Link to home
Start Free TrialLog in
Avatar of Steve Hood
Steve HoodFlag for Canada

asked on

NEW Folders Suddenly Appearing with Asian Charactors

Hi There,

We are company of 55 and I am the sole IT staffer, responsible for all systems and workstations.

This morning, a user called me up to say he noticed three oddly named folders appear on his C: drive. I've attached a screenshot. Any one seen this before? I'm running scans as i send this out.

Thanks,
Steve
chinese.jpg
Avatar of Muhammad Burhan
Muhammad Burhan
Flag of Pakistan image

seems your workstations are compromised.
remove workstation one by one from the network with thorough scan.
and place them back after scanning
It would certainly suggest an infection - ensure that users PC is removed from the network during the scan to avoid them sharing this infection any way.

If you have a centralised solution which has on access scanning then I would review it for any alerts and schedule in a scan for all devices when possible.
Avatar of John Stephens
John Stephens

It is certainly a virus. Remove that PC from network and scan it, before whole network will be  infected.
P.S.And it's not hieroglyphs, it's lil' dancing humans
Avatar of Steve Hood

ASKER

Hi All,

Thanks for replies, much appreciated.

I ran three scans on the PC:
1. Malwarebytes 2. Sophos Removal Tool 3. BitDefender (BitDefender is the Endpoint for all of our Desktops)..

All three scanners came back clean. Thoughts anyone?

Thanks.
Steve
Just a quick thought, have you checked to see if anything was installed on his PC recently? Maybe some type of 3rd party software?
ASKER CERTIFIED SOLUTION
Avatar of Steve Hood
Steve Hood
Flag of Canada image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
you haven't mentioned the version of the problematic computer. i believe it is Windows OS, is any Asian language enabled on the system under Control Panel > Regional and Language Options (or similar option)?

is System Restore enabled on the machine? if yes, ever tried simply restoring the system back to the last-known good point?
There are more than several bogus flash player downloads on the internet.
Packages that install other things as well as the player.
http://mywot.com  can help avoid this.
To me, it looks more like a shift in unicode character.

The so called chinese characters is meaningless in chinese, it seems the characters are shown as a bit shift from "spaces".

Check harddisk error could be more appropriated.

Max
Try to run Quihoo 360 Total Security antivirus. It's chinese, and it may help
Try to run Quihoo 360 Total Security antivirus. It's chinese, and it may help
for first time to see an EE member recommending a Qihoo 360 product, not sure you have actually used it or not. :-)

however, if you know how Qihoo works, how it does in China and especially the recent testimonial (classified but accidentally disclosed) issued by a Chinese national security authority for their contribution in helping the government monitor those millions of computers with 360 installed, you would be surprised and change your mind.

if you can read Chinese, you might be interested in reading the photocopy of the testimonial letter dated 9 Sept 2015.
do you mean once Flash Player was removed, the problem was gone?

any comments to my questions please?
Seems to be related to flash