Weird files in Windows root taking up 5 GB

P

puck

Gawd
Joined
Apr 13, 2004
Messages
607
My harddrive space had been mysteriously shrinking, so I started hunting around and noticed my month old install of WinXP had grown to 7GB large. In the folder I found 5 files named Y,S, 1,6,and 3.....these files totaled are about 5GB, while 3 are exactly the same size 1,572,068 KB. Any idea what is causing this?

I have done spyware scans and virus scans, each with multiple clients, (spyboy, adaware, nod32, pcillian) and still can't figure out the problem.

Anyone know???

P.S -- Any idea when the D3 linux bins come out so I can just delete this partition?
 
Rename them, and then reboot. Use your computer for a day or so, and if nothings broken, just delete them. At that point, it would be safe to say they are garbage. If it were my personal computer, I'd delete them now, because I know nothing that I'm running does stupid stuff like that.
 
Oops, forgot to mention when I tried to delete them it says they are in use, so I tried it in safe mode and it said the same thing.



edited for grammer
 
puck said:
Oops, forgot to mention when I tried to delete them it says they are in use, so I tried it in safe mode and it said the same thing.



edited for grammer
Click to expand...

THen it's a virus.
 
puck said:
Oops, forgot to mention when I tried to delete them it says they are in use, so I tried it in safe mode and it said the same thing.
Click to expand...
Like was said previously, its probably a virus. I might still deny everyone permission through NTFS, then reboot and run for a while on the off chance that some odd program uses it.Consider that the only legitimate use would involve some sort of log/cache/tempfile, but then why would the files be locked when you just started windows. Sounds like a virus writer is intent on wasting your resources. You may try disinfection as per the Security FAQ, or if you're on 2k/xp with ntfs, deny everyone permission to the file, then boot into safemode and grant permission and delete. Alternatively you could use Knoppix(live on CD linux) to delete it.
 
You must log in or register to reply here.
Back
Top