I purchased the laptop, in question, running Windows 7 Professional, 64-bit, from an individual, and I have not wiped and reloaded the operating system, like I usually do. While using the computer recently, I saw a new folder in the root folder of my C: drive named "Xtransfers46". Inside the folder are files named, "concentration recovery kneel knew.xls", "departments_flatten_foam.doc", "editorial might fear.sql", "fashion_improved.rtf", "followed-desperately.pem", "hung_dallas_recognition_widely.docx", "rolled reactionary joe vianna.xlsx", "tiny_indian_trpic_secure.mdb", "verbal-religion.jpg", and "vocational.several.txt". Once I discovered these files, and recognized them as suspicious, I deleted them to the recycle bin, and then emptied the recycle bin. The folder reappears soon afterwards, although I am unsure when, if that occurs after a reboot or some other event. When the "Xtransfers46" reappeared, I zipped all the files into a archived folder and deleted them and emptied the recycle bin. I am not sure why I did that, but I wanted to see if I could manipulate the folder, and see how the folder and contents would respond to this manipulation. The folder, "Xtransfers46" reappeared in the root folder.
Some time later, I observed two new users in the Windows Users folder. I had previously turned on "Show hidden files, folders and drives" so that I could see anything hidden. These new users folders,"Akcha" and "V28mwf", are marked "hidden" and "Read-only".
I have several computers connected to my home network. After suspecting that the original laptop (laptop #1) was infected, I began to check other computers which are connected to my network. Laptop #2 shows two new Users, "Ak77wu" and "Ugscyt". These folders are marked Read-only, but NOT hidden. The root folder of laptop #2 contains "Ximages5" folder, with contents similar to laptop #1, but include files with unique names, "classify mathematical worse.rtl", "cogent.increasing.conference.lead.mdb", etc. Looking further, desktop #1 has the mysterious folder in the root folder, but does not have the hidden users. This computer is only on the network for a limited period, and not every day. Laptop #3 is infected and has the two new Users, and the new folder in the root folder.
So, I am in trouble. I am familiar with most of the software on Bleeping Computer, and have used most of them at one time or other, to clean and restore infected computers, Malwarebytes Anti-rootkit & Anti-malware, Spybot S&D, HitmanPro, AdwareCleaner, JRT, Rkill, Ransom Free, etc. Today, however, I am not familiar with the malware which is visiting my computers, nor do I know how to invite it to leave. I welcome the assistance of those who are willing to rescue and restore my computers to normal, and I thank you for your help in advance.