SpyFalcon/Malware

I seem to have allowed my computer to contract some sort of malware called spyfalcon (which is a program to advertise a phoney malware/adware remover, clever little bastard). Anyway, I’ve been thinking about reformatting my c: drive recently anyhow because I’ve had this comp a year and it’s cluttered full of stuff so as long as I can save all my e-mails and bookmarks then I’ll be fine doing that but in case any of you have any suggestions then here’s the place to post them. I’ll be reformatting my drive tomorrow if I can’t solve it another way before then…

Thanks for your time

there is an excellent simple program that lets you look at all the programs that start when your computer loads windows. i had like 5 little shits running around that i couldnt ctrl alt delete because they were currently running (or some stupid ass reason, fuck you windows)

anyway, i used this program, restarted my computer in safe mode or something, ctrl alt delete or uninstalled them or something. i dont know, it told me what to do and i did it and now i really have no spyware. there is nothing in the task manager thats not good. ill tell you what it is when i get home in 3 hours

Yes, please do. I know that I have some things that run during startup that shouldn’t. I’ve tried everything short of a registry key editor and a rootkit dissolver. Any help is much appreciated!!

Exactly, if I started editing the registry I’m sure that I could rid my computer of the bastard, but I’d probably also delete the wrong thing and mess it all up…

That’s the sort of thing I’m looking for, restarting in safe mode and so on is straightforward, but I don’t want to start furiously deleting things in the hope that I hit upon the solution…

SIATD:

I would suggest installing the “ad.aware” software (its free). Go to “adaware.com.”

Just last night I installed it onto my laptop and ran it immediately. The program found and quarantined 39 target files, and I haven’t once surfed any porn on my laptop, nor have I used it for logging onto philosophy forums. Point being…the adaware software is so bad-ass it found even the littlest morsels of spyware, adware and whatnot on my laptop…which is extremely clean.

If you download it, temporarily shut down whatever pop-up blockers are running so it doesn’t interfere with the downloading.

I’d try it first if I were you. You’d be suprised what that program can do. It might very well clean your computer and you won’t have to reformat.

Also, if you aren’t using Mozilla Firefox (its free) as a browser, I’d advise it strongly.

Oh, and if you do and it works, uninstall any programs you don’t use anymore, run a disk-clean-up, defrag the drive, and then take a “snapshot” (for emergency restoration if needed).

You know all this already, I’m sure.

I’ve got adaware and Spybot S&D and have run both, but they didn’t pick it up. The page that I found that recommended a certain other solution said that most spyware scanners don’t find this frigger…

I’ve now backed up everything important like my e-mail history (I’ve got a lot of good correspondence) my writings folder (which I back up frequently anyway), all the additional programs (like Mozilla, including my bookmarks folder so I don’t have to find 300 websites all over again) that I’ve accumulated and, of course my ‘Che Detrop’ picture (and a few others of my cat and the sky).

So if I do have to do a reformatting job it should be easy as pie to get myself back to where I am now, but without any of the crap. I, as anyone who has visited zeno’s forum will know, have surfed almost every kind of website available, which is probably how I came to pick up this fucker in the first place. You live and learn, I’ll stop looking at comic hardcore (the movie where the woman is giving the dude a blowjob and then her boyfriend knocks on the door cracks me up every time) and spend more time reading the letters Marx and Proudhon sent to one another. I think that you’d like Proudhon. He’s similar to Marx but more radical and more convincing. He’s very, very French.

In fact, in the spirit of yourself and Uniqor I may take to wearing a picture of him here at ILP, though I’m determined to keep this priceless one of Jose Mourinho for a little longer. He’s the best manager in the world, don’t you know?

Reformatting is always easy. Reimaging is usually better. I recommend “Acronis True Image.” It’s saved my ass innumerable times (not from spyware, but it would work for that). If you really want to get rid of just this one virus, it will be difficult. My friend had a similar virus. It was called “Spyware Strike.” I had to:

1.) Uninstall it the normal way.
2.) Delete that motherfucka’s install file.
3.) Delete some .dll files.
4.) Delete some executables that it uses to respawn on boot.
5.) Edit registry entries.
6.) Repeat random steps after a few reboots.

Reformat your computer, and buy/try Acronis True Image. It’s like 30 bucks, so it’ll probably be a little more in euros. If you need help with it, let me know. It has some neat features. One, which I think would be good to add NOW, since you’re reformatting anyway, is an Acronis rescue partition, from which you can restore images even if Windows won’t boot, and you don’t need to find the Acronis boot CD to do it.

If you need more help, email me at Patrick.pxc.C@gmail.com.

Edit:

I simply assumed you have a D: drive and that you made your backups there. It’s a very good idea to add a second partition that you use for personal files, games, etc. That way, if Windows dies on you, you can reinstall and have all of your old applications. Some functions won’t be correct, like file association (when you click on a file in my computer, it opens in the program it is associated with), but for the most part, your personal things will remain whole.

Recommended Firefox Extensions:
1.) Adblock: this blocks advertisements, which tend to be what people click on that gets them viruses.
2.) Adblock Filterset.G: this is a pre-configured, regularly updated filter for Adblock so that it does not block ads that shouldn’t be (gmail text ads, when blocked, cause gmail not to load), and blocks those that can be blocked without problems.
3.) IE Tab: this allows a single tab to run embedded IE if you choose. This is good for doing Windows updates.
4.) Nuke Anything Enhanced: removes anything you want from the screen temporarily, with just one click from the context menu (on a right click).

Edit2:
A few sites with tips for removing:
bleepingcomputer.com/forums/topic43659.html
forums.majorgeeks.com/showthread.php?t=85077

Be careful with this one!
remove-spyfalcon.com/
That website asks you to download an executable that I’m not sure is OK. I’m assuming it is, but you might want to try the other methods first.

Edit3:
remove-spyfalcon.com’s executable is legit.
Good luck!

i have like 5 anti spywares running and most of them auto-scan at night when it wont interfere with my computing. they are:
microsoft anti spyware,spybot s+d,ad-aware,ewido security suite(trail version),and AVG free version.

P.S.: please remember-update all your anti-spywares before using them. once i had ‘the best offers network’ 's shit installed. it kept re-spawning untill i updated my other anti-spywares. i also have ‘hijack this.exe’. it is specifically for deleting start-up buggers.but you choose what is deleted.

[size=200]i only use free anti-spywares[/size] so it’s easy to try…

yes. fu** you windows.

did you know that if you delete that C drive thing in your my computer screen,you are screwed? if you cant undo it’s delete,or get it out of the recycle bin.my mom was messing with my computer and deleted it,and i could no longer access my C:drive.

only a system restore saved my ass. for more information PM me if it’s important.

ALSO: i often had problems with ‘a better internet dr.pmon’ spy/ad-ware.
little shits.

Thanks to all for your help so far. I’ve got three things to do today to try to rid my comp of this fucker (it’s sophisticated, I’ll give it that - ) but if those fail a reformat is on the cards…

Do I need a floppy drive to reformat or can I boot off my O/S CD then go into dos and run the format/reformat program?

I don’t know. I usually use OS CD’s that I make myself, with a fake A: drive on them that I can use to run certain commandline functions, like fdisk.

i use freeware stuff as well. For Windows security, i use AVG Free (antivirus, AntiVir is also good), ZoneAlarm Free (firewall), SpyBot, AdAware, SpywareBlaster (javacoolsoftware.com, i think), and SpywareGuard. Last time i tried testing my security, only two hacks went through (both Java-based because i leave Java active except when visiting “strange” sites and use the Java On/Off extension for FireFox). In comparison, the Norton suite allowed 5 hacks through. Also, i disable Windows Firewall as it is fairly crappy.

thank you dasnichtege. i feel like this spyware stuff is an obsession of mine,ever since the best offers network incedent. anyway the anti-spyware i was not aware of(spyware guard) i googled it and it was first on the results list. that must mean it is very popular. i’m downloading it now.

I gave up and decided to format the c: drive again and within 60 minutes I’ve got my computer working again, sans adware/spyware, with firewall and internet. I’ve not got to install a couple of dozen things. I literally tried every other solution that I could find.

I found that if you just boot off the OS CD (Windows XP in my case) then you get an option to reformat the hard disk before installing Windows, which I took, and now everything is fine again. I’ve got all my old e-mails in Outlook, all my bookmarks in Mozilla, all my writing stuff, all my pictures. I haven’t re-installed any games yet, I’m going to be strict with myself about what I let myself do with this machine…

hey,you use a mozilla browser instead of firefox? whats the difference?

I just fragged (formatted, reinstalled windows) a friends computer, they had some really nasty spwyware/viruses. One of the viruses made itself look like the red windows X down by the clock, and occasionaly popped up an official windows yellow balloon that said “your computer is infected click here to disinfect”, no matter where you clicked on the window it sent off a packet to somewhere, in the process of removing it I was trying to reverse trace it but couldn’t.

In the process of removing the viruses, the computer fucked itself and Explorer kept repeatedly crashing (which basically makes the computer unuseable. Explorer is Windows it’s the desktop and start/taskbar.)

The more I use windows the more I hate it… of course, other OS’ aren’t exactly rosy perfect. Linux lacks alot of application support (mainly the games) Mac OSx is a pussy OS. (heh, flamebait.)

good luck with trying to fix it… I’ve found that at a certain point with windows (about every 6 - 18 mos, if you don’t keep an up to date spy ware, virus firewall on your computer) you’ll have to frag it.

No need to if you are installing XP or 2K. both have built in partition managers that can also format.

EDIT:

Also you windows guys should do this to speed up your system. If you have the correct motherboard drivers installed. (which you should.)

microsoft.com/whdc/device/st … E-DMA.mspx

That’s the exact problem I had. All other pop-ups and infections and whathaveyou has been perfectly dealt with by my security software but this was a bugger. It keeps re-installing itself once there and unless you remove every trace of it (in safe mode, without the internet plugged in) then it always comes back when you reboot.

Sure, I started to have a few problems with that (explorer) before I got the little doofer in the bottom right with the popup bubbles telling me I had an infection…

Such is life, such is technology…

That’s what I used, all I had to do was make the CD drive the primary boot device

What does it do? I’m just curious…

I use firefox, but the saved settings are in the hidden folder ‘application data’ under ‘mozilla’ so that’s what I happened to type…