We are a school with somewhere around 60 computers and hundreds of users. We've had some kind of malware infection for the last couple of weeks we can't seem to get rid of. We believe is it mostly floating about on flash drives, but it is probably going around via the network as well. Here are a few facts.
We run Sophos on every machine that updates via server proxy daily. (this hasn't been updating properly, but is no older than a week)
We've run Malwarebytes with the most current definitions many times on almost all the computers
We've also run SuperAntiSpyware many times with updated definitions.
Some evidence of virus is: flash drives automatically have shortcuts to the following folders: documents, music, pictures, etc. along with a text file with a target to the flash drive to some file that doesn't exist. usually something like J:/siouqi.scr
Mostly flash drives aren't able to eject properly, they show up weird in My Computer sometimes as folders instead of drives.
We think it's effecting internet speed somehow but aren't savvy enough with network monitors to tell for sure.
I'm not sure how else to describe it, but I'm happy to answer any questions.
Below is a short list of just a very few of the file names that have popped up in scans:
A0027523 - agent-ink
KsDDdj - krap-I
XkQVbk - generic-a
Any help would be greatly appreciated!
Edited by hopacIT, 19 January 2010 - 08:18 AM.