Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


some kind of sneaky malware

  • This topic is locked This topic is locked
2 replies to this topic

#1 hopacIT


  • Members
  • 5 posts
  • Local time:12:47 AM

Posted 19 January 2010 - 08:14 AM

MOVED TO Malware Forum - Sorry. Misposted!


We are a school with somewhere around 60 computers and hundreds of users. We've had some kind of malware infection for the last couple of weeks we can't seem to get rid of. We believe is it mostly floating about on flash drives, but it is probably going around via the network as well. Here are a few facts.

We run Sophos on every machine that updates via server proxy daily. (this hasn't been updating properly, but is no older than a week)

We've run Malwarebytes with the most current definitions many times on almost all the computers

We've also run SuperAntiSpyware many times with updated definitions.

Some evidence of virus is: flash drives automatically have shortcuts to the following folders: documents, music, pictures, etc. along with a text file with a target to the flash drive to some file that doesn't exist. usually something like J:/siouqi.scr

Mostly flash drives aren't able to eject properly, they show up weird in My Computer sometimes as folders instead of drives.

We think it's effecting internet speed somehow but aren't savvy enough with network monitors to tell for sure.

I'm not sure how else to describe it, but I'm happy to answer any questions.

Below is a short list of just a very few of the file names that have popped up in scans:

A0027523 - agent-ink
KsDDdj - krap-I
fLUbAk. mal/tdsspk-c
XkQVbk - generic-a

Any help would be greatly appreciated!


Edited by hopacIT, 19 January 2010 - 08:18 AM.

BC AdBot (Login to Remove)


#2 starcraftmaster


  • Members
  • 1,109 posts
  • Gender:Male
  • Location:australia
  • Local time:08:47 AM

Posted 19 January 2010 - 08:37 AM

this is a huge school we talking about

not sure if bleeping computer should be trying to help as 60 computers could be infected and teachers and students files could be destoryed

you should disconnect the internet intill you fixed the problem

Edited by starcraftmaster, 19 January 2010 - 08:38 AM.

#3 Animal


    Bleepin' Animinion

  • Members
  • 35,905 posts
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:01:47 PM

Posted 19 January 2010 - 01:05 PM

With assistance being rendered in the properly posted topic, this one is closed to avoid confusion.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)

A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)

"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)

Follow BleepingComputer on: Facebook | Twitter | Google+

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users