do a scan with avast founds 600-1200 infections, moved them to chest then a few days they are back.
not sure what i should do because last time i moved them to chest it fucked up my java and took me ages to fix it. also i fucked up some important windows file because it keeps giving me the windowsfile protection message!! not sure what to do because i don’t have my windows cds.
malwarebytes doesn’t pick them up so i think im screwd
I am not posting my problem in another person’s topic, for I have infact SOLVED my infection of Win32:Hiloti-AX [Trojan]. I am only trying to help others in dealing with this problem that few people seem to be aware of and took me two solid days to fix.
The root of the problem is a trojan that is loading either via
C:\Documents and Settings<user name>\Start Menu<random key #2>.exe
It operates by spawning processes of your default browser. These are then infecting your files with VBS:ExeDropper-gen [Trj] or Win32:Ramnit-G.
Avast 5.1.889 and MalwareBytes Anti-Malware 1.50.1.1100 are not detecting this!!!
To resolve, you must first close all instances of your default browser - IEXPLORE.EXE, FIREFOX.EXE, google chrome? - before you can effectively deal with the file infections OR the trojan causing this itself.
600-1200 infections.I wouldn’t clean the pc,you may also have system32 damaged files.Ranmit is a nasty virus,cocktail infection ;D.I’ve seen articles about that virus,your pc may also be under control of a hacker as they use it as a zombie for its backdoor network.Essexboy can only help here,killing processes won’t help in any way,there is no root of infection,your files are infected and i am not talking about executables.
In my opinion, if this infection has been going for a few days and you have a lot of infected files, a better bet would be to install the latest version of Avast and use that to scan your computer. That way, you will be able to review the chest and see what files have been compromised.
The reason for this, is so you can ascertain what programs on your computer may need reinstalling for them to work again.
Avast 6.0.1 should also detect the presence of this Win32:Hiloti-AX trojan and remove it as well.
Do remember to end all processes of your Google Chrome browser each and every time you restart your computer!!!
This topic is about 2 years old and it’s a better idea to open a new topic regarding your problem.
And now to answer your question, the answer is yes, if you are suspect there are malwares in your external hard disk, you have to scan and remove them with either avast or tools listed in my link, but you have to be careful, if there are malwares in your external hard disk, they may already have infected your laptop’s Windows installation too, so you have to double check it too.
Aside from the fact that the original post started two years ago, the safest way to clean your external hard drive is to boot into some sort of Linux system and run a virus scan using that operating system, not windows.
ramnit is a virulent file infector, hence Omid Farhang’s warning above especially applies.
I’d disconnect the windows drive and any other secondary drive (if you have one) first, and run the Linux program as a Live CD. Then and only then would I connect the sick external drive. Using Linux as a Live CD will allow you to run online scans of the external drive, as many as you wish, because Linux is not affected by the windows version of ramnit. Since it is being run as a Live CD, it is running only in system memory, and will vanish on system reboot. You will have to reconnect your system and secondary hard drives to get back into windows, tho.
No guarantees can ever be given when dealing with ramnit. Either way, you are going to lose a few/many files.
Same thing can be done to the windows system drive when you boot as a live CD if you need to check that.