Solved

Remove 300 gigabytes from system profile directory

Posted on 2013-12-02
5
1,905 Views
Last Modified: 2013-12-02
I'm trying to clean up a windows 7 computer that was infected
It currently has 300 Gigabytes of files in the  c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\temporary internet files\content.ie5

I have tried to delete the directory in safe mode, in command .prompt, with the drive attached as a secondary drive (not the boot drive,
additionly there appears to be about 5,000,000 files there, when I view in explorer the search icon just stops after a couple of hours. tried to del *.*, and waited over night.
0
Comment
Question by:cpudoctor
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 30

Expert Comment

by:pgm554
ID: 39691623
Try running a chkdsk.

Also try http://lockhunter.com/

Or just go into the user profiles,then delete
0
 
LVL 12

Assisted Solution

by:ibrahim52
ibrahim52 earned 250 total points
ID: 39691627
I suggest you to download the pro trial version of smartprotector from the link below and click ERASE it will take care of all cleaning and its quick.

http://smartprotector.com/eraser/
0
 
LVL 23

Accepted Solution

by:
Mysidia earned 250 total points
ID: 39691634
If you are at 5 million files;  there may be no efficient option for purging it.

Where an infection post-2007 is considered:  a computer known to be infected is not to be considered clean and safe: until formated anyways  ---  so formatting and restoring from backup,  in this case, can potentially save you time in trying to blow away 5 million files: while at the same time,  providing  a  more reliable purge of infection  affecting system files.

The ugly truth is config remnants remain,  and various malware strains have various sneaky techniques of persisting themselves - hiding,  and reinfecting later  -- and many malware bits are pretty darn good at eluding antimalware;  there is no antimalware or antivirus product capable of providing anything approaching a reasonably trustworthy assurance that a known infected machine has been cleaned.




To purge  the content.ie5  in the systemprofile specifically  I would suggest doing this from a command prompt

Ensure that when opening cmd.exe  you did the Right click > Run As Administrator
to run cmd.exe    in an Elevated process.

cd "c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\temporary internet files\"

From within the target directory

takeown /f content.ie5
attrib -s -h -r   content.ie5
attrib -s -h -r   content.ie5  /d
rd /s content.ie5

takeown /f content.ie5  /r /d Y
attrib -s -h -r   content.ie5 /s /d

attrib -s -h -r   content.ie5\*.*                    /s /d
del content.ie5\*.*
0
 

Author Closing Comment

by:cpudoctor
ID: 39691684
Great options, Thanks everyone, except for chkdsk I hadn't thought of any of the ideas
I did just reinstall to a new drive, The chkdsk solution just hung on an overnight run at 72%
0
 
LVL 18

Expert Comment

by:web_tracker
ID: 39691726
To delete 300 gb of files will take a long time.... You would probably better off rebuilding the system.
0

Featured Post

Enroll in May's Course of the Month

May’s Course of the Month is now available! Experts Exchange’s Premium Members and Team Accounts have access to a complimentary course each month as part of their membership—an extra way to increase training and boost professional development.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
Hallo! I guess almost every Windows Administrator must have got stumped with this question "Where does WINDOWS store a users cached credentials? Every user who had once logged onto a Server/Desktop while it was connected to the domain could sti…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question