|Hi people, am hoping someone might recognise these symptoms as a virus and know what to do! Friend of mine's business has just been hit by something but I can't work out what it is. Symptoms are:|
- Periodically (every 30-60 minutes or so), around 40 pages are sent to every printer on every computer on the network (even shared printers). The printed pages are related to porno sites. The print jobs are listed as both "Remote Downlevel Document" owned by the Guest account, and "Local Downlevel Document" which is owned by the local user.
- Some computers (but not all) on the network have multiple directories created (in C: and in C:\ sub directories and possibly other locations), all called "-= Porn Collection =-" which contain screenshots and links to porno websites.
I've done lots of googling and I can't find any reference to what this virus might be. The only reference to a virus that submits print jobs I can find is BugBear but it doesn't seem to have the porn collection and that was around about 5 years ago so you'd think modern AV software would pick it up (all these computers have updated AV software on them btw!)
Can anyone help???