Hello everyone, this is my first time on the forum and what I have seen on this forum is a great team of people with best knowledge on the net for dealing with all sorts of virus and malware issues, I am hoping to get some of this knowledge and help with my problem. Reason why I am here is the Cool.vbs virus, this virus seems to be pretty new and its wreaking havoc on many computer systems around the city. This virus came onto my system via a flash drive a few days ago, I had USB Disk Security installed at the time, it identified the virus and I tried to delete it using that program. It seemed like it did but when I inserted another flash drive and all the files became shortcuts plus USB disk security identified it again. AVG 2011 was also on the system along with McAfee, however it seems that AVG was not working because it didn't respond to the virus at all, neither McAfee. When I started researching the cool.vbs virus I read that you should not have more than one full antivirus program on a system because they will conflict and can cause major problems so I removed McAfee, I also read that most anitvirus programs can't detect cool.vbs
I called up a friend of mine who is a computer technician and he was telling me that his store was over run with systems customers are taking to him with the cool.vbs virus. He said that he was working with an antivirus named SMAD, and he was getting good results so far. In my reading however I didn't see anyone mention of SMAD but I downloaded it anyway from CNET onto another system at home, SMAD AV 2013 9.4.1 (October 5, 2013) version to be exact. This system is my workhorse system running windows 7, 64bit, 8gig Ram. The system with the cool.vbs virus is running XP, 32 bit (office computer). I scanned my system (workhorse) with SMAD and it found no infections, I also have USB disk security and Avast on the workhorse. I inserted the infected flash drive in the workhorse system and SMAD, USB disk sec and Avast identified the cool.vbs virus. Avast moved it to chest, SMAD identified over 162 viruses and 192 hidden files on the flash drive, all the files that cool.vbs made into shortcuts were seen as viruses by SMAD and the original files were hidden. I used SMAD to remove all the viruses and unhide the files, it did this successfully and when I ejected the flash drive and reinserted it it was clean and all files were there.
Now the problem is that on the XP system, which I now downloaded SMAD onto and ran, when I insert the clean flash disks into that system SMAD finds the same amount of viruses and hidden files and when I use SMAD to clean the USB it does so but as soon as the flash drive is reinserted it is infected again. This tells me that cool.vbs is on the system itself and is reinfecting the flash drive.
I found it strange that I could clean the flash drives on my workhorse and it doesn't infect the workhorse but with the XP system after cleaning the flash drives with SMAD the system just reinfects them. Now as I said earlier AVG 2011 was not working so I decided to uninstall thinking that maybe cool.vbs was hiding there in some AVG file folder. AVG gave me hell to uninstall, it would constantly show up in my program list even when it said it was uninstalled, I had to use many different downloads of the removal tool to get rid of it finally.
WOW, thats alot of info, I hope that I explained the necessary information clearly, I am really looking forward to any help I can get to have this issue resolved, and I have extreme faith in this community. Lets kill cool.vbs
Thanks in advance and if any more info is needed I will gladly provide it. Thanks again.
Rick.