- Joined
- Apr 29, 2011
- Messages
- 31,284
- Trophies
- 2
- Age
- 38
- Location
- Dr. Wahwee's castle
- XP
- 18,969
- Country
Okay, so there's something very strange going on with my primary HDD, over the past few days, I've noticed the free space is gradually dropping by 1 GB, despite the fact that all I've downloaded primarily are jpeg files, music, 3D models, etc, none of which are even that big. Even when I don't do anything intensive, the space still drops gradually and frankly, this is really starting to worry me; sometimes it will bounce back up to 220 GB or whatever, but then it starts slowly going down, like there's some kind of pagefile-related issue, I don't know.
I attempted to use Google and find out what was going on, some results yielded information about the pagefile being set wrong or the like when I never even touched those settings in the two plus years I've had this. Is this related to a virus or some kind of malware? Can they actually be programmed to reduce the amount of free space on a HDD? So, I did do a malware scan and these are the results that it found, given the fact there are numerous registry entries (all related to Internet Explorer, which I don't use), to sum up, I'm worried that my HDD is going to explode or experience some kind of catastrophic failure, but I have most of my vital data backed up, so I wouldn't be totally screwed.
According to this http://forum.notebookreview.com/threads/slowly-but-surely-losing-hard-drive-space.262274/ one possibility is the system restore at fault.
This really shouldn't be happening as my secondary HDD doesn't so much as bat an eye, it's the primary HDD, the one where the OS is installed, that's doing this and only started up maybe a couple of weeks ago, but it would bounce back. I hope my description at least make a little sense, and yes, I used CCleaner and there was only like 1 MB or so of temp files (deleted them the other day). I should also note that I do use Sleep when not in use, but turn it off once a day when I sleep.
Malwarebytes PUP results: Should all these be removed?
I attempted to use Google and find out what was going on, some results yielded information about the pagefile being set wrong or the like when I never even touched those settings in the two plus years I've had this. Is this related to a virus or some kind of malware? Can they actually be programmed to reduce the amount of free space on a HDD? So, I did do a malware scan and these are the results that it found, given the fact there are numerous registry entries (all related to Internet Explorer, which I don't use), to sum up, I'm worried that my HDD is going to explode or experience some kind of catastrophic failure, but I have most of my vital data backed up, so I wouldn't be totally screwed.
According to this http://forum.notebookreview.com/threads/slowly-but-surely-losing-hard-drive-space.262274/ one possibility is the system restore at fault.
This really shouldn't be happening as my secondary HDD doesn't so much as bat an eye, it's the primary HDD, the one where the OS is installed, that's doing this and only started up maybe a couple of weeks ago, but it would bounce back. I hope my description at least make a little sense, and yes, I used CCleaner and there was only like 1 MB or so of temp files (deleted them the other day). I should also note that I do use Sleep when not in use, but turn it off once a day when I sleep.
Malwarebytes PUP results: Should all these be removed?
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 5/19/2015
Scan Time: 11:05:49 AM
Logfile: Malware results.txt
Administrator: Yes
Version: 2.01.6.1022
Malware Database: v2015.05.19.03
Rootkit Database: v2015.05.16.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: PC
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 442410
Time Elapsed: 12 min, 41 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 2
PUP.Optional.Spigot.A, HKU\S-1-5-21-4226263538-640418759-553767252-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, , [fe815045e7a3ff3767374a90689b27d9],
PUP.Optional.Astromenda.A, HKU\S-1-5-21-4226263538-640418759-553767252-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{5BB09347-649C-486E-9FDF-A4C90C3BE09D}, , [651aafe69dedd561f9bed594cc39eb15],
Registry Values: 6
PUP.Optional.Spigot.A, HKU\S-1-5-21-4226263538-640418759-553767252-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=903578&p={searchTerms}, , [fe815045e7a3ff3767374a90689b27d9]
PUP.Optional.Astromenda.A, HKU\S-1-5-21-4226263538-640418759-553767252-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{5BB09347-649C-486E-9FDF-A4C90C3BE09D}|URL, http://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_frg01_14_41_ch&cd=2XzuyEtN2Y1L1QzuyCtD0AyEyE0CyD0Ezy0F0Ezzzzzzzz0AtN0D0Tzu0StCtDtCtAtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StDyC0B0EzzyD0D0FtGtC0BzztDtGzzyD0DyEtG0CtB0EtDtGtBtA0BzytDyEtB0Dzz0EyDtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0FyCtD0A0AtBzztG0EyB0B0DtGyE0DyCtAtG0ByB0E0CtGtByDtB0EyByCyEyDzz0EyDtB2Q&cr=1307245668&ir=, , [651aafe69dedd561f9bed594cc39eb15]
PUP.Optional.Astromenda.A, HKU\S-1-5-21-4226263538-640418759-553767252-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{5BB09347-649C-486E-9FDF-A4C90C3BE09D}|TopResultURLFallback, http://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_frg01_14_41_ch&cd=2XzuyEtN2Y1L1QzuyCtD0AyEyE0CyD0Ezy0F0Ezzzzzzzz0AtN0D0Tzu0StCtDtCtAtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StDyC0B0EzzyD0D0FtGtC0BzztDtGzzyD0DyEtG0CtB0EtDtGtBtA0BzytDyEtB0Dzz0EyDtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0FyCtD0A0AtBzztG0EyB0B0DtGyE0DyCtAtG0ByB0E0CtGtByDtB0EyByCyEyDzz0EyDtB2Q&cr=1307245668&ir=, , [f28d1c79b1d930067740fc6de81db64a]
PUP.Optional.Astromenda.A, HKU\S-1-5-21-4226263538-640418759-553767252-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{5BB09347-649C-486E-9FDF-A4C90C3BE09D}|FaviconPath, C:\Program Files (x86)\WSE_Astromenda\\FavIcon.ico, , [46399104692177bfe1d62a3f53b231cf]
PUP.Optional.Astromenda.A, HKU\S-1-5-21-4226263538-640418759-553767252-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{5BB09347-649C-486E-9FDF-A4C90C3BE09D}, Astromenda, , [a9d6078ec6c441f505b2aebbbf465ca4]
PUP.Optional.Astromenda.A, HKU\S-1-5-21-4226263538-640418759-553767252-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{5BB09347-649C-486E-9FDF-A4C90C3BE09D}|DisplayName, Astromenda, , [b0cf6f26ff8b7cbabbfcfc6d0104da26]
Registry Data: 0
(No malicious items detected)
Folders: 7
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkdopdccdhekmnbanfmhehkbidjppmo\3.7, , [83fcccc9d7b331053708214abd4830d0],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkdopdccdhekmnbanfmhehkbidjppmo, , [83fcccc9d7b331053708214abd4830d0],
PUP.Optional.MultiPlug.A, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkdopdccdhekmnbanfmhehkbidjppmo\3.7, , [98e70392f79341f597a84b2040c5d030],
PUP.Optional.MultiPlug.A, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkdopdccdhekmnbanfmhehkbidjppmo, , [98e70392f79341f597a84b2040c5d030],
PUP.Optional.MultiPlug.A, C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkdopdccdhekmnbanfmhehkbidjppmo\3.7, , [36493d58f49625111d22343706ff3fc1],
PUP.Optional.MultiPlug.A, C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkdopdccdhekmnbanfmhehkbidjppmo, , [36493d58f49625111d22343706ff3fc1],
PUP.Optional.MultiPlug, C:\ProgramData\pdpajcncpdengdpfakpjkjmdipohchnn, , [413e2b6ae5a5b680d3be1e4e2fd638c8],
Files: 20
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkdopdccdhekmnbanfmhehkbidjppmo\3.7\lsdb.js, , [83fcccc9d7b331053708214abd4830d0],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkdopdccdhekmnbanfmhehkbidjppmo\3.7\background.html, , [83fcccc9d7b331053708214abd4830d0],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkdopdccdhekmnbanfmhehkbidjppmo\3.7\content.js, , [83fcccc9d7b331053708214abd4830d0],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkdopdccdhekmnbanfmhehkbidjppmo\3.7\ku_F.js, , [83fcccc9d7b331053708214abd4830d0],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkdopdccdhekmnbanfmhehkbidjppmo\3.7\manifest.json, , [83fcccc9d7b331053708214abd4830d0],
PUP.Optional.MultiPlug.A, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkdopdccdhekmnbanfmhehkbidjppmo\3.7\lsdb.js, , [98e70392f79341f597a84b2040c5d030],
PUP.Optional.MultiPlug.A, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkdopdccdhekmnbanfmhehkbidjppmo\3.7\background.html, , [98e70392f79341f597a84b2040c5d030],
PUP.Optional.MultiPlug.A, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkdopdccdhekmnbanfmhehkbidjppmo\3.7\content.js, , [98e70392f79341f597a84b2040c5d030],
PUP.Optional.MultiPlug.A, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkdopdccdhekmnbanfmhehkbidjppmo\3.7\ku_F.js, , [98e70392f79341f597a84b2040c5d030],
PUP.Optional.MultiPlug.A, C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkdopdccdhekmnbanfmhehkbidjppmo\3.7\manifest.json, , [98e70392f79341f597a84b2040c5d030],
PUP.Optional.MultiPlug.A, C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkdopdccdhekmnbanfmhehkbidjppmo\3.7\lsdb.js, , [36493d58f49625111d22343706ff3fc1],
PUP.Optional.MultiPlug.A, C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkdopdccdhekmnbanfmhehkbidjppmo\3.7\background.html, , [36493d58f49625111d22343706ff3fc1],
PUP.Optional.MultiPlug.A, C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkdopdccdhekmnbanfmhehkbidjppmo\3.7\content.js, , [36493d58f49625111d22343706ff3fc1],
PUP.Optional.MultiPlug.A, C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkdopdccdhekmnbanfmhehkbidjppmo\3.7\ku_F.js, , [36493d58f49625111d22343706ff3fc1],
PUP.Optional.MultiPlug.A, C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkdopdccdhekmnbanfmhehkbidjppmo\3.7\manifest.json, , [36493d58f49625111d22343706ff3fc1],
PUP.Optional.MultiPlug, C:\ProgramData\pdpajcncpdengdpfakpjkjmdipohchnn\lsdb.js, , [413e2b6ae5a5b680d3be1e4e2fd638c8],
PUP.Optional.MultiPlug, C:\ProgramData\pdpajcncpdengdpfakpjkjmdipohchnn\background.html, , [413e2b6ae5a5b680d3be1e4e2fd638c8],
PUP.Optional.MultiPlug, C:\ProgramData\pdpajcncpdengdpfakpjkjmdipohchnn\content.js, , [413e2b6ae5a5b680d3be1e4e2fd638c8],
PUP.Optional.MultiPlug, C:\ProgramData\pdpajcncpdengdpfakpjkjmdipohchnn\ECjMlfYY.js, , [413e2b6ae5a5b680d3be1e4e2fd638c8],
PUP.Optional.MultiPlug, C:\ProgramData\pdpajcncpdengdpfakpjkjmdipohchnn\manifest.json, , [413e2b6ae5a5b680d3be1e4e2fd638c8],
Physical Sectors: 0
(No malicious items detected)
(end)