What kind of bug is this?

LT72884

Well-Known Member
Computer froze, then 3 minutes later. This was on my screen....


Sent from my SM-S920L using Tapatalk
 


livix07

Well-Known Member
What makes you believe it is just a Bug and not malware?
 


LT72884

Well-Known Member
Nothing really. I have seen this as a virus and malware before.

Have you seen this before?

Im runnimg spybot at the moment to see if it finds anything. Tried a system restore but its borked because ever since update 1803, system reatore fails due to onedrive.

Tha ks
 


livix07

Well-Known Member
Have you scanned the computer with an antivirus in Safe Mode?
That's what I would do just to make sure it isn't malware.
 


Neemobeer

Windows Forum Team
Staff member
I can't really read the directory names, but some thoughts about what it could be. (I've never seen a bug do this)

  • You accidentally did a select all/copy paste of directories somewhere to your desktop
  • Malware ( probably unlikely not much to gain from creating a bunch of directories)
  • Jokeware (don't know if that's a term but I'm using it) software that just does something silly like that
  • You extracted the content of an archive on the desktop
  • Some application had it's temp location changed to your desktop (possible if the %temp% environment variables were changed)
 


LT72884

Well-Known Member
All directory names are in korean which i do not know haha. I know what you mean with yhe copy paste but The only thing i was doing, i was watching youtube, the video went blank, so i natuarally thought it was my gpu driver misbehaving, then pc froze up, then all of a sudden, 2532 directories were all there haha.

First thought was someone snuck into my ssh server but no logs of access. I can check again, unless they deleted them. But my ssh is pretty locked down.

Thanks
 


LT72884

Well-Known Member
Ok, so after a malware and spyware scan, it still happened. So this time i turned off my ssh server, and so far nothing has happened.

I wonder if it was a hacker? I could see that but i had my ssh pretty locked down and nothing showed up in logs...probably because he deleted them, but i watched all the directories start apparing and no one had an active session on ssh. So strange

I have only one account and it has no shell access, no run, not on port 22, has very strong password and no anom access
 


Neemobeer

Windows Forum Team
Staff member
Changing the port of a ssh server is pointless a simple banner grab can determine its ssh. You should implement fail2ban as well as 2 factor authentication. Password and certificate required
 


LT72884

Well-Known Member
Yeah, i agree. Its just habbit haha. I read tthe nmap project writen by the creator of nmap and thats when i figured that a port change does nothing.

Ill have to check to see if the free version of bitvise has the option for key and password. As of now, its just a password with a mixture of charactors. It would take a while for a pc to come up with this mix of charactors.

I still dont know if thats what was causing the issue, but it sure feels like it haha.

For now i have it off, and in a few hours ill check it all again.

Thanks for the list of softwares to install
 


LT72884

Well-Known Member
Awesome, thank you:) i have messed around with that, but never found an option to use both a password and key. Its either one or the other. I was hoping for dual authentication, but its better than nothin haha

Ill turn this option back on sonce it is more secure than just a user and pass that i thought was a dang good passwork haha.
 


LT72884

Well-Known Member
My password should take 57535 years to crack haha if a brute force attacker was trying. But that doesnt mean they cant gain access another way via ssh because i have some setting ignored
 


davehc

Essential Member
Premium Supporter
I am not a top rated computer expert, by anyones imagination. But, I am , from choice, the "caretaker of the computers of most of my family and friends.
Several of these are "no longer young", and a principal problem is the forgetting of passwords into their computers.
The password , whether face: word or key, will only prevent nosey and local snoopers from looking at your data. It is a simple process to bypass it and look at the contents of the hard disk.
 


LT72884

Well-Known Member
I am not a top rated computer expert, by anyones imagination. But, I am , from choice, the "caretaker of the computers of most of my family and friends.
Several of these are "no longer young", and a principal problem is the forgetting of passwords into their computers.
The password , whether face: word or key, will only prevent nosey and local snoopers from looking at your data. It is a simple process to bypass it and look at the contents of the hard disk.
Lol, as soon as you said this, it clicked in my head of how they got in. I just got home from work and looked at account settings. I have an old test account with a 4 letter password hahaha. I just removed that account haha. Going to turn server back on
 


LT72884

Well-Known Member
Ok, so my ssh server is now using password AND keys. However, tonight, i jad the server off and the folders came back. I hurried and unplugged wifi and even after 2 minutes of no internet, the empty folders came back. So far its been isolayed to my 3d printing folder on my onedrive dirextory. Im in safe mode now using spybot. Anything else i should check? Thanks. Hope no trojans or backdoors were installed or a keylogger haha
 


LT72884

Well-Known Member
Ok, so after the scan in safe mode. No go. It seems to me that anytime i open a folder on my local onedrive directory, it just starts creating them. I have scaned the files on my one drive and no issues. Its driving me crazy. They are always empty to
 


This website is not affiliated, owned, or endorsed by Microsoft Corporation. It is a member of the Microsoft Partner Program.
Top