Hi, when I turn on or restart my computer, the partitioned part of my hard disk has free space. However, within an hour or two, even if I download nothing, the remaining free space dwindles rapidly until it hits 0 MB. I've looked at the processes running under Task Manager, and none of them seems to be a back door. And I've also run antispyware and antivirus programs, none of which turn up any problem. This "disappearing hard disk space" trouble has only been happening for the past few days or so. Does anyone know what the cause and/or solution might be? Thanks very much!
Disappearing Hard Drive Space
- Thread starter autograf
- Start date
Solution
Saga Lout
Retired Mod
- Mar 31, 2010
- 24,042
- 310
- 69,740
It starts off normal and decreases - that points to the file in the root of C:\ called pagefile.sys. Keep an eye on that as it grows and if that is the problem, you need more physical memory - RAM. Pagefile.,sys is the swap file which uses hard disk space to emulate memory - what the system refers to as Virtual memory. Any messages lately including that phrase? How big is that Partition and how much free space has it when you fire up the system?
digitalprospecter
Distinguished
- Mar 31, 2010
- 786
- 0
- 19,060
I suspect you've hit the nail on the head Saga Lout.
Windows XP these days needs a bare minimum of 1GB of free space, and likely more. If you have less or just over 1GB of free space then this is liekly the problem.
Check Control Panel->System-Advanced Tab->Performance Settings Button->Advanced Tab->Virtual Memory Change button and set a custom size range with the maximum size less than the total free drive space. This will keep the pagefile from outgrowing your available space, but might result in out of memory errors when running your programs. Good test though. Then you have to determine if you need a larger drive or can remove unnecessary programs and data.
Cheers!
Windows XP these days needs a bare minimum of 1GB of free space, and likely more. If you have less or just over 1GB of free space then this is liekly the problem.
Check Control Panel->System-Advanced Tab->Performance Settings Button->Advanced Tab->Virtual Memory Change button and set a custom size range with the maximum size less than the total free drive space. This will keep the pagefile from outgrowing your available space, but might result in out of memory errors when running your programs. Good test though. Then you have to determine if you need a larger drive or can remove unnecessary programs and data.
Cheers!
It is a 54G partition on a 110 disc. The C: holds its own with aobut 8 G left, but there should be about 10 on the D: drive and it goes down to 0, yes zero & as soon as I free up more space it drains down to 0 again.
It actually only shows 1 G on startup, but there was more last week. I know the drives are too full, and it is time to do some serious housecleaning. In fact, this problem has had me at it! The page file is about 2.1 G.
I am wondering about the indexing service from windows search? I seem to remember seeing something about indexing somewhere.
digitalprospecter
Distinguished
- Mar 31, 2010
- 786
- 0
- 19,060
Hi autograf,
Following along on Saga Lout's path, have you checked to see which drive the pagefile (Swap File) is hosted on. It doesn't have to be the C: drive. It can be set to any drive or partition in your system.
Check out that path I mentioned earlier just be be able to eliminate the swap file altogether: Check Control Panel->System-Advanced Tab->Performance Settings Button->Advanced Tab->Virtual Memory Change button
Following along on Saga Lout's path, have you checked to see which drive the pagefile (Swap File) is hosted on. It doesn't have to be the C: drive. It can be set to any drive or partition in your system.
Check out that path I mentioned earlier just be be able to eliminate the swap file altogether: Check Control Panel->System-Advanced Tab->Performance Settings Button->Advanced Tab->Virtual Memory Change button
Saga Lout
Retired Mod
- Mar 31, 2010
- 24,042
- 310
- 69,740
Looking at your figures it would seem that the swap file has enough room to grow. The last time I saw behaviour this bad was due to a keylogger so you might like to let us all have a look at a HijackThis log. Go to http://www.trendmicro.com and download HijackThis, then install it and click on Scan and Save a Log. Don't fix anything until advised to do so but simply copy and paste that Notepad log back here.
You also need to declutter before scannign for malware. Get the ATF Cleaner form http://www.atribune.org and click on Select All and Delete. Download CCleaner from http://www.piriform.com, install it and run the cleaner, allowing it to delete everything it think unnecessary.
You'll also save some time if you go to http://www.malwarebytes.org to download MalwareBytes. Install it, let it update and restart itself then run the Quick Scan. Let it fix everything it finds and restart the system and run the Full Scan and repeat the process. After that restart, go back into MBAM and click on the Logs tab and copy and paste both back here along with a fresh log of a HJT scan. This way, we can see what you had and what you got rid of.
Temporarily suspend collecting any more temporary internet files by ticking to delete on exit in Internet Explorer's Tools menu, General tab.
digitalprospecter
Distinguished
- Mar 31, 2010
- 786
- 0
- 19,060
I agree with Saga Lout ^^^^^^^^^^^^^^ All great suggestions.
Saga Lout, are you still up working on that payroll system for tomorrow!
Saga Lout, are you still up working on that payroll system for tomorrow!
digitalprospecter
Distinguished
- Mar 31, 2010
- 786
- 0
- 19,060
<grin> Why being a wolf i thought it best not to present a proper cat in your presence... being that you would chase it and all!
WOW You are terrific!
I have discovered that somehow I ended up with copies of every file in My Documents! They are all labeled with the exact name and appended with (Empress v1).xxx and are the exact size of the other files which have turned blue in their lists. A friend told me that meant that they were compressed.
What the heck did I do? I now have 38,575 copies of files... no wonder my drive is full. Shall I simply discard the copies?
I will follow the advise you just sent me, too.
I have discovered that somehow I ended up with copies of every file in My Documents! They are all labeled with the exact name and appended with (Empress v1).xxx and are the exact size of the other files which have turned blue in their lists. A friend told me that meant that they were compressed.
What the heck did I do? I now have 38,575 copies of files... no wonder my drive is full. Shall I simply discard the copies?
I will follow the advise you just sent me, too.
graywolf
Distinguished
- Feb 23, 2010
- 869
- 0
- 19,060
Does the name Empress mean anything to you? A game or program you might have? Is xxx the actual file extension? [:graywolf:1]
Have you already checked for malware as Saga Lout laid out? This could be causing the duplicates.
And I have to ask --do you go to porn sites? Asking because of that file name, so don't take it personally.
Have you already checked for malware as Saga Lout laid out? This could be causing the duplicates.
And I have to ask --do you go to porn sites? Asking because of that file name, so don't take it personally.
digitalprospecter
Distinguished
- Mar 31, 2010
- 786
- 0
- 19,060
Yes, Empress is one of my nicknames and ID's... xxx meant whatever the previous extension was.
No Porno ... just finished the HIjack scan and had a computer guy evaluate and research to find no problems although we did remove some stuff because of it!
It looks like I inadvertently decompressed the harddrive and it crashed during the process. There were about 39,000 files recreated, but on serious checking the files pair up perfectly... "HE" said he thinks that in the copying process it makes copies in the process tehn gets rid of them, but in the crash it didn't complete the process. Just an educated guess, though on his part.
We have just started eliminated all of the duplicates ... and I will be running check disk.
Not to say we are done with the whole process ... something about NTFS disk's possibly having errors when there are too many small files?
No Porno ... just finished the HIjack scan and had a computer guy evaluate and research to find no problems although we did remove some stuff because of it!
It looks like I inadvertently decompressed the harddrive and it crashed during the process. There were about 39,000 files recreated, but on serious checking the files pair up perfectly... "HE" said he thinks that in the copying process it makes copies in the process tehn gets rid of them, but in the crash it didn't complete the process. Just an educated guess, though on his part.
We have just started eliminated all of the duplicates ... and I will be running check disk.
Not to say we are done with the whole process ... something about NTFS disk's possibly having errors when there are too many small files?
Saga Lout
Retired Mod
- Mar 31, 2010
- 24,042
- 310
- 69,740
Aaaaaarrrrgggghhhhhh!!!! Not the dreadred Matthias' site again? I wish had a pound - or even just a dollar
for every time I had to reconstitute systems after people took notice of that site. In the old days of USB Broadband MODEMS, just about every AOL member in Britain who ever ran HJT was disconnnected because that site told people to bin the main software for the MODEM. There is no substitute for analysing logs by the experienced eye - whether those eyes got their experience in the real world or just because they got a certificate saying they know it all.
There's an AnalyseThis button on the HJT's own mainpage if people really want to see what's what but it's still adviseable to post to a responsible Forum (just like this one) and wait for advice. Then, don't hesitate to ask the responder for some proof that they know what they're talking about. Also, never forget that sometimes, the best programmes and utilities for dealing with malware is free and that's because it also has a paid for version which helps to fund it or because the developers welcome - and need - donations. [/#000ff]
graywolf
Distinguished
- Feb 23, 2010
- 869
- 0
- 19,060
Not dumping on real live help, but we don't have USB Broadband modems, and AOL is a disease anyway. Have you seen this site goofing up recently? I submitted a few logs for fun after scanning them myself, and there were no errors in malware, although the 04's aren't reduced.
Saga Lout
Retired Mod
- Mar 31, 2010
- 24,042
- 310
- 69,740
That was one of many examples. If I remember the rumours correctly, Matthias had set the site up after a falling-out with Merijn Belekom- the genius who originally developed HJT. In my 'umble opinion, there are some things which cannot be left to an automated system based on statistics and opinions and analysis of HJT logs is one of those things. It's entirely up to the individual of course but I only present my view as part of a balanced debate. Please don't feed me to the wolves!
- Status
Facebook
Twitter
Instagram