tag:blogger.com,1999:blog-606282676955748155.post2140648080196892111..comments2024-02-28T04:06:30.612+01:00Comments on Blaze's Security Blog: Remediate VBS malwareBarthttp://www.blogger.com/profile/18326761248866196755noreply@blogger.comBlogger27125tag:blogger.com,1999:blog-606282676955748155.post-17650624986047906112020-08-21T21:30:01.301+02:002020-08-21T21:30:01.301+02:00Sure, go ahead - just mention this blog post as re...Sure, go ahead - just mention this blog post as reference.Barthttps://www.blogger.com/profile/18326761248866196755noreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-22297208412192439392020-07-05T15:50:13.548+02:002020-07-05T15:50:13.548+02:00We can add this software on our website https://ww...We can add this software on our website https://www.iwindowsgeek.com.<br /><br />A reply in that matter will be great.<br /><br />RegardsiGetEmojihttps://www.blogger.com/profile/12736556676734980266noreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-64763403140254260702017-06-16T22:19:07.307+02:002017-06-16T22:19:07.307+02:00Hi Marie,
Happy to hear it solved your problem!
...Hi Marie,<br /><br />Happy to hear it solved your problem!<br /><br />Which version are you using? Can you post the contents of <br />C:\Rem-VBSworm.log please?<br /><br />To solve the "errorlog.txt", open Task Manager, go to the startup tab, and disable it there.<br /><br />Regards<br />BartBarthttps://www.blogger.com/profile/18326761248866196755noreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-32802319770819968192017-06-13T04:32:16.684+02:002017-06-13T04:32:16.684+02:00Hi Bart,
thank you alot for this software
unfortun...Hi Bart,<br />thank you alot for this software<br />unfortunately i suddenly cosed is witout using the "Q" option, and that caused a "errorlog.txt" bloc note to open every time i turn on my pc ://<br />how can i correct htis problem ?<br />thank youmarienoreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-25075806624475386522016-06-18T23:50:51.531+02:002016-06-18T23:50:51.531+02:00Hi Steffen,
As said earlier, this issue is fixed ...Hi Steffen,<br /><br />As said earlier, this issue is fixed in the latest version (8.0), which is also on Fosshub:<br />http://www.fosshub.com/Rem-VBSworm.html<br /><br />Cheers!<br />BartBarthttps://www.blogger.com/profile/18326761248866196755noreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-61042653591436782612016-06-03T21:26:50.598+02:002016-06-03T21:26:50.598+02:00Hi Bart,
I downloaded your tool here to my hdd (D...Hi Bart,<br /><br />I downloaded your tool here to my hdd (D:\Downloads) and after selecting option "A" all content of D:\Downloads was deleted :-(<br />So it was not executed on a removable disk... <br />And sorry, I have no log (any more).<br />But thanks for rescuing my usb-stick never the less! <br /><br />Best regards<br />SteffenAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-22197275552445197752016-06-03T14:25:31.753+02:002016-06-03T14:25:31.753+02:00Hi Anonymous,
Yesterday-evening I was able to rep...Hi Anonymous,<br /><br />Yesterday-evening I was able to reproduce the issue. It seems to happen when executing the tool from a removable drive and in some rare cases it fails to properly change directory.<br /><br />I have solved this in the next version (8.0), which will be released on Monday.<br /><br />Thanks for your help.<br /><br />Regards<br />BartBarthttps://www.blogger.com/profile/18326761248866196755noreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-69798584230402824272016-05-27T11:10:22.622+02:002016-05-27T11:10:22.622+02:00Hi,
That's indeed a valid mirror, albeit I ne...Hi,<br /><br />That's indeed a valid mirror, albeit I need to update the version there (current is 7.0.0).<br /><br />I will try next week to reproduce the behaviour you reported and implement a fix if necessary.<br /><br />Thanks again for the report and apologies for any inconvenience caused,<br /><br />Regards<br />BartBarthttps://www.blogger.com/profile/18326761248866196755noreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-38478765741450034462016-05-24T22:10:07.047+02:002016-05-24T22:10:07.047+02:00Hi!
I downloaded here:
http://www.fosshub.com/Rem...Hi!<br /><br />I downloaded here:<br />http://www.fosshub.com/Rem-VBSworm.html<br /><br />I executed on SSD<br />(I use this SSD as a temporary folder for download, upload, conversion, ...)<br /><br />This is a Samsung SSD 850 Pro 256GB (F:\)<br /><br />I had doubts about a infection. I downloaded it and choose option A. After that, there was only the tool and a current download file, on the SSD!<br /><br />Sorry, I deleted the log. I tried to use Wise data recovery and a tool called "Restoration" but I did not insist...Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-20641827371028271572016-05-17T09:29:59.245+02:002016-05-17T09:29:59.245+02:00Hey Anonymous,
Apologies for the delay, but both ...Hey Anonymous,<br /><br />Apologies for the delay, but both your comments (I'm guessing your earlier one was yours) ended up in spam, which I don't check too often.<br /><br />I have never heard or encountered this issue with my tool before. Can you give me some more information to see how this could have happened?<br /><br />a) Where did you download my tool from?<br />b) Where did you execute the tool from? (Desktop, Downloads, ...)<br />c) Can you give me the specs of your SSD? (size, Drive Letter, type/make/brand/model)<br />d) Please send me the log, found on C:\Rem-VBSworm.log<br /><br />As in regards to your files, sorry to hear this has happened to you. Try a data recovery tool (such as Recuva) to get your files back. This should pose no issue.<br /><br />RegardsBarthttps://www.blogger.com/profile/18326761248866196755noreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-88690258328430891802016-05-16T20:08:37.326+02:002016-05-16T20:08:37.326+02:00WARNING !!! This software delete the entire conten...WARNING !!! This software delete the entire contents of my SSD!<br />You should not hide this information to your visitors!Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-28299767146792238292015-11-17T18:29:53.551+01:002015-11-17T18:29:53.551+01:00Hi Anonymous,
Not sure where you've read that...Hi Anonymous,<br /><br />Not sure where you've read that, but what my tool can do is clean your network drives of autorun worms and other related (VBS/VBE/...) malware. <br /><br />It does not protect you from network attacks. You'll need a firewall for that.<br /><br />Hope that answers your question! Regards.Barthttps://www.blogger.com/profile/18326761248866196755noreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-46390766226267212132015-11-17T15:59:10.119+01:002015-11-17T15:59:10.119+01:00My last question is, how does this program keep my...My last question is, how does this program keep my network safe from malware? I think I read some where that it can clean my network. I'm only asking these questions because I am amazed at how well this program works.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-42049667922714201192015-11-17T14:52:37.678+01:002015-11-17T14:52:37.678+01:00Hi Anonymous!
An image hijack allows you to load ...Hi Anonymous!<br /><br />An image hijack allows you to load program B when opening program A for example. Many years ago, this was a tactic used by cybercriminals, but it's quite rare now.<br /><br />The pro here is that we can use the same tactic to stop malware from running. My tool adds some image hijacks for known malware executables used in autorun worms. You may find some additional information about image hijacks here: http://geekswithblogs.net/ssimakov/archive/2005/03/22/26930.aspx<br /><br />Let me know if you have other questions!<br /><br />Cheers.Barthttps://www.blogger.com/profile/18326761248866196755noreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-62583734302285856712015-11-17T06:02:09.542+01:002015-11-17T06:02:09.542+01:00What is meant by "adding image hijacks" ...What is meant by "adding image hijacks" in the log file after cleaning the system of infections?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-69666939917280314382015-11-16T22:13:46.737+01:002015-11-16T22:13:46.737+01:00Hi Anonymous,
Yes, option D - thus disabling Wind...Hi Anonymous,<br /><br />Yes, option D - thus disabling Windows Script Host (WSH) will stop the spreading of certain malware. (not all, but it's certainly another layer of protection)<br /><br />Should you ever need WSH, you can enable it again using the same option, then disable it afterwards when you are done.<br /><br />Cheers!Barthttps://www.blogger.com/profile/18326761248866196755noreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-91061010078363337702015-11-16T22:00:20.015+01:002015-11-16T22:00:20.015+01:00Would option D help stop the spread of worms?Would option D help stop the spread of worms?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-45296109840907782872015-11-16T21:44:05.392+01:002015-11-16T21:44:05.392+01:00I thought so. Thanks.I thought so. Thanks.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-62626356484340091972015-11-16T21:13:33.262+01:002015-11-16T21:13:33.262+01:00Hi Anonymous,
You can use option B to clean your ...Hi Anonymous,<br /><br />You can use option B to clean your USB drive of any malware that my tool cleans, as well as unhide files. It is not meant to repair a USB drive - you may try chckdsk for that.<br /><br />Having said that, if your USB freezes on other machines, it's possible they don't have autorun/autoplay disabled, or they are infected or... It's a Windows issue.<br /><br />Let me know should you have other questions. Cheers :)Barthttps://www.blogger.com/profile/18326761248866196755noreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-53669229345129676602015-11-16T21:01:55.171+01:002015-11-16T21:01:55.171+01:00What effects does the software have on a usb drive...What effects does the software have on a usb drive? Sometimes I use my usb on other computers and they kinda freeze...Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-10953745528087423932015-10-29T12:10:58.343+01:002015-10-29T12:10:58.343+01:00Hi Anonymous,
Good point! As a matter of fact, th...Hi Anonymous,<br /><br />Good point! As a matter of fact, this is NOT possible using the tool. So no worries there :) <br /><br />Thanks for your feedback and let me know should you have any other questions!<br /><br />Cheers.Barthttps://www.blogger.com/profile/18326761248866196755noreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-9160071261911167692015-10-29T05:10:54.939+01:002015-10-29T05:10:54.939+01:00I wonder what will happen if I accidently use B co...I wonder what will happen if I accidently use B command on window partition.<br />And if it cause a problem what should I do (didnt find any problem occur yet using window 8.1)Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-17588048738471692932015-04-24T00:00:21.565+02:002015-04-24T00:00:21.565+02:00Glad to hear that, thanks for your comment! :)
Ch...Glad to hear that, thanks for your comment! :)<br /><br />Cheers.Barthttps://www.blogger.com/profile/18326761248866196755noreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-28510083435540635652015-04-22T18:02:41.400+02:002015-04-22T18:02:41.400+02:00Hi my friend,
tool works perfectly in my tests. K...Hi my friend, <br />tool works perfectly in my tests. Keep up the good work! Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-606282676955748155.post-10596184746617993762014-02-08T16:40:54.009+01:002014-02-08T16:40:54.009+01:00Hi :)
Yes, i think it is still in development.
...Hi :)<br /><br />Yes, i think it is still in development. <br /><br />Cheers, Gofhttps://twitter.com/_Gof_noreply@blogger.com