• Hi Guest: Welcome to TRIBE, the online home of TRIBE MAGAZINE. If you'd like to post here, or reply to existing posts on TRIBE, you first have to register. Join us!

Spyware removal help!

Lurker

TRIBE Member
This afternoon I picked up some wierd spyware thing, that says it's an antispyware utiliy. It's calling itself "Spy Falcon" and looks a lot like a Microsoft application.

http://www.spyfalcon.com/?aff=264

I'm not sure what to make of it. I used the control panel to "remove the program" and it's telling me it's been uninstalled, yet in the bottom right toolbar, there's a flashing icon informing me of impending doom if I don't go buy their shit.

I'm running an AVG scan now (I run one nightly, but don't really feel like waiting in this case).

Has anyone seen this? Can anyone help me get rid of it?

Thanks

Paul
 

Thumpr

TRIBE Member
always best to scan and clean in safe mode, that way the process doesn't get a chance to start and can be removed by spyware software more easily.
 

veteze

TRIBE Promoter
Not only is it fake spyware but if you do buy their removal tool it won't do anything and they will steal your credit card info and sell it to the Russian mafia. Brutal. It took me 8 hours to remove this particular spyware about 3 weeks ago. It was NASTY. I'm pretty sure I got it through an IIS back door because it just appeared on my machine one morning and I hadn't run any keygens or ghey installers in months. But I had let my updates laps for a couple months. Sigh...

You're going to need to use a combination of hijackthis, ewido and a removal tool called smitRem. I also ended up buying a legit key for XP so I could get the latest updates faster (I didn't feel like finding the latest hack to WGA). Microsoft will now let you buy a key if you fail the WGA test. They even send you a key changer util that works better than that older h4x0r one. In hindsite the latest updates didn't seem to give me anything I didn't already have so it may have just been my own paranoia at work there.

I ended up finding a couple walkthroughs to remove the virus. Mostly from people who had posted their hijackthis logs. google 'smitRem "Spy Falcon"' and you should come up with some results.

Good luck!
 

Lurker

TRIBE Member
Balzz gave me a link that has instructions for the smitrem fix. I hope I can make it work without fucking it up too bad.

How do I boot in safe mode?
 
tribe cannabis accessories silver grinders

Lurker

TRIBE Member
Shit.

I think I jumped the gun un-installing this piece of shit program. When I first was informed that I had this SpyFalcon thing, I went to add/remove programs and uninstalled it, which obviously didn't work.

Now, in reading the instructions from bleepingcomputer.com, I need to go into Windows safe mode, add/remove programs, and THEN uninstall the damn thing (after downloading a couple other patches first).

Shit shit shit shit

I hope I can find this damn thing and kill all it's crap. It's bloody annoying.
 

veteze

TRIBE Promoter
8 hours yo. it's the worst spyware i've ever encountered. i had never been hit with anything until this one. i've fixed plenty of friends machines riddled with multiple spywares on em and those only took me a couple hours... BRUTAL.

:)
 

Lurker

TRIBE Member
shit.

You're not helping Mike!!!! :p

*kidding

What I should probably do is clean the thing as best I can, remove all my downloaded music & stuff, and send it back to the company IT department and let them deal with it....

I just don't want to get burned for any small IT violation though.

I can't even figure out where I caught this from? I never let anything install itself...
 

Lurker

TRIBE Member
lol, well, the professional analysys I just got said: "you're fucked" *laughter and likely some pointing in my general direction.

Thanks to Balzz for taking a peek into my machine.

Looks like I'll be spending my workday deleting select files from the depths of the computer and registry.

Failing that, a magnet might fall on the computer, resting on it overnight, thus requiring me to send to whole machine back to the IT department cuz it doesn't work anymore :D
 
tribe cannabis accessories silver grinders
Top