Title: shadow copies and virus???
Post by: mkochendorfer on December 18, 2012, 07:51:19 PM
:o ??? :-\ :'(
So I have re-installed windows on my barely 4 month old laptop 2 times already. I have a toshiba s855-s5251 that has 6GB RaM 750 GB HDD and is now rockin W8 but came oem style with 7 home premium.
For whatever reason I have shadow copies being made on my system without having set that up. I also seem to be forever unadding xml and fax printers that were never used from the home LAN. Now I noticed Windows SQL making outbound connections and there is always a delay in my internet connection starting up. It seems that it connects just fine but then a caution sign gets thrown up on the internet connection bar and then after x number of seconds it finally has internet access. Right now as i type my mouse pointer has an hour glass next to it and it looks more like a strobe light for how fast it is flashing...sumone pease help me I feel like I should pull out every hair on my damn head.
oh yes and there is unauthorized access attempts to access process data or sumthin to that effect. Oh yes last but not least it seems like everytime i restore modem n router to factory settings within days i am locked out of it
Title: Re: shadow copies and virus???
Post by: 3xban on December 18, 2012, 09:30:27 PM
When you reinstalled, did you also restore your old data? you may have the malware in your profile directory and if you just copy your whole folder from \Users, you will only continue to reinfect yourself. Also some tools to use to check some things out, Microsoft Sysinternals has a number of free tools available. A good one to use is Process Monitor, which logs all active processes on the system. It also logs the network activity that a process us causing.
Another app in the Sysinternals suite is Rootkit revealer, you mean want to run that and see if you have a rootkit. Make sure AV is installed and updated, as well as something like MalwareBytes. Then reboot the device into Safemode, no networking. Run full scans using both AV and Malwarebytes. Another tool to try is the free tool from McAfee call Stinger. This is a scanner that runs standalone and is typically updated regularly, so no need to run an update after downloading.
You also may want to re-evaluate your internet behavior. If you are a torrent fan, you may have picked something up there. I would recommend in the future to install something like Virtual Box and build a nifty linux Virtual machine. Then run your internet surfing from there.