Sneaky little nasties!

Vista x64 system. I'm not really looking for an expert to fix my system because I gonna nuke and pave it anyway just to be safe, but just wanted to tell what's happened. Maybe someone had the same issue or have some insight. Anyway...I've never had any problems with virus on this machine until recently. I noticed computer running slow and lots of traffic going on. Ran lots of scanners. From bootcd's I ran superspyware, spybot s & d, bitdefender and sophos root kit. I had networking so it update to newest database. I found lots of scanners are not compatable with x64. In safe mode ran malwarebytes but it kept crashing. Ran superspy and comodo in normal mode. Comodo picked up about 2. For security I have comodo, adaware, and superspy. proabably ran some others but forgot. After running all that I did hijackthis and it picked up quite a bit of nasties. Cleaned them and the computer seemed to be back to normal. So I read about the rootkits now being able to work on 64 bit systems. Maybe becuase it's relativley new the scanners did not pick it up? And if that is the case sounds like a good 'ol nuke n pave my be the safest solution. Thanks for any comments or insight.

Well truthfully with most rootkits it is the best policy to Nuke and repave.

Yeah, I'm starting to adhear to this. Some people say only pizza techs nuke and pave, but the pro's manually remove. It's seems that the way virus has advanced, either it will take you forever to clean or you'll miss something. With keyloggers and such, I don't think I want to risk that. But what do I know. thanks for the response

as viruses get more and more sophisticated I fear the nuke and refomat will become all to common

There are no guarantees or shortcuts when it comes to malware removal, especially when dealing with backdoor Trojans, Botnets, IRCBots or rootkit components that can hook into the Windows 32-bit kernel, and patch several APIs to hide new registry keys and files they install. Infections will vary and some will cause more harm to your system then others as a result of it having the ability to download more malicious files. Security tools that claim to be able to remove rootkits cannot guarantee that all traces of it will be removed as they may not find all the remnants.

Many experts in the security community believe that once infected with this type of malware, the best course of action is to wipe the drive clean, reformat and reinstall the OS. Your decision as to what action to take should be made by reading and asking yourself the questions presented in these articles:

• When should I re-format? How should I reinstall?
• Where to draw the line? When to recommend a format and reinstall?

This is what Jesper M. Johansson at Microsoft TechNet has to say: Help: I Got Hacked. Now What Do I Do?.

The only way to clean a compromised system is to flatten and rebuild. That’s right. If you have a system that has been completely compromised, the only thing you can do is to flatten the system (reformat the system disk) and rebuild it from scratch (reinstall Windows and your applications).

Edited by quietman7, 04 September 2010 - 02:41 PM.

Thanks for the read. Very good.

You're welcome on behalf of the Bleeping Computer community.