Low memory on C: drive after BSOD crash, suspecting malware.

Well a few days back, I had an unexpected BSOD crash. When the system rebooted, there were uninstalled updates, which I then installed. No crashes after that for some time. 2 days ago, I notice my C: drive memory depleting, showing just 2 GB free of 96.5 GB. Now because of this, my system performance slowed down and there were a few more crashes.

I suspected a malware in some file, so I researched a bit for memory scan softwares, and found out about SpaceSniffer, which I then downloaded and ran to scan the C: drive. It accounted for 37.3 GB used and there was a log generated, which I shall post in a reply as there isnit enough space on this message.

Anyways, now my disk space is down to just 100 MB free of 96.5 GB, and because of this I am not able to run a lot of programs. Would appreciate any immediate help. And I also want to let it known that Formatting and doing a clean install of Windows is gonna be my last resort as I do not have a Windows installation disc.

EDITED: Apparently the log is too big to be posted in one single reply. And also, I've analyzsed the C: drive with Advanced SystemCare and it showed that the path "C: > Windows" was occupying about 60 GB while it just showed as 18.2 GB on the SpaceSniffer scan.

The log in the SpaceSniffer scan showed that access is denied into one folder with path "C: > Windows > system32 > config > systemprofile". I suspect that's the problem folder, but as i said access to that is denied even though I have administrative rights.

What anti-malware and anti-virus scans have you done?

Download and run Treesize Free and post a screen shot of it.

TreeSize Free - Verzeichnisgren und Speicherfresser schnell erfassen

It will show all your directory trees and you can expand down to see every folder.

My System Profile folder is very small and is shown in Treesize Free.

Here's the screenshot:

I can't download any more stuff, even if I try and delete anything the space is eaten up within minutes... I've done a scan with IOBit Disk explorer which comes with Advanced SystemCare. Screenshot attached.

On your PC, C:\windows\system32\config\systemprofile\appdata\local\microsoft\Windows is 58.01 GB.

On my PC, that same folder is less than 100 KB---about one millionth the size of yours.

That folder on my PC contains mostly “temporary Internet files” and “history”.

I’ve seen this issue several times previously on this forum and can’t recall the culprits. I’d guess it’s most likely a rogue program running away and generating a bunch of temp files.

You should be able to find more comments on resolving this by using the search function on this forum.

In the meantime:

Do you have access to a System Restore point prior to the date and time this began?

What specific anti-virus and anti-malware scans have you done since this began?

Have you examined your list of installed programs to see if there is anything there that you can't explain or that looks new or suspicious?

Have you looked at running processes within Task Manager to see if anything is hogging CPU cycles?

Have you looked at the memory tab within Resource Monitor in Task Manager to see if any particular process is using a lot of memory?

Well I've done a scan with Advanced SystemCare, has freed up about 400 MB but that was consumed again, and when I try to scan with Avast it seems to just skip that folder. I cant even open it as the problem has denied access to it.

Checked task manager, no suspicious activity whatsoever. I do have a system restore point, but it's not recent so a lot of data (particularly on the D: drive) is going to be lost.

System Restore affects only system files, not your personal data. So it's worth a try.

Post screenshots of processes, with "show processes for all users" selected. Poke the CPU column to sort so that the highest CPU usage process is at the top.

Post screenshot of Resource Monitor memory tab, sorted by highest working set.

Post screenshot of installed programs.

Post screenshot of the checked items shown in the startup tab of msconfig.

Are you using any particular toolbar? I'm wondering if you downloaded one recently, perhaps by accident.



I'd at least try to download and run malwarebytes from malwarebytes.org.

Well, almost all my installed programs are on the D: drive and have no link to that folder. As for toolbars, I find them annoying with all their pop-ups and stuff so I never install any.

Other screenshots attached.

Do you have any particular reason not to try a System Restore?

I don't see the screenshots for installed programs and Resource Monitor.

Are you unable to run Malwarebytes?

I don't recognize all of those items in startup. The PC will run fine with all unchecked at least as a test to see if it helps. You might leave Avast checked to keep anti-virus going, but the others can be unchecked as an experiment.

@ignatzatsonic Well I don't have any apparent reason not to try system restore. Will do it if nothing else works. As for malwarebytes, I've managed to free up some space with Disk Cleanup and will try it now.

@NoelDP Just wanted to know, what exactly happens in such a case?