[The Skeptic]

Hi everyone.

I have a client's computer which came with a USB hard disk used for backups. The USB disk is infected with win32:onlinegames-caz(trj). When I connect it to a computer for malware cleanup it immediately infects the computer. As I boot, Avast immediately gives a malware alarm, showing the sources to be in c:\windows\system32\amvo0.dll.

I ran numerous scans with Avast, Avg antispyware, Spyware Terminator, vundofix, smitfraudfix and Spybot. Except for Avast no program found the trojan. No program, including Avast, could remove it.

Eventually I got rid of it quite easilly with HJT. The problem is that the bug remains in the external disk and it immediately infects the computer again. I can't locate it on the disk. It only shows itself in the infected computer.

My question: how can I clean the external hard disk to avoid further infections.


Thanks in advance

The skeptic

Edited by The Skeptic, 21 February 2008 - 02:01 AM.

[Advertisements]

Hiya Skeptic

Try this:

• 1 - Flash Drive Disinfector
  Download Flash_Disinfector.exe by sUBs from >here< and save it to your desktop.
• Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
• The utility may ask you to insert your flash drive and/or other removable drives including your mobile phone. Please do so and allow the utility to clean up those drives as well.
• Wait until it has finished scanning and then exit the program.
• Reboot your computer when done.

Note: Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive plugged in when you ran it. Don't delete this folder...it will help protect your drives from future infection.

Let me know

Harry

[harrythook]

Hiya Skeptic

Try this:

• 1 - Flash Drive Disinfector
  Download Flash_Disinfector.exe by sUBs from >here< and save it to your desktop.
• Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
• The utility may ask you to insert your flash drive and/or other removable drives including your mobile phone. Please do so and allow the utility to clean up those drives as well.
• Wait until it has finished scanning and then exit the program.
• Reboot your computer when done.

Note: Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive plugged in when you ran it. Don't delete this folder...it will help protect your drives from future infection.

Let me know

Harry

[The Skeptic]

Thank's harrythook.

The computer and external disk are no longer in my posession. Apparently it was loaded (both the external disk and D: partition on the computer drive) with cracked programs, gotten through one of those peer to peer programs. It was swarming with malware but the client wouldn't let me touch anything. Eventually we had a big fight and I refused to continue with the cleanup.

Anyway, I downloaded the tool you recommended for future use. This topic may be closed.


Thanks again

[harrythook]

Thank's harrythook.

It was swarming with malware but the client wouldn't let me touch anything. Eventually we had a big fight and I refused to continue with the cleanup.

Been there, done that
Call any time, keep up the good work on "the other side"

Harry

[harrythook]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.