All-Radio 4.27 Portable Can't Be Removed? Then Your PC Is Severely Infected

CaptainDork shares a report from Bleeping Computer: Starting yesterday, there have been numerous reports of people's Windows computers being infected with something called "All-Radio 4.27 Portable." After researching this heavily today, it has been determined that seeing this program is a symptom of a much bigger problem on your computer. If your computer is suddenly displaying the above program, then your computer is infected with malware that installs rootkits, miners, information-stealing Trojans, and a program that is using your computer to send send out spam.

Unfortunately, while some security programs are able to remove parts of the infection, the rootkit component needs manual removal help. Due to this, if you are infected with this malware, I strongly suggest that you create a malware removal help topic in our Virus Removal forum in order to receive one-on-one help in cleaning your computer. Some of the VirusTotal scans associated with this infection have also indicated that an information stealing Trojan could have been installed by this malware bundle as well. Therefore, it is strongly suggested that you change your passwords using a clean machine if you had logged into any accounts while infected. 6/29/18: The story has been updated to specify that this malware campaign is targeting Windows computers.

Re: Nuke & Pave

[Anonymous+Brave+Guy]

Reinstall from original installation media and pray to god that your system's onboard firmware is not compromised.

Sadly today that last part is also very significant. Thanks to the mess of modern infrastructure like UEFI, everybody's device having embedded functionality that can be updated, and processors-within-processors, it's basically impossible to ever fully trust a system that has been compromised now, no matter how drastic your recovery procedures might be. Of course, for similar reasons it's also basically impossible to trust a system that you don't know has been compromised either. Security in modern tech is broken, and the tech industry and security services broke it.

What happened to bootdisks ?!

[DrYak]

But it's the bit before that which really matters:

You can’t clean a compromised system by using a virus scanner. To tell you the truth, a fully compromised system can’t be trusted. Even virus scanners must at some level rely on the system to not lie to them. If they ask whether a particular file is present, the attacker may simply have a tool in place that lies about it.

That why you don't try anything from within the compromised system.
Either you try all your effort from a known clean bootdisk (CD, USB stick, etc),
or even better, you disconnect the drive and connect it to a known clean machine.

A non compromised OS will not lie about what is on the disk of another system, even if that other (non-currently running system) happens to be compromised.

(The sole exception being malware like ransomware that encrypt your data. Then nobody except the hacker holding the decryption key can read that disk).

Reinstall from original installation media and pray to god that your system's onboard firmware is not compromised.

Well, the attack of firmware (UEFI) or "management chips" running their own firmware (Intel ME engine and co) is indeed an entirely different level of scary.

And given the almost total disappearance of socketed flashchips to hold these firmwares, any chance to recover from that becomes bleak.