Posted 21 July 2010 - 10:14 PM
Hi guys, I am a network admin and have just got an infection on the network which seems to be infecting shared drives.
I have found some suspicious files called " QEIOYE.EXE" and "YEMIK".
Some of the behaviour seems, the share folders that it attaches to are turned into hidden System Folders so you can't see them anymore if you go to the sharefolder location on the server, however you can access the shared folders if you do it by accessing them via their Mapped Drive icon shortcuts.
Then inside there seems to be a lot of weird Shortcut folders and strange files in them. Then if you click on one it infects the client computer you are on and all sorts of malware starts to appear.
The two strane files I mentioned above are located in the Shared folders.
I have looked on the web , but there is limited info on these infections.
Can anyone help or suggest anything.