http://www.bleepingcomputer.com/combofix/how-to-use-combofix
Download, follow the directions, good to go.
I had to remove it from a couple of machines at work.
I apologize for the misspelling of belong and Republic.
It also goes by VISTA 2008. I googled it a found I website I trusted for removable instructions. It required editing the registry.
You do NOT turn off the computer once you see something is crazy, though you should pull out the Internet connection.
Do a search for new created files that day or so.
Look for especially .exe and .dll files newly created.
Hit Ctrl + ALt + Del and review running processes in task manager.
See particularly if any of the newly found files are running as processes.
Go to the internet and look the files up and see what they say.
Lastly close down, go to safe mode F8 key at startup and potentially delete the new files.
That would be an easily removable thing if caught like some viruses or ad ware.
It can get bad, once my niece asked me to check her computer. There were viruses going for many months, they corrupted the computer and I had to reinstall the operating system.
She had only 465 viruses found.
Got caught last month by a form set up to emulate Vista.It found its way into my system and would not allow access to uninstall. I’d get popups telling me I had 73 viruses and trojans. My virus pgm dtected nothing. I wound up isolating and shredding it with windows defender. No trouble since.
I believe in the death penalty for ——s who foist this crap on users who don't know any better.
Put down the “beong” and step away from the Free Republi... :) Seriously, though, thanks for posting this.
I’ve seen two computers eaten by this. It claims to be an antivirus program and convinces users to let it doa scan. and yes, if it gets far enough along it does require a Windows reinstall.
It doesn’t require reformatting, however, just a clean reinstall. That does mean you have to reinstall all your programs.
On the rare occasions when something like this has happened, I’ve just used the system restore feature and it worked like a charm.
How can I find out if this is on my system? This morning I turned it on and got busy elsewhere. I heard the system restart (a first without my being at the keyboard) and it came up the way it usually does.
I’ve got the Vista OS on my computer.
Thanks. I’m not a computer geek at all and the older I get the more I hate to deal with technical things.
Did you download and install the thing, or did you just get redirected to the website. I got the redirect, but I didn’t install the thing.
Hah, sounds like you got hit by a rootkit trojan. I got infected by one a few weeks ago. I downloaded and ran SDFix to remove it.
The only thing I could do was boot the infected system to BARTS, and then copy the files they wanted to save to another system with functional AV... Then wipe the disk and do a fresh install off of DVDs they had to order from HP. It was UGLY.
Mark
gnip...
I just got finished fixing a PC after this nasty infected it. In the end, to fix the corrupted files I had to wipe her clean and reinstall Winders. What a pain.
Having read all the comments in this thread, I know most of the technical comments would be incomprehensible to the average computer user - the kinds of people that turn to me for help. Many of you are highly technical, but most users aren’t. They either don’t realize how bad the security problem is, or else they try to ignore the problem and keep computing until the PC won’t run. After my son’s Windows PC got clobbered a few times, I decided to make a radical change. Now he boots his PC from a Ubuntu Linux CD. There is nothing for a virus or worm to corrupt, because a CD cannot be overwritten. In the unlikely event that the Linux session was ever compromised, you turn off the PC and poof! the virus is gone. I’m running the FireFox browser on a Linux PC right now and it looks just the same as if running on a Windows PC.