[petef56]

Hi All,
I'm here to share my experiences with this latest breed of malware.

I operate a computer repair business and clean several virus & spyware infested computers each week. In recent weeks, I'm often having to resort to wiping the hard drive and reinstaling Windows. Up to about 1 year ago I used to be able to clean most customer's computer onsite within a few hours, but then things changed where I had to bring the computers back to my shop in order to remove the hard drive to do some initial cleaning, reinstall the hard drive and do the final cleaning.

Well, things seem to have changed again!! In recent months, I was still able to clean the the malware, but the damage remaining to the OS was so extensive that I'm spending as much time fixing up the OS as I did cleaning the malware. Now in the past couple of weeks I'm often having to wipe the hard drive and reinstall Windows because it's either too difficult to clean or impractical. I'm using NOD32, SuperAntiSpyware, MalwareBytes, and HiJackThis as my main cleaning tools.

This latest breed of malware is the worse I've ever seen. After removing the hard drive and initially cleaning, I've found things such as the Windows \System32 folder completely empty, or I still can't install software to complete the cleaning, or sometimes I can install my anti-malware programs and complete the cleaning, but the number of things wrong in the OS require too much time to repair, so it makes more sense to just wipe the hard drive and reinstall Windows. So it seems now, with this latest breed of malware, we are back to reinstalling Windows. Or perhaps I'm just having an unusually bad streak of luck this past couple of weeks.

I'm posting this to share my experiences and possibly get some feedback from others
here see how they are managing this latest breed of malware.

---pete---

[flavallee]

Pete:

One thing that I do in many of the threads that I assist in here is to have the threadstarter install and run Malwarebytes Anti-Malware and SUPERAntiSpyware. I also install and run them when I work on a computer. I've yet to work on a computer where several problems were not found.

Like you said, sometimes the damage done is so bad that the only feasible resolution is to do a hard drive format and fresh install of the operating system.

Frank

---------------------------------------------------------------

[petef56]

Well, get prepared because I'm finding that more often than not, the latest breed of malware blocks most popular anti-malware software from installing or running. In my opinion, it's come time for a new breed of anti-malware. A program that will run off a CD-ROM and boot itself to a Linux OS to scan for virus and spyware, including a scan and cleaning the Windows Registry.

---pete---

[etaf]

you can run antivirus from a CD-ROM F-Prot used to run off a floppy and thatwas how you cleaned a machine in the past

I think UltimatebootCD.com has a virus checker on the CD.

I have created a CD using F-Prot with an updated virus file - But that was when you could get it online for free
http://www.f-prot.com/
They supply windows and linux versions

here http://www.claymania.com/f-prot.html for DOS

[petef56]

etaf,
I made myself an Ultimate Boot CD about 6 months ago and I know they
offer an option to perform a virus scan but I haven't figured out how to
add that anti-virus program to the CD.

Anyway, I still feel it's better to remove the hard drive and scan using
my test computer which has NOD32, Superantispyware and Malwarebytes.

The point I was making in an earlier post is that we need a new breed
of anti-malware program that will run from a CD and in it's own OS and
perform a single scan to remove viruses, spyware and also scan/clean
the Windows registry. The idea of an anti-virus app run from the Ultimate
boot CD only accomplishes the anti-virus scan which is just not enough
considering the latest breed of malware I'm coming across in the past
few weeks.

---pete---