Guess I've been outshined by Eset xDSatfoun wroteYeah its at ours also ( Balamand)
I have Eset smart security, and it has always caught that virus, and all the files appeared
Bye bye worms! Hello files!
for me, Eset erases the virus but the files don't appearBrownies wroteGuess I've been outshined by EsetSatfoun wroteYeah its at ours also ( Balamand)
I have Eset smart security, and it has always caught that virus, and all the files appeared
yes we had that at AUST on every PC but i think a simple show hidden and system files would show your files .. it is a good thing the worm doesn't delete your files :) thx for sharing bro this will help many people :)
I use usbfix... 2 min ..cleans everything and returns everything..also adds a log with the virus signature ..etc for investigation
Interesting. I may look into that!Stygmata wroteI use usbfix... 2 min ..cleans everything and returns everything..also adds a log with the virus signature ..etc for investigation
I've never encountered this problem at AUB. Who's spreading this worm?
I guess one idiot got infected and went around infecting university computers and such.tt400 wroteI've never encountered this problem at AUB. Who's spreading this worm?
And no one really takes care of university computers. So they're a host for viruses.
AUB is actually under constant attack due to the very large network and because of old systems around campus (windows xp on many PCs) also the lack of a good antivirus .. but the IT team is vigilant and that is why you don't see many spread of viruses
4 days later
Just some notes.Brownies wroteI don't know about other universities around here, but if you're a student at NDU, then you've obviously experienced the feeling of dread once you plug your USB into the computer and see that your files are gone.
Long story short; it's a worm. I was really frustrated with this happened all the time and my antivirus would either (1) find the virus but not display the files or (2) not find any virus at all. So I basically made this small batch file which then turned into an executable.
It cleans the virus, displays all your hidden files, disinfects the hard drive/USB (as well as the infected computer) and deletes all the virus junk files (this feature hasn't been fully tested yet).
It's a very simple program but still useful! Don't expect this amazing program that shoots laser beams and does your homework for you. It's pretty basic but effective.
Here's the download link if you're interested:And you can read more about these types of worms. For example:https://onedrive.live.com/redir?resid=1C907597FCF4B91C!204&authkey=!AIsytnNBEWmSwck&ithint=file%2cziphttp://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=Worm:VBS/Jenxcus.K#tab=1
First of all, in these kinds of communities ( mostly technical ones ), don't post executables of your tools without the source code. Nobody would trust an executable no matter what you say about it. Secondly, use hashes (md5 or sha) for file integrity. File size is not always 100% reliable.
Still plugging around USB sticks like there is no tomorrow?
- Edited
Good point. Though, I will not post the source code.NoReGreT wrote Just some notes.
First of all, in these kinds of communities ( mostly technical ones ), don't post executables of your tools without the source code. Nobody would trust an executable no matter what you say about it. Secondly, use hashes (md5 or sha) for file integrity. File size is not always 100% reliable.
Feel free to
1. Scan with VirusTotal.com or any other online scanners.
2. Open the EXE in a sandboxie
3. Check for any possible outgoing or incoming connections the EXE might send while in the sandboxie. (SPOILER: There are none.)
Though I have to bring to light that the EXE was compiled using a packer. So there might be *some* false positives (such as "Packed/MPress" or "BehavesLike.______").
Thanks for your input!
EDIT: Here's an old scan of when the program was in Beta:
https://www.virustotal.com/en/file/3b4668fc8ec5e22c1907b2d60ff12c1d29741ac495f10e691ad7c25735d535f9/analysis/1415259289/