-
March 22nd, 2006, 05:09 PM
#1
Spy Falcon?? Virus/Trojan/Dialer?? HELP!
Hey all, The other day I got this little popup balloon on my winxp lappy that said my computer is infected. I was half asleep and not thinking clearly so I clicked on it.
I was next greeted with a "NEW??" application that looks very nice called spy falcon. Only it is non functional and turns out to be some kind of nasty new trojan that is replicating itself faster than I can remove it.
It is slowing my productivity down to a halt and I need to get back to work. I even thought I had it removed once, even wrote a PM to allenb1963 bragging about it... time to eat crow and ask for your HELP!!!
I have a question; are you the bug, or the windshield?
-
March 22nd, 2006, 05:12 PM
#2
Have you tried safe mode...???
MLF
How people treat you is their karma- how you react is yours-Wayne Dyer
-
March 22nd, 2006, 05:16 PM
#3
Can you go back via System Restore to just before you clicked on the app?, if so after you have done that, then you should do some scanning in safe mode, and disable system restore to flush out any infected systemvolumeinformation restore points.
Grab Stinger from McAfee and run it, it's a trojan scanner.
Some extra tips...Spy Falcon Removal
PC Registered user # 2,336,789,457...
"When the water reaches the upper level, follow the rats."
Claude Swanson
-
March 22nd, 2006, 05:18 PM
#4
-
March 22nd, 2006, 05:18 PM
#5
How people treat you is their karma- how you react is yours-Wayne Dyer
-
March 22nd, 2006, 05:27 PM
#6
Hey all thanks for the links and suggestions.
Yes I have even booted to dos via a bootdisk and removed it manually, or at least it seemed that way, I spent over 8 hours doing this. I have tried the restore, I have disabled file protection and run adaware and AVG several times. Just when I think its gone I start back to doing what I do and its suddenly back.
I will check these links... I'll be right back
I have a question; are you the bug, or the windshield?
-
March 22nd, 2006, 05:30 PM
#7
Just dealt with that one last week. Used the script on morganlefay's link. The trick with this one, for me, was getting that rogue .dll out of c:\windows\system32. Spybot will remove Spy Falcon but it goes to seed when you reboot.
The tutorial lists the offending .dll's as dxmpp.dll and/or ginuerep.dll. The thing is reseeding the trojan via this .dll. I searched for any .dll's modified in the last week to find it. It was the ginuerep.dll file. Probably will only be one .dll, not two.
I deleted it by booting into safe mode w/ command prompt.
HTH
“Everybody is ignorant, only on different subjects.” — Will Rogers
-
March 22nd, 2006, 05:31 PM
#8
Originally posted here by aeallison
Hey all thanks for the links and suggestions.
Yes I have even booted to dos via a bootdisk and removed it manually, or at least it seemed that way, I spent over 8 hours doing this. I have tried the restore, I have disabled file protection and run adaware and AVG several times. Just when I think its gone I start back to doing what I do and its suddenly back.
I will check these links... I'll be right back
Hi
You might want to actually flush out your restore points.
Flush the restore points...Kellys Corner System Restore Info
PC Registered user # 2,336,789,457...
"When the water reaches the upper level, follow the rats."
Claude Swanson
-
March 22nd, 2006, 06:30 PM
#9
one of my friends got SF just this morning......nasty little bugger it is....
there's always a way in...
-
March 22nd, 2006, 07:19 PM
#10
one of my friends got SF just this morning......nasty little bugger it is....
Yes it is my friend, I am going to get drunk tonight as celebration of this (*&%(%(&^% things removal.
nihil? tip up a Guiness in my honor
I have a question; are you the bug, or the windshield?
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|