D
Dave Hill
JoinedJan 28, 2017Messages3Reaction score1
- Jan 28, 2017
- #1
W10 Pro 64 bit latest update has been showing Random folders with 10 different files appearing at random times, each folder has a name like Xwrap89 or Adate30 and files with files like these :-
Ca9Skve.jpg
deed_ignore_attach_difficulties.txt
HibZg.xlsx
katanga-walk-previously.doc
They will not open and the folder size is around 1.5mb
Kapersky, SpyBot, Malwarebytes, 1Obit suite all show nothing wrong
Google shows nothing like this, can anyone please shed some light?
Regards Dave Hill
Ca9Skve.jpg
deed_ignore_attach_difficulties.txt
HibZg.xlsx
katanga-walk-previously.doc
They will not open and the folder size is around 1.5mb
Kapersky, SpyBot, Malwarebytes, 1Obit suite all show nothing wrong
Google shows nothing like this, can anyone please shed some light?
Regards Dave Hill
Reply
Ian
Administrator
JoinedOct 27, 2013Messages1,729Reaction score627
- Jan 28, 2017
- #2
Considering the way the files are named [plus extensions], I would strongly suggest that something nefarious is doing this. They sound like they were intentionally generated with random names and extensions to mislead, rather than as temporary files.
The only other thing I can think of is that these are honeytrap files from anti-malware software. Are you using anything like RansomFree?
The only other thing I can think of is that these are honeytrap files from anti-malware software. Are you using anything like RansomFree?
Reply
D
Dave Hill
JoinedJan 28, 2017Messages3Reaction score1
- Jan 28, 2017
- #3
Thank you Ian for replying so quickly.
Yes I have coincidentally installed a program called Cybereason [RansomFree]!
What would a honey trap be in this context then?
David
Yes I have coincidentally installed a program called Cybereason [RansomFree]!
What would a honey trap be in this context then?
David
Reply
D
Dave Hill
JoinedJan 28, 2017Messages3Reaction score1
- Jan 28, 2017
- #4
Ian, now that you have given me a pointer I have googled again and read this:-
This application also creates a few specially-crafted documents and places them in various locations on your computer so that it can offer you a higher level of protection.
Although you can safely ignore these files, if you decide to delete them, it might have an adverse impact on the application's efficiency as a ransomware prevention tool.
Me thinks you might be right.
This application also creates a few specially-crafted documents and places them in various locations on your computer so that it can offer you a higher level of protection.
Although you can safely ignore these files, if you decide to delete them, it might have an adverse impact on the application's efficiency as a ransomware prevention tool.
Me thinks you might be right.
Reply
Ian
Administrator
JoinedOct 27, 2013Messages1,729Reaction score627
- Jan 28, 2017
- #5
Yep, that looks like the culprit then
Grizzly
JoinedOct 26, 2016Messages2,243Reaction score670
- Jan 28, 2017
- #6
I have looked at the description on majorgeeks.com and this is legit ....
I can imagine that those files may be used as bait for ransomware but that is just a guess.....
I can imagine that those files may be used as bait for ransomware but that is just a guess.....
Reply