Share via

VM Azure cloud logins, system32 files dated same across devices +++

Anonymous
2024-02-06T14:49:32+00:00

Hello,

I'm having a strange episode with 3 windows devices of mine, hope you can help...

1x desktop windows 10

2x laptops windows 11

Recently I have noticed each device is now a virtual machine with a hypervisor.

I'm pretty sure when I bought them, that they were not virtual, could they have been?

I'm getting information that my different accounts local and 1 Microsoft, are being accessed via the cloud which I have not authorised ofc and knew nothing about until recently.

Settings / accounts now show options to view what is accessible via my "work or school account" I have never had either a work or school account, this is my home, and my personal devices? What does that mean?

System internals Load0RD and pspipelist show interesting results, looks like a bootkit virus that Kaspersky tdskiller can't load it's driver for and BSODs, furthermore most of the other cmds available won't open at all as if they have been blocked?

There are devices booting with isci / drives and strangely one apple SSD device? I know right...

Windows c:\ appdata folder has lots of notes about my WiFi router etc which is a virgin hub but looks to be now running Linux? Can't find any info online about that, maybe they are Linux? Can the firmware be changed remotely like that?

Windows it's self shows that it is 11 sometimes, others it's windows 10 or NT.

Is it possible someone or something has accessed my devices remotely and installed something to virtualize each one on the sly? Why would anyone do that?

What does it mean? Should I be worried about my data / accounts and passwords?

There is more but, I'm just waffling now....hopefully you get the idea.

Many thanks!

Windows for business | Windows Client for IT Pros | Storage high availability | Virtualization and Hyper-V

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2024-02-08T05:19:35+00:00

    Hi P R6,

    Do you mean the Hyper-V feature is currently enabled on all the three machines? If you are sure the feature was not enabled when you bought them, it was supposed to be turned on by someone. This can be done remotely but the administrator privileges are required.

    The work or school account is a way to enable personal devices to access work resources. You can check the work or school account here.

    My Account (microsoft.com)

    I recommend taking immediate steps to secure your devices and data. This includes running antivirus scans, changing your passwords, and enabling two-factor authentication on your accounts. You may also want to consider resetting your devices to their factory settings to remove any unwanted software or virtual machines.

    For the BSOD issue, it is recommended to make a new post it in the Windows Client for IT Pros / Performance forum.

    Was this answer helpful?

    0 comments