Posted 27 August 2009 - 06:25 PM
I've never had to reformat a hard drive for this particular infection, and I've removed it on more than fifty computers. MBAM will really address it. If you can put a current MBAM installation file on a flash memory device, you can plug it in and install MBAM despite the interference (disconnect your machine from the Internet if you haven't already done so). Do not update MBAM, just run the quick scan and follow the directions to remove all items found. A restart will be required at the end of the scan, then reconnect to the Internet, immediately update MBAM, and do a complete scan. I only need to resort to pulling the drive and attaching it to a different computer perhaps once every twenty times. This is a lot less painful than reformat/rebuild, which I have done thousands of times (literally).
The last time I used MBAM to remove this virus was two days ago, and the next one will be this evening. No, I don't work for them and they don't pay me anything.
You cannot remove this virus manually. If you find the Registry entries and remove them, by the time you exit Regedit the entries are already back in place. You cannot delete the files because they are in use and are protected by Windows. MBAM makes a list of the files to delete and loads first during the reboot to remove them before they can load.
If you have other issues, and don't believe what PC AntiSpyware 2010 tells you (it lies), then perhaps reformatting the drive is your best approach - it will allow you to clean up any number of issues at the same time. Good luck to you.