Personal computing discussed
Moderators: renee, Flying Fox, Ryu Connor
Dposcorp wrote:What OS is it and what hardware?
Deanjo wrote:Could be a backup program, your VM software or Windows own file history.
MarkG509 wrote:Have you tried: Sysinternals File and Disk Utilities? Particularly: AccessChk, AccesEnum, PsFile and especially Handle.
Losergamer04 wrote:Have things like malware scanning for personal/exploitable info been excluded? Hooking VSS would be a rather sophisticated vector, but if it goes that far, hiding its own tracks wouldn't be out of the question.Crank up auditing for user activity and check Event Viewer Security logs.
MarkG509 wrote:Losergamer04 wrote:Have things like malware scanning for personal/exploitable info been excluded? Hooking VSS would be a rather sophisticated vector, but if it goes that far, hiding its own tracks wouldn't be out of the question.Crank up auditing for user activity and check Event Viewer Security logs.
BIF wrote:No O/S should make it this hard to completely understand what's going on and why, especially in this age of malware.I still vote for hard physical punishment for viruseers.
MarkG509 wrote:No O/S should make it this hard to completely understand what's going on and why, especially in this age of malware.
MarkG509 wrote:Losergamer04 wrote:Have things like malware scanning for personal/exploitable info been excluded? Hooking VSS would be a rather sophisticated vector, but if it goes that far, hiding its own tracks wouldn't be out of the question.Crank up auditing for user activity and check Event Viewer Security logs.
just brew it! wrote:MarkG509 wrote:No O/S should make it this hard to completely understand what's going on and why, especially in this age of malware.
Unfortunately, all modern OSes are complicated enough that having a hard time understanding what's going on when strange things happen is a fact of life.
Deanjo wrote:just brew it! wrote:MarkG509 wrote:No O/S should make it this hard to completely understand what's going on and why, especially in this age of malware.
Unfortunately, all modern OSes are complicated enough that having a hard time understanding what's going on when strange things happen is a fact of life.
Not really, pretty dang easy to get an idea what is going on in *nix land (linux, OS X, BSD, etc) with the logs they provide. Windows logging just sucks with cryptic and ambiguous messages.
morphine wrote:...
2) Why isn't the VSC closed after use?
just brew it! wrote:Because Windows Update?
morphine wrote:Glad it helped! I may grab all those tools for future reference.2) Why isn't the VSC closed after use?
Ryu Connor wrote:I'm sure I'll never find it (perhaps you know off the top of your head), but there's a magic command line thing that can be run from an Admin command prompt that scans for broken or out-of-date installations and/or broken updates, clears some cache, and tries to decide if it wasn't really a problem anyway. I have had to run this in the past when WU was throwing cryptic error codes. As I recall, it took a long time (~15mins) to run, but worked (at least in so far as I stopped getting the annoying error codes and WU seemed less unhappy).Based on the picture, it's VC 2012. Both the package cache and something in the softwaredist\downloads is kicking off.