Well not actually mine or the computers. My C drive has decided it's full. Deleted a backup copy of Windows along with the compressed mpeg & jpeg porno stuff my boy has collected. (He's going to be one unhappy guy where he comes over and finds that missing.)
Anyway, after killing and deleted everything I could lay my hands on, I still keep getting disk full messages. Except for a couple of email messages, I've not saving anything for the last week. Don't think the others around here have either.
What am I missing? I keep deleting and I think it's filling. C is probably real tight now. Only running with about 60M open before internet playing. That not enough? Time to move other stuff to D?

John,
This kind of thing bothers me with hard drives "filling" up.

1. Try shutting down after you delete stuff (to try and refresh the size indicator). Then restart.

2. The only other thing I can think of right now is that you have a piece of nastyware on the machine that's filling up the drive. make sure your virus scanner's up to date and run a scan. You can also go here to run one: http://housecall.antivirus.com/. With your son picking up porn I'm VERY concerned that he might of gotten bit by the Double Extention vulnerability. This allow you to produce a file that has a file name of porn.jpg.exe and Winblows will only show porn.jpg, along with the jpg icon, unless it it set to show all file extentions. That nasty trick is a favoriate trick for "porn" spreaders to spread Backdoor Trojans http://www.chevelles.com/forum/frown.gif

Thanks Matt
Tomorrow I'll slip on the rubber and go looking for some strange stuff.
Maybe I could rephrase that but problems with the the thesaurus. Dang 'puters, Dang moderators.
Running Norton with a April update in the background. Get confused between this one and the one at work. Won't allow (Disk space?) the latest Norton to download.
Won't concern me too much but trying through email to get a couple of guy's cars running.

After you deleted this stuff did you empty the recycle bin. until you empty that the files will still be there

------------------
1967 Chevelle ss396 Clone
Marina Blue
454 CID

I had a kak worm that did the same thing with my memory, but not the hard drive.

------------------
Better Late than Never Fred
Team Chevelle #400
ACES #4055
I'd rather have a bottle in front of me, than a frontal lobotomy.
1970 Chevelle Malibu (http://www.chevelles.com/showroom/Riffers70_1)

Empty your recycle bin

------------------
350 TBI EFI 4speed 12bolt 3.73's
Bench Blue w/black inter. 14.5@90mph
"UNACCEPTABLE!!!!!" Beldar

My 69 Chevelle (http://www.chevelles.com/showroom/Chevelle1.jpg)

John,
DID you dump the bin???? http://www.chevelles.com/forum/smile.gif

John -
Perhaps it's time to upgrade your 500 MByte hard drive.

------------------
Bob McCormick
69 Malibu project

That recent sircam virus has a variant that affects 1 in (can't remember) number of computers and one of the things it does is fill up the hard drive with useless info. You can make space but it will just fill it with random data. I remember reading this when I checked into what the sircam virus was all about. perhaps it's still hiding on your machine?
worth checking out I'd say, especially how you described it.

Bin has been dumped. Trash cans are empty. Latest problem is the wife has the read post. Eldest is trouble when he comes over to visit with his mother.
May move the computer into the garage. Me and the dog are not owning up to the deleted mpeg files.

John,

Windows isn't going to be happy with only 60M free. Did you delete your temp internet files (cache in Netscape)? That could account for a lot of space. If you start surfing with 60MB, you'll probably start getting warnings from Windows pretty quickly. It depends on what you have the warning set at also. You should have at least 100MB free on the C drive for Windows to be happy.

------------------
Rick Sutter
Member #383
'67 Chevelle Super Sport
67SS.com (http://67SS.com)

Something else that might be worth checking is your \windows\temp directory. This directory can fill up with useless files if the computer isn't turned off properly.
If you (or your son) are using Outlook Express to view the usenet newsgroups, their dbx files can get pretty big. Their location can vary, but mine end up in windows\application data\identites\a bunch of numbers and letter\outlook express. There you will see the newsgroup that have been looked at. The ones that start with alt (which is where most users go for pictures) can be deleted. Don't delete "Inbox" or any others that aren't newsgroup related.

Something else to try is a search for files bases on their size. (start->find...->files and folder->advanced) Try searching for all files that are at least 3000kb (3mb) in size,, and see what comes up. This should be big enough to find any media files that are of substantial size (in particular mp3, avi, mpg, and mpeg)or any other files that may be hogging space. Be careful to not delete files you or your computer need. If your not sure about a particular file, just leave it, better safe than sorry.

Oops, actually have between 500m and 600m free on C. Off by a factor when I typed the original post.
Ran the virus program Matt recommended. Found I had 2 different viruses.
A little one called Joke Geschenk located in 2 spots. Deleted that in both locations. Then emptied the recycle bin again. Reran the virus program again and it says they are gone.

Now the real problem. Found 2 locations of the Sircam A virus. Names are a little different. One is located in the systems directory and the other in the recycle bin. Something tells me that there may be other things in the recycle bin I'm not seeing.

2 locations are:
C:\windows\system\scam32.exe
C:\recycled\sirc32.exe

Recommended methods of attack??
How do I view files with double extentions? Think I know how this thing arrived.
Thanks
John





[This message has been edited by John_Muha (edited 08-17-2001).]

John,
This will help: McAffee Details/Removal:*http://vil.nai.com/vil/virusSummary.asp?virus_k=99141

As far as the Double Extentions goes here's what you do: Start Windows Explorer, if you have Windows 98 go to the View menu. if you have Windows Me go to Tools. Select Folder Options, then click on the View tab. Make sure the check box that says "Hide file extentions for known file types" is NOT checked. There will still be a small handful of hidden extentions that won't show, fixing that requires a Registry edit http://www.chevelles.com/forum/smile.gif. How you got bit was somebody opened up the attachment in a Sircam mail, not knowing it was dangerous because the extention was hidden http://www.chevelles.com/forum/frown.gif.

Ran the Symantec removal tool Al's post mentioned a couple of weeks ago. Think I got it. Still checking around. Be back.
John

Edit
Did kill it. Ran the scan program that was mentioned above and this time it ran clean. I do understand about the email attachments and do know where it came from. Figured out who opened it. Me and the dog are innocent. Thanks a lot.
John

[This message has been edited by John_Muha (edited 08-17-2001).]

No problem John http://www.chevelles.com/forum/smile.gif

Matt (or others)
Afterwards got to thinking. This little thing I found called Joke Geschenk. Didn't seem to do much and was sitting on a junk .exe file that didn't belong to me. An easy kill.
I assumed it was an old varient. However when I checked Norton's April '01 list I don't see it listed.
Question:
Is this actually a newer virus? When was it identified. Know who hauled it home (not the son). Just trying to determine when.

John,

Joke Geschenk isn't considered a virus. You won't find it in your virus definations. You need Norton's "PAININTHEASSSCANNER" to rid you of stuff like it.. http://www.chevelles.com/forum/wink.gif Here is what Symantic says about it... www.symantec.com/avcenter/venc/data/joke.geschenk.html (http://www.symantec.com/avcenter/venc/data/joke.geschenk.html)

Glad you cought it... I'm still getting e-mail from Team Camaro folks with the sircrap attachments...

EDIT: The "Glad you caught it" wasn't ment as it sounds... Glad you got rid of it!!! http://www.chevelles.com/forum/biggrin.gif
------------------
...Dennis
www.camaroslimited.com (http://www.camaroslimited.com)

[This message has been edited by DjD (edited 08-17-2001).]

[This message has been edited by DjD (edited 08-17-2001).]

Dennis
Thanks. The housecall program that Matt referred to picked it up. Was easy to dump because it was not attached to anything. Found it located in some ICQ stuff my loving daughter and her CS major friend were sharing.
Just got curious because it was not picked up before and it must have been there for over a year. Didn't look harmful but shot at it anyway.
John
Edit:
BTW
My personal version of the Sircam did not come from Team Chevelle or any related car stuff. Came in from my wife's aunt, about 2 weeks ago, who is aware she has a problem. Trying to get the entire family to go on a Bug Hunt.
If my Ford loving brother-in-law is reading this (he trolls), it's too late for you dude. She's your aunt and it will take major cash to get my boy down there to save your machine.

[This message has been edited by John_Muha (edited 08-17-2001).]