.yahoo.com/SIG=129l1l2r5/M=294855.5468653.6549235.3001176/D=groups/S=1705007389:HM/EXP=1098467836/A=2376776/R=0/SIG=11ldm1jvc/*http://promotions.yahoo.com/ydomains2004/index.html>
                      >
                      >
                      > ------------------------------------------------------------------------
                      > *Yahoo! Groups Links*
                      >
                      > * To visit your group on the web, go to:
                      > http://groups.yahoo.com/group/ntb-OffTopic/
                      >
                      > * To unsubscribe from this group, send an email to:
                      > ntb-OffTopic-unsubscribe@yahoogroups.com
                      > <mailto:ntb-OffTopic-unsubscribe@yahoogroups.com?subject=Unsubscribe>
                      >
                      > * Your use of Yahoo! Groups is subject to the Yahoo! Terms of
                      > Service <http://docs.yahoo.com/info/terms/>.
                      >
                      >
                    Your message has been successfully submitted and would be delivered to recipients shortly.