NEW Folders Suddenly Appearing with Asian Charactors

Hi There,

We are company of 55 and I am the sole IT staffer, responsible for all systems and workstations.

This morning, a user called me up to say he noticed three oddly named folders appear on his C: drive. I've attached a screenshot. Any one seen this before? I'm running scans as i send this out.

Thanks,
Steve
chinese.jpg
shood4012IT ManagerAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Muhammad BurhanManager I.T.Commented:
seems your workstations are compromised.
remove workstation one by one from the network with thorough scan.
and place them back after scanning
DLeaverCommented:
It would certainly suggest an infection - ensure that users PC is removed from the network during the scan to avoid them sharing this infection any way.

If you have a centralised solution which has on access scanning then I would review it for any alerts and schedule in a scan for all devices when possible.
John StephensCommented:
It is certainly a virus. Remove that PC from network and scan it, before whole network will be  infected.
P.S.And it's not hieroglyphs, it's lil' dancing humans
Need More Insight Into What’s Killing Your Network

Flow data analysis from SolarWinds NetFlow Traffic Analyzer (NTA), along with Network Performance Monitor (NPM), can give you deeper visibility into your network’s traffic.

shood4012IT ManagerAuthor Commented:
Hi All,

Thanks for replies, much appreciated.

I ran three scans on the PC:
1. Malwarebytes 2. Sophos Removal Tool 3. BitDefender (BitDefender is the Endpoint for all of our Desktops)..

All three scanners came back clean. Thoughts anyone?

Thanks.
Steve
DreyeIT AdministratorCommented:
Just a quick thought, have you checked to see if anything was installed on his PC recently? Maybe some type of 3rd party software?
shood4012IT ManagerAuthor Commented:
Adobe Flash Player update is only 3rd party software installed lately, was done 2 days ago by user.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
bbaoIT ConsultantCommented:
you haven't mentioned the version of the problematic computer. i believe it is Windows OS, is any Asian language enabled on the system under Control Panel > Regional and Language Options (or similar option)?

is System Restore enabled on the machine? if yes, ever tried simply restoring the system back to the last-known good point?
David AndersTechnician Commented:
There are more than several bogus flash player downloads on the internet.
Packages that install other things as well as the player.
http://mywot.com  can help avoid this.
maxchowCommented:
To me, it looks more like a shift in unicode character.

The so called chinese characters is meaningless in chinese, it seems the characters are shown as a bit shift from "spaces".

Check harddisk error could be more appropriated.

Max
John StephensCommented:
Try to run Quihoo 360 Total Security antivirus. It's chinese, and it may help
bbaoIT ConsultantCommented:
Try to run Quihoo 360 Total Security antivirus. It's chinese, and it may help
for first time to see an EE member recommending a Qihoo 360 product, not sure you have actually used it or not. :-)

however, if you know how Qihoo works, how it does in China and especially the recent testimonial (classified but accidentally disclosed) issued by a Chinese national security authority for their contribution in helping the government monitor those millions of computers with 360 installed, you would be surprised and change your mind.

if you can read Chinese, you might be interested in reading the photocopy of the testimonial letter dated 9 Sept 2015.
bbaoIT ConsultantCommented:
do you mean once Flash Player was removed, the problem was gone?

any comments to my questions please?
shood4012IT ManagerAuthor Commented:
Seems to be related to flash
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Security

From novice to tech pro — start learning today.