SpyWare Falcon

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I just caught this malware and had to remove it by hand. Neither MS anti
spyware or MS One Care Live Beta caught it. as a mater of fact this will be
the third attack since I have been using your product. While I used Norton I
never had one attack! You guys need to hurry up and get on the ball. If you
would like I saved most of the files. I changed there names while I was in
safe mode by placing spaces in between the name so it will not work. SpyBot
S&D did not find it nor Ad-Aware. So this one must be pretty new. Oh I tried
to use the report tool and it keeps coming up with an error saying to check
the proxy.
 
If you zip it, and password protect it with the password "infected" Bill
Sanderson can make sure that it gets passed to folks at Microsoft who are at
least as
interested as you are in making sure such things are stamped out.

About the proxy.
This response probably indicates that you've hit a bug which will keep you
from submitting such reports until beta2 is available.

You can check, in Internet Properties, connections tab, and somewhat
deeper--for a button to automatically detect whether there is a proxy server
present. In some cases, checking this box fixes some communication issues,
even when there's no reason to believe that a proxy server is present.

Unless you are, in fact, behind a proxy and have incorrect settings for web
connections, we don't have a workaround for this bug--it won't be present in
beta2.

Еиçеl
 
Remove two final terms from posting Bill's address for a valid email.
(e-mail address removed)
Еиçеl
 
I think Microsoft has samples of this one, fwiw.

Thanks for the alert--indeed, the folks behind this one are quite slippery,
and use web screens that closely resemble some Microsoft pages. as part of
their "sales" effort. This is essentially extortion--the "associates" use
vulnerabilities or misleading web pages to push the product, which costs $
and is ineffective.

I know that Microsoft is well aware of these folks--and working at detection
and removal--but the vendors involved seem to be hard to reach, in terms of
legal remedies.
 
hi I just got spyware falcon while installing my new computer. Can you help
me get it off this computer. MS and spybot can,t
 
Tommy--check out the response from plun to a message earlier in this
thread--he has the best current info on how to remove this.

--
 
Hi Bill and Tommy

The easiest way is to use AndyMs canned message for Spywarestrike
removal.

Smitrem, CCleaner and Ewido.

From AndyM

"Its another SpyAxe clone, Use Smitrem and Ewido to clean the system
then
finally Ccleaner to remove temp files:

Download SmitRem

http://noahdfear.geekstogo.com/click counter/click.php?id=1

Save it to your desktop,Double click Smitrem.exe to extract it to it's
own
folder on the desktop.

Please download, install, and update the trial version of ewido
security
suite

http://www.ewido.net/en/download/

When installing, under "Additional Options" uncheck "Install background
guard" and "Install scan via context menu". Click on update in the left
menu,
then click the Start update button. After the update finishes close
Ewido

Download Ccleaner

http://www.ccleaner.com/ccdownload.asp

Install then close.

Now reboot to Safe Mode - Restart your computer and immediately begin
tapping the F8 key on your keyboard.
If done right a Windows Advanced Options menu will appear. Select the
Safe
Mode option and press Enter.
To return to normal mode just restart your computer as you normally
would.

Open the smitRem folder, then double click the RunThis.bat file to
start the
tool. Follow the prompts on screen.
Wait for the tool to complete and disk cleanup to finish.
The tool will create a log named smitfiles.txt in the root of your
drive,
eg; Local Disk C: or partition where your operating system is
installed.

When thats finished run Ewido again.

From the main menu click on 'scanner' then click 'Complete System Scan'
When ewido finds something, it will pop up a notification. Select
"Remove"
and check the boxes "Perform action with all infections" and "Create
encrypted backup" then click on ok.When the scan finishes, click on
"Save
Report" and save it to your desktop or c:/drive incase you need it
again.

Finally run Ccleaner and press the Run Cleaner Button to remove temp
files

Reboot Back To Normal Mode

This should fix your problems but if it continues just let us know and
post
back the scan logs (smitrem.txt & Ewido's scan log)

You will need to reload your wallpaper after this tool finishes, To
change
your wallpaper right click desktop and choose properties, Set the Theme
to XP
if you are running XP then goto the Desktop tab and choose your
wallpaper
from there.

Regards

Andy


plun
 
Thanks guys! If you would like to look at this one, I'll send it. If not ,,
in the trash it goes. I do beleave the reason this one got past all of the
anti spy ware I have is that the exe file was in the prefetch file. (First
time I have seen that one.) And I have never seen one named quite like this.
I did run MS anti - spybot - and ad aware. Not one found it. I found it by
running a search (while still in safe mode) Once with the name and the second
time no name just the date. It happened at 8:56 am . So everything that had
that time referance. I changed the name and put it in a new file. This way I
knew I had it all. So Bill if MS would like to look at this. Let me know.
Spybot and Ad Aware both have asked for a copy.
 
Go ahead--I'd be happy to pass it on--

(e-mail address removed)

zip up whatever you attach, and password protect it with the password
"infected".



--
 
Back
Top