Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Kids running amok on a business machine


  • Please log in to reply
8 replies to this topic

#1 kawaisunn

kawaisunn

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:11 PM

Posted 06 May 2011 - 04:57 PM

My sister has a desktop that has irreplaceable (expensive) and legitimate licensed software for her land survey work. Her kids had unsupervised access to the internet for a time. While trying to print a document (that printed in mirror image?) I noticed her C: drive was 99% full. This was not expected, it is a decent size drive and last I checked it had about 30% free space. I uninstalled a large game and deleted some small files, but it did not make much of a dent. The list of programs in the uninstall software window has a huge 'blank' space in it. I tried to create a HJK log, but HJK would not execute, even under a newly-created user account. How should I proceed?

BC AdBot (Login to Remove)

 


#2 Eyesee

Eyesee

    Bleepin Teck Shop


  • BC Advisor
  • 3,545 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:In the middle of Kansas
  • Local time:12:11 AM

Posted 06 May 2011 - 05:53 PM

Hello and welcome to the forum!

Since this is a business system, that makes it her "bread and butter."
I would not let the kids use it at all and put a password on it.
Kids think computers are toys. They are not.
One wrong mouse click and everything could be gone.
Make sure that she backs up routinely.

I would go through the add/remove programs list & uninstall all games and unnecessary programs.
Then delete all restore points except the last one.
Then clear out the IE cache and temporary internet files.
See how much space is available then & let us know.

Theres a fix for the blank spaces in add/remove programs but I wont be able to look that up till morning.
Kellys-korner had it

We also want to operate on the assumption that the system is infected.
Thats a pretty safe bet. But we need to know available space after you clean out the unnecessary stuff.
In the beginning there was the command line.

#3 kawaisunn

kawaisunn
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:11 PM

Posted 06 May 2011 - 06:30 PM

Eyesee,

Preaching to the choir. Once this machine was down for the third time, I donated an old laptop to the family. They have not been using the desktop long enough that I am willing to go through this again. I think the lesson about lockdown is clear now, and I appreciate your help. I read that AutoCad might be responsible for the blank space, but cannot uninstall it because of licensing issues. Have hard drive space up to 5% free. Disconnected from the internet and was able to retrieve this HJT log. Again, thank you for your assistance.

Mod edit: HJT log removed from this topic and stored for future reference if needed.

kawaisunn,
I have removed your log as it cannot be analyzed in this forum. Only trained malware techs are allowed to interpret HJT logs and then only in our Malware logs forum. If Eyesee remocommends we move in that direction, I will place the replace the lkog and move the topic into that forum.

Thanks,
rigel - BC Moderator

Edited by rigel, 06 May 2011 - 06:57 PM.


#4 kawaisunn

kawaisunn
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:11 PM

Posted 06 May 2011 - 06:59 PM

Thank you, my bad.

#5 rigel

rigel

    FD-BC


  • Members
  • 12,944 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina - USA
  • Local time:01:11 AM

Posted 06 May 2011 - 07:14 PM

No.... it's okay :)

It is more for your protection. BC only allows known malware techs to analyze logs to make sure you receive the highest level of assistance. Eyesee should have you covered here - He is good... but don't tell him I said that :)

"In a world where you can be anything, be yourself." ~ unknown

"Fall in love with someone who deserves your heart. Not someone who plays with it. Will Smith


#6 hamluis

hamluis

    Moderator


  • Moderator
  • 56,131 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:12:11 AM

Posted 07 May 2011 - 07:45 AM

My suggestion would be to take a careful look at the current contents of the drive.

Move all video/music/graphic files which do not relate to the business...from the system.

WinDirStat - http://download.cnet.com/WinDirStat/3000-2248_4-10614593.html

Louis

Why does your title indicate that the system is infected?

Edited by hamluis, 07 May 2011 - 07:46 AM.


#7 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,690 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:10:11 PM

Posted 07 May 2011 - 11:40 AM

You may be interested in reading this article regarding the "huge hole" in add or remove programs.

Edited to correct link.

Edited by dc3, 07 May 2011 - 11:43 AM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#8 kawaisunn

kawaisunn
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:11 PM

Posted 07 May 2011 - 01:42 PM

Some indications of infection are extremely slow boot times (even before the hard drive filled up), browser re-direction & bogged or no internet, shut-down without warning, inability to open programs, and the hard drive becoming full of who-knows-what while the machine had been idling and connected to the internet. Disconnection from the internet restores some functionality. It is not possible to do 'simple' tasks on the computer (such as open programs or files)when it is connected.

#9 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,690 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:10:11 PM

Posted 07 May 2011 - 06:15 PM

It does sound like you may be infected. My suggestion for you would be to follow the instructions in This Guide starting at Step 6.

Once the proper logs are created, then make a NEW TOPIC and post it HERE Please include a description of your computer issues and what you have done to try to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

If you have any questions, please feel free to reply to this thread and ask.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users