February 12, 20233 yr Hi, I saw on one of my NTFS a folder F:\_Company\Windows\Windows\Windows\Windows\Windows\Windows\Windows\Windows\Windows\Windows\Windows\Windows\Windows\\< some Chinese hieroglyphs> But then it disappeared without a trace. Maybe because I turned On a bunch security systems. How do I Forensics this thing ? Thank you.
February 13, 20233 yr Author I noticed the weird 260+ character directory when I was doing data migrate with MultiCommander. The App asked whether to keep the 260+ long character name.. I was annoyed AF and didnt screeshot that MF. I tried a bunch of tools to look at the filesystem and even r-studio, didn't find anything on the filesystem. It could have been a problem with the app or a problem with a DLL module in the system. Since them I killed 5-6 unused low-trust modules and drivers. Since this is Win you can't scratch your balls without running some low trust app that leaves behind some crap. The other problem with the system is that when I switch to an App such as MultiCommander, explorer.exe restarts with mui xml error in the eventlog. The 4x security systems detect nothing suspicious. No data loss or corruption thankfully. No client or company or sensitive data leak either, I think. that is protected AF in some weird ways.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.