NEW Folders Suddenly Appearing with Asian Charactors

Hi There,

We are company of 55 and I am the sole IT staffer, responsible for all systems and workstations.

This morning, a user called me up to say he noticed three oddly named folders appear on his C: drive. I've attached a screenshot. Any one seen this before? I'm running scans as i send this out.

Thanks,
Steve
chinese.jpg
shood4012IT ManagerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Muhammad BurhanManager I.T.Commented:
seems your workstations are compromised.
remove workstation one by one from the network with thorough scan.
and place them back after scanning
1
DLeaverCommented:
It would certainly suggest an infection - ensure that users PC is removed from the network during the scan to avoid them sharing this infection any way.

If you have a centralised solution which has on access scanning then I would review it for any alerts and schedule in a scan for all devices when possible.
0
John StephensCommented:
It is certainly a virus. Remove that PC from network and scan it, before whole network will be  infected.
P.S.And it's not hieroglyphs, it's lil' dancing humans
0
How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

shood4012IT ManagerAuthor Commented:
Hi All,

Thanks for replies, much appreciated.

I ran three scans on the PC:
1. Malwarebytes 2. Sophos Removal Tool 3. BitDefender (BitDefender is the Endpoint for all of our Desktops)..

All three scanners came back clean. Thoughts anyone?

Thanks.
Steve
0
DreyeIT AdministratorCommented:
Just a quick thought, have you checked to see if anything was installed on his PC recently? Maybe some type of 3rd party software?
0
shood4012IT ManagerAuthor Commented:
Adobe Flash Player update is only 3rd party software installed lately, was done 2 days ago by user.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
bbaoIT ConsultantCommented:
you haven't mentioned the version of the problematic computer. i believe it is Windows OS, is any Asian language enabled on the system under Control Panel > Regional and Language Options (or similar option)?

is System Restore enabled on the machine? if yes, ever tried simply restoring the system back to the last-known good point?
0
David AndersTechnician Commented:
There are more than several bogus flash player downloads on the internet.
Packages that install other things as well as the player.
http://mywot.com  can help avoid this.
0
maxchowCommented:
To me, it looks more like a shift in unicode character.

The so called chinese characters is meaningless in chinese, it seems the characters are shown as a bit shift from "spaces".

Check harddisk error could be more appropriated.

Max
0
John StephensCommented:
Try to run Quihoo 360 Total Security antivirus. It's chinese, and it may help
0
bbaoIT ConsultantCommented:
Try to run Quihoo 360 Total Security antivirus. It's chinese, and it may help
for first time to see an EE member recommending a Qihoo 360 product, not sure you have actually used it or not. :-)

however, if you know how Qihoo works, how it does in China and especially the recent testimonial (classified but accidentally disclosed) issued by a Chinese national security authority for their contribution in helping the government monitor those millions of computers with 360 installed, you would be surprised and change your mind.

if you can read Chinese, you might be interested in reading the photocopy of the testimonial letter dated 9 Sept 2015.
0
bbaoIT ConsultantCommented:
do you mean once Flash Player was removed, the problem was gone?

any comments to my questions please?
0
shood4012IT ManagerAuthor Commented:
Seems to be related to flash
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Security

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.