Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


3+gb for an empty directory?

  • This topic is locked This topic is locked
4 replies to this topic

#1 ZT-repairseek


  • Members
  • 177 posts
  • Local time:06:04 AM

Posted 07 December 2008 - 10:44 PM

I've used ATF cleaner. I've run chkdsk. I'm currently staring at an empty Temporary Internet Files directory that's taking up 3.33gb and wondering just what the heck's going on. I need suggestions, folks, 'cause this one's a bit screwy for me to figure out with only my own guesses.

edit: I MIGHT have had some sneaky and insidious malware lurking about. running the full battery of checks now; if things are still screwy later, we will know it's smoking some pretty messed up stuff.

Edited by ZT-repairseek, 08 December 2008 - 12:54 AM.

BC AdBot (Login to Remove)


#2 scissorhands7


  • Banned
  • 110 posts
  • Local time:05:04 AM

Posted 08 December 2008 - 01:01 AM

Are you viewing the hidden files and operating files as well?

#3 ZT-repairseek

  • Topic Starter

  • Members
  • 177 posts
  • Local time:06:04 AM

Posted 13 December 2008 - 09:11 PM


at any rate, the problem seems to be back. and this time, although I haven't tried in safe mode yet, MBAM and SuperAntiSpyware are coming up clean, so once I get done running some checks I'm going to be putting up an HJT log and others in the appropriate section. I clean the temp internet files directory out regularly, so something's up.
looking at autoruns a moment ago (safe mode, mostly unused permanent admin account), I noticed SHDOCVW.DLL having a lot more entries than I remember it having; maybe something latched into it too. granted, my memory might be off on that one.

edit: this crap is cute. if I log into the other user account I can find a "content.IE5" thing in the temp internet files section of the account I use normally, which upon deletion gave back those gigabytes. now, I have "display hidden/system files" turned on so I should see it. then again, on the other account I can't see all the cookies that are kept in that directory. also can't see the "content.IE5" in the other accounts temp internet files area when I'm on that account.

I'm going to try to adjust where stuff gets stashed, but I'm still going to put up comboscan/HLJ logs in the appropriate section. this is because, and I'm going to repeat it in that post, I'm showed 4.41gb free now on drive C when in safe mode, but 4.16gb on drive C when in normal mode. whether this part is the result of a recent adjustment I made to the virtual memory minimum, I'm not sure. this descrepency MAY be a result of differing amounts of virtual memory used between normal and safe modes, however I do not know this for certain; my level of knowledge isn't totally up to knowing that in advance.

Edited by ZT-repairseek, 13 December 2008 - 11:37 PM.

#4 suebaby41


    W.A.M. (Women Against Malware)

  • Malware Response Team
  • 6,248 posts
  • Gender:Female
  • Location:South Carolina, USA
  • Local time:06:04 AM

Posted 21 December 2008 - 04:05 PM

Has a thread open in Malware Removal.

Edited by suebaby41, 21 December 2008 - 04:06 PM.

You don't stop laughing when you get old; you get old when you stop laughing.
A Member of U-N-I-T-E (Unified Network of Instructors and Trained Eliminators)
Malware Removal University Masters Graduate

Posted Image
Join The Fight Against Malware
No reply within 5 days will result in your topic being closed. If you need more time, please let me know by posting in this topic so that your topic will not be closed.

#5 usasma


    Still visually handicapped (avatar is memory developed by my Dad

  • BSOD Kernel Dump Expert
  • 25,091 posts
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:06:04 AM

Posted 21 December 2008 - 04:13 PM

As you currently have a HiJackThis log being worked by our HJT Team, you'll have to take all directions from them until the system is certified clean. Due to this, this topic is closed.
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users