GRRRRRRR Posted February 12, 2023 Share Posted February 12, 2023 Hi, I saw on one of my NTFS a folder F:\_Company\Windows\Windows\Windows\Windows\Windows\Windows\Windows\Windows\Windows\Windows\Windows\Windows\Windows\\< some Chinese hieroglyphs> But then it disappeared without a trace. Maybe because I turned On a bunch security systems. How do I Forensics this thing ? Thank you. Quote Link to comment
GRRRRRRR Posted February 13, 2023 Author Share Posted February 13, 2023 I noticed the weird 260+ character directory when I was doing data migrate with MultiCommander. The App asked whether to keep the 260+ long character name.. I was annoyed AF and didnt screeshot that MF. I tried a bunch of tools to look at the filesystem and even r-studio, didn't find anything on the filesystem. It could have been a problem with the app or a problem with a DLL module in the system. Since them I killed 5-6 unused low-trust modules and drivers. Since this is Win you can't scratch your balls without running some low trust app that leaves behind some crap. The other problem with the system is that when I switch to an App such as MultiCommander, explorer.exe restarts with mui xml error in the eventlog. The 4x security systems detect nothing suspicious. No data loss or corruption thankfully. No client or company or sensitive data leak either, I think. that is protected AF in some weird ways. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.