Main Area and Open Discussion > General Software Discussion
Does anyone know how I may remove Trojan Dropper:MSIL/Livate.A ?
Carol Haynes:
If it were me I would just go nuclear - even if you think you have cleared things you can never be 100% certain you got everything.
patteo:
If it were me I would just go nuclear - even if you think you have cleared things you can never be 100% certain you got everything.
-Carol Haynes (November 09, 2013, 03:05 AM)
--- End quote ---
Thank you Carol for your thoughts. I appreciate your validation of what has been going through my head. I'm hoping against hope.
This is exactly what I'm feeling, seeing how hard it is to detect.
Even if it appears that it has been removed, I can never be 100% certain.
So I'll just have to bite the bullet, go nuclear and learn to be far more careful.
This is the first time in many years that I have been tripped up by a virus.
I guess, the biggest danger is really complacency had set in for me.
Stoic Joker:
There's also ComboFix which can squash quite a few things ...
-4wd (November 07, 2013, 04:52 PM)
--- End quote ---
Including your OS if you don't know what you're doing, or get a little too careless when attempting to fix things CF reports but doesn't handle automatically. ;D-40hz (November 07, 2013, 08:39 PM)
--- End quote ---
Hence the reference to "if you're going to re-install you might as well" ;) ;D
-4wd (November 08, 2013, 10:41 PM)
--- End quote ---
Yes, but here's the "fun" part. Many (read most/all) of the off the shelf machines, that don't come with install media and use a recovery partition. Also use a highly proprietary boot sector that provides the press hotkey 'X' to get to brand X's recovery partition. This means that anything that does any cleaning of said boot sector has a highly probability chance of frying said functionality right off the disk. ...Yes...I see this happen a lot.
So like 40hz, I too have seen combofix torch a machine (from a consumers perspective) in the process of cleaning it many times. Scratch building the boot sector isn't the slightest bit fun on these new OS's because it has gotten a hell of a lot more complicated from the good old SYS C: days. :)
I had to do a production server transplant not to long ago from one MB with an SSD to a second MB with RAID1. It got done...but it took quite a bit longer than the initial estimate. :D
patteo:
Just a little update on going nuclear and the aftermath.
I should add for the benefit of others that uninstalling Java did not remove the persistent virus.
1. You kind of obliterate everything and it's great to start afresh again, sort of. I looked through what I had previously installed and really, some of those I don't really use so I did some spring cleaning as well. The process is painfully slow, partly because I'm also taking my time. But the laptop seems to runs faster.
2. I decided to just as a matter of practice, exercise much greater caution when installing programs. Whenever possible, I upload each exe (limitation of 64mb) to www.virustotal.com or at least scan the url of the website before I download.
Better an ounce a caution than to have to go Nuclear again.
I wish there was a way of automating the process a bit more, like rightclick a url and send the url to be scanned at www.virustotal.com. Or a way for me to right click a file and send the exe to be scanned at www.virustotal.com
3. Started wondering about a disk imaging solution. Used to use Ghost on XP.
Any suggestion of a reliable free imaging solution that works well with Windows 8 ?
4. Right now, for anti-virus, I use Windows Defender, Malwarebytes and also Web Of Trust (WOT - addin for Firefox).
Just wondering if I should add anymore armor besides being much more cautious about where I surf and what I click on. Any suggestions, apart from disconnecting myself from the internet ?
5. I also have noscript enabled on Firefox.
Thanks for any suggestions.
40hz:
^Easiest to just use the disk imaging tool built into Windows.
They sorta hid it in Win8.
Do a search for "file recovery." There will be a link to the old Win7 recovery tools which allows you to create backups and clone disk images just like before.
More about it here:
http://arstechnica.com/information-technology/2012/12/using-windows-8s-hidden-backup-to-clone-and-recover-your-whole-pc/
Luck! :Thmbsup:
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version