Questions

huge folders/ files consume h/d...what are they?

+
0 Votes
Locked

huge folders/ files consume h/d...what are they?

yellow911
Acer l/top 7220 series. 160g h/d. i have 2 huge folders (look like maybe sys. files?) now consuming over 90% of h/drive. (win xp pro o.s.) Have deleted all patch b/ups, past restore points, virus vaults, etc., but no major change. folders are named; iIreVKMzd{SDmo')PZ (using 69% of h/d) and YN987Ue-k~f3KPm4,j (using 28% of h/d).Can any-one tell me what these folders ARE, and can i delete the contents to regain disc space? thank you. Steve.
  • +
    0 Votes
    gopiindian86

    This seems to be some backup directory created by one of the application installed in your machine. What antivirus program you are using.

    Thanks,
    R.Gopinath
    http://blogs.neuronring.com

    +
    0 Votes
    yellow911

    Malware Bytes, AVG free (current version) and Spybot S&D. Your help is very much appreciated. Steve.

    +
    0 Votes
    gopiindian86

    Did u slove the problem.? Found why those directories are created?

    +
    0 Votes
    yellow911

    Thank you for your continued interest in my question, sir. I could not find out what these folders were. I did my best too, but i am not an expert, (i am just a user with SOME knowledge). However,i could not believe that sys. folders could grow so large. I took a chance and deleted the contents (after taking a drive snapshot), and there has been no ill effects at all regarding my o.s. I am wondering if my lap-top was part of a bot ( though a thorough search of the register with two separate root-kit revealers showed nothing) and that these folders were somehow associated with same....but, in truth, i will never know). I surmised that the worst that could happen is i would have to wipe the drive and do a re-install if these were, in fact, sys folders,...a nuisance, but not the end of the world. Thank you again for your ongoing interest, and all the best to you in your endeavours. Steve. ( p.s. I now have 147gigs of drive space)

    +
    0 Votes
    jeslurkin

    I entered the file names in Google and only got references to your post. However, the entry for the big file also caused Google to ask: "Do you mean reVKMzd{SDmo')PZ ?"

    When I clicked on that link it presented a reference that suggested to me that these may be files to store e-mail addys for a spambot.

    It is possible that (now removed) malware had opened a 'backdoor' port to allow a spambot to use your HD for storage.

    If the files grow again, you will need a security program or person to find out what port is open.

    Good luck!

    +
    0 Votes
    yellow911

    firstly, thank you for your reply...very thoughtful idea. i run these; spybot search and destroy, avg free,malwarebytes (no they don't clash, strangely), secunia psi ( to keep patches/end-of-life programs up-to date, no script ext., bee-free ext. better privacy ext, ad-block ext. and my firefox is sand-boxed. i run scans every three days (up-dated before each scan). i have also several different root-kit revealers which i run separately once a week. i cannot think of anything else to do to keep these things out ( of course i run a mechanical router firewall, as well as p.c.tools firewall plus software firewall. please, if could suggest anything else i can do to avoid being a "bot zombie" please suggest it. i have a gut feeling your suggestion may be correct thank youonce again for your interest. steve.

    +
    0 Votes
    jeslurkin

    Read the following two cnet articles. They explain how a port (7777) may have been opened by malware inadvertently contained in software drivers. (Yet another reason for me to despise USB.) I do not know how to check if a port is open, nor how to close it. I would need a guru to lead me by the hand. HTH.

    http://ct.cnet-ssa.cnet.com/clicks?t=529477439-2999f05f2c060e7c57e1d62d4ff9d8c6-bf&brand=CNET-SSA&s=5

    http://news.cnet.com/8301-1009_3-10137032-83.html?tag=mncol;txt

    +
    0 Votes
    yellow911

    i will read these articles, as suggested with interest. to be frank, i too would require a "guru" to lead me by the hand thru' such muddied waters, my knowledge being somewhat of the "interested-in-the-tech.-side" amateur. these folders have, at this stage, not re-occurred, so perhaps by deleting same i have coincidently solved my own bot-zombie problem. once again, sir, thank you for your interest. steve.

  • +
    0 Votes
    gopiindian86

    This seems to be some backup directory created by one of the application installed in your machine. What antivirus program you are using.

    Thanks,
    R.Gopinath
    http://blogs.neuronring.com

    +
    0 Votes
    yellow911

    Malware Bytes, AVG free (current version) and Spybot S&D. Your help is very much appreciated. Steve.

    +
    0 Votes
    gopiindian86

    Did u slove the problem.? Found why those directories are created?

    +
    0 Votes
    yellow911

    Thank you for your continued interest in my question, sir. I could not find out what these folders were. I did my best too, but i am not an expert, (i am just a user with SOME knowledge). However,i could not believe that sys. folders could grow so large. I took a chance and deleted the contents (after taking a drive snapshot), and there has been no ill effects at all regarding my o.s. I am wondering if my lap-top was part of a bot ( though a thorough search of the register with two separate root-kit revealers showed nothing) and that these folders were somehow associated with same....but, in truth, i will never know). I surmised that the worst that could happen is i would have to wipe the drive and do a re-install if these were, in fact, sys folders,...a nuisance, but not the end of the world. Thank you again for your ongoing interest, and all the best to you in your endeavours. Steve. ( p.s. I now have 147gigs of drive space)

    +
    0 Votes
    jeslurkin

    I entered the file names in Google and only got references to your post. However, the entry for the big file also caused Google to ask: "Do you mean reVKMzd{SDmo')PZ ?"

    When I clicked on that link it presented a reference that suggested to me that these may be files to store e-mail addys for a spambot.

    It is possible that (now removed) malware had opened a 'backdoor' port to allow a spambot to use your HD for storage.

    If the files grow again, you will need a security program or person to find out what port is open.

    Good luck!

    +
    0 Votes
    yellow911

    firstly, thank you for your reply...very thoughtful idea. i run these; spybot search and destroy, avg free,malwarebytes (no they don't clash, strangely), secunia psi ( to keep patches/end-of-life programs up-to date, no script ext., bee-free ext. better privacy ext, ad-block ext. and my firefox is sand-boxed. i run scans every three days (up-dated before each scan). i have also several different root-kit revealers which i run separately once a week. i cannot think of anything else to do to keep these things out ( of course i run a mechanical router firewall, as well as p.c.tools firewall plus software firewall. please, if could suggest anything else i can do to avoid being a "bot zombie" please suggest it. i have a gut feeling your suggestion may be correct thank youonce again for your interest. steve.

    +
    0 Votes
    jeslurkin

    Read the following two cnet articles. They explain how a port (7777) may have been opened by malware inadvertently contained in software drivers. (Yet another reason for me to despise USB.) I do not know how to check if a port is open, nor how to close it. I would need a guru to lead me by the hand. HTH.

    http://ct.cnet-ssa.cnet.com/clicks?t=529477439-2999f05f2c060e7c57e1d62d4ff9d8c6-bf&brand=CNET-SSA&s=5

    http://news.cnet.com/8301-1009_3-10137032-83.html?tag=mncol;txt

    +
    0 Votes
    yellow911

    i will read these articles, as suggested with interest. to be frank, i too would require a "guru" to lead me by the hand thru' such muddied waters, my knowledge being somewhat of the "interested-in-the-tech.-side" amateur. these folders have, at this stage, not re-occurred, so perhaps by deleting same i have coincidently solved my own bot-zombie problem. once again, sir, thank you for your interest. steve.