Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Weird Folders in windows 10 Drives


  • Please log in to reply
1 reply to this topic

#1 Mutahhar

Mutahhar

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:04:40 PM

Posted 04 February 2017 - 03:26 AM

Today while investigating the frequent freeze of my windows 10 machine I found some mysterious folders in each of my drive containing some files. Folders are hidden and readonly. Most of these files do not open but some files open but have text not understandable.
 
like in 
 
C Drive contains
 
Folder name : Xstorage172
Contains Files
  • arrange-meaning.rtf 
  • gave-thick-found-shopping.pem
  • independenceplasterbombers.docx 
  • jointhumblelendreplacement.mdb
  • laboratory complement amongst manufacturer.sql 
  • mike-changes.txt
  • one_pursue_degree_succeeded.jpg 
  • screw.chamber.quantity.divide.xlsx
  • touch_guess_goal.doc UOA1ao6zzjvk.xls
                                                                                                                    
 
D Drive contains two folders
 
Vcaches191 and ysystem45
 
Vcaches191 folder contains Files
  • accordingly_person_nato_spectrum.xlsx
  • clubs.production.confirmed.therefore.doc 
  • CSW.docx detriment education deck focus.rtf 
  • devil_numerous_higher.jpg 
  • innovationyork.txt 
  • interviews consequent sword bearing.xls 
  • receive_relatively.mdb
  • resistance.dominated.processes.pem 
  • rope visual voting.sql
 
and  ysystem45 folder contains files
 
  • 8EAo.xlsx 
  • coefficient.language.race.pem 
  • completelywindsadult.mdb
  • dense annoy species.docx 
  • graduatecumbersome.xls 
  • lift formerlyorder.txt 
  • LKZlHp2Fyq1.rtf 
  • swept-males-snakes.jpg 
  • whereas furnish want.doc 
  • xbP3GhRM.sql
 
See the pattern? Each folder have same type of files but with different names.
Is this some kind of virus or malware???


BC AdBot (Login to Remove)

 


#2 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:40 PM

Posted 04 February 2017 - 08:48 AM

I suggest you take a look at this post:

 

https://www.bleepingcomputer.com/forums/t/638875/rogue-folder-and-file-on-hardisk/

 

Looks very similar to your problem.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users