This thing is nasty. I’ve seen what I can only believe is a variant of WORM_VOBFUS.SMIS as defined by Trend Micro. Here’s what’s happening: an infected computer on your network looks for any shared folders (network shares, USB flash drives, etc…) and hides all of your real files. It then will replace the “hidden” files, with .EXE’s of the same names, to try and trick people in to clicking on them, and causing the worm to spread further. I’ve already seen this thing a few times and have developed a good plan of action for fighting it off.
Finding the infected computer and Cleaning the Infection
Skip ahead if you want to unhide your files, but I want to cover this virus a little further in depth. Continue reading “Virus hid files, "Hidden" Attribute grayed out – Solved!”