Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

win32:onlinegames-caz [RESOLVED]


  • This topic is locked This topic is locked

#1
The Skeptic

The Skeptic

    Trusted Tech

  • Technician
  • 4,075 posts
Hi everyone.

I have a client's computer which came with a USB hard disk used for backups. The USB disk is infected with win32:onlinegames-caz(trj). When I connect it to a computer for malware cleanup it immediately infects the computer. As I boot, Avast immediately gives a malware alarm, showing the sources to be in c:\windows\system32\amvo0.dll.

I ran numerous scans with Avast, Avg antispyware, Spyware Terminator, vundofix, smitfraudfix and Spybot. Except for Avast no program found the trojan. No program, including Avast, could remove it.

Eventually I got rid of it quite easilly with HJT. The problem is that the bug remains in the external disk and it immediately infects the computer again. I can't locate it on the disk. It only shows itself in the infected computer.

My question: how can I clean the external hard disk to avoid further infections.


Thanks in advance

The skeptic

Edited by The Skeptic, 21 February 2008 - 02:01 AM.

  • 0

Advertisements


#2
harrythook

harrythook

    Trusted Helper

  • Retired Staff
  • 2,618 posts
Hiya Skeptic

Try this:
  • 1 - Flash Drive Disinfector
    Download Flash_Disinfector.exe by sUBs from >here< and save it to your desktop.
  • Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
  • The utility may ask you to insert your flash drive and/or other removable drives including your mobile phone. Please do so and allow the utility to clean up those drives as well.
  • Wait until it has finished scanning and then exit the program.
  • Reboot your computer when done.
Note: Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive plugged in when you ran it. Don't delete this folder...it will help protect your drives from future infection.

Let me know

Harry
  • 0

#3
The Skeptic

The Skeptic

    Trusted Tech

  • Topic Starter
  • Technician
  • 4,075 posts
Thank's harrythook.

The computer and external disk are no longer in my posession. Apparently it was loaded (both the external disk and D: partition on the computer drive) with cracked programs, gotten through one of those peer to peer programs. It was swarming with malware but the client wouldn't let me touch anything. Eventually we had a big fight and I refused to continue with the cleanup.

Anyway, I downloaded the tool you recommended for future use. This topic may be closed.


Thanks again
  • 0

#4
harrythook

harrythook

    Trusted Helper

  • Retired Staff
  • 2,618 posts

Thank's harrythook.

It was swarming with malware but the client wouldn't let me touch anything. Eventually we had a big fight and I refused to continue with the cleanup.


Been there, done that :)
Call any time, keep up the good work on "the other side"

Harry
  • 0

#5
harrythook

harrythook

    Trusted Helper

  • Retired Staff
  • 2,618 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP