Spy Falcon?? Virus/Trojan/Dialer?? HELP!
Results 1 to 10 of 10

Thread: Spy Falcon?? Virus/Trojan/Dialer?? HELP!

  1. #1
    Gray Haired Old Fart aeallison's Avatar
    Join Date
    Jul 2002
    Location
    Buffalo, Missouri USA
    Posts
    888

    Question Spy Falcon?? Virus/Trojan/Dialer?? HELP!

    Hey all, The other day I got this little popup balloon on my winxp lappy that said my computer is infected. I was half asleep and not thinking clearly so I clicked on it.
    I was next greeted with a "NEW??" application that looks very nice called spy falcon. Only it is non functional and turns out to be some kind of nasty new trojan that is replicating itself faster than I can remove it.

    It is slowing my productivity down to a halt and I need to get back to work. I even thought I had it removed once, even wrote a PM to allenb1963 bragging about it... time to eat crow and ask for your HELP!!!
    I have a question; are you the bug, or the windshield?

  2. #2
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    Have you tried safe mode...???

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  3. #3
    The ******* Shadow dalek's Avatar
    Join Date
    Sep 2005
    Posts
    1,564
    Can you go back via System Restore to just before you clicked on the app?, if so after you have done that, then you should do some scanning in safe mode, and disable system restore to flush out any infected systemvolumeinformation restore points.


    Grab Stinger from McAfee and run it, it's a trojan scanner.

    Some extra tips...Spy Falcon Removal
    PC Registered user # 2,336,789,457...

    "When the water reaches the upper level, follow the rats."
    Claude Swanson

  4. #4
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  5. #5
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    How people treat you is their karma- how you react is yours-Wayne Dyer

  6. #6
    Gray Haired Old Fart aeallison's Avatar
    Join Date
    Jul 2002
    Location
    Buffalo, Missouri USA
    Posts
    888
    Hey all thanks for the links and suggestions.

    Yes I have even booted to dos via a bootdisk and removed it manually, or at least it seemed that way, I spent over 8 hours doing this. I have tried the restore, I have disabled file protection and run adaware and AVG several times. Just when I think its gone I start back to doing what I do and its suddenly back.

    I will check these links... I'll be right back
    I have a question; are you the bug, or the windshield?

  7. #7
    Dissident 4dm1n brokencrow's Avatar
    Join Date
    Feb 2004
    Location
    Shawnee country
    Posts
    1,242
    Just dealt with that one last week. Used the script on morganlefay's link. The trick with this one, for me, was getting that rogue .dll out of c:\windows\system32. Spybot will remove Spy Falcon but it goes to seed when you reboot.

    The tutorial lists the offending .dll's as dxmpp.dll and/or ginuerep.dll. The thing is reseeding the trojan via this .dll. I searched for any .dll's modified in the last week to find it. It was the ginuerep.dll file. Probably will only be one .dll, not two.

    I deleted it by booting into safe mode w/ command prompt.

    HTH
    “Everybody is ignorant, only on different subjects.” — Will Rogers

  8. #8
    The ******* Shadow dalek's Avatar
    Join Date
    Sep 2005
    Posts
    1,564
    Originally posted here by aeallison
    Hey all thanks for the links and suggestions.

    Yes I have even booted to dos via a bootdisk and removed it manually, or at least it seemed that way, I spent over 8 hours doing this. I have tried the restore, I have disabled file protection and run adaware and AVG several times. Just when I think its gone I start back to doing what I do and its suddenly back.

    I will check these links... I'll be right back
    Hi

    You might want to actually flush out your restore points.

    Flush the restore points...Kellys Corner System Restore Info
    PC Registered user # 2,336,789,457...

    "When the water reaches the upper level, follow the rats."
    Claude Swanson

  9. #9
    Senior Member Spekter1080's Avatar
    Join Date
    Oct 2005
    Location
    Iowa
    Posts
    101
    one of my friends got SF just this morning......nasty little bugger it is....
    there's always a way in...

  10. #10
    Gray Haired Old Fart aeallison's Avatar
    Join Date
    Jul 2002
    Location
    Buffalo, Missouri USA
    Posts
    888
    one of my friends got SF just this morning......nasty little bugger it is....
    Yes it is my friend, I am going to get drunk tonight as celebration of this (*&%(%(&^% things removal.

    nihil? tip up a Guiness in my honor
    I have a question; are you the bug, or the windshield?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides