SpyFalcon

Discussion in 'Malware Help (A Specialist Will Reply)' started by Lunne, Mar 6, 2006.

  1. Lunne

    Lunne Private E-2

    So, I followed all the instructions.
    What I did:
    I downloaded smitrem.exe without problems, and Extracted, but didnt run it. I disconnected, rebooted to safe mode, and when I was about to remove SpyFalcon, it already seemed to be removed, it wasnt in the add/remove files section, but the annoying popup was still continuing to pup up.
    I doubleclicked the fixfalcon.reg file, and it worked fine, and I started to look for the dxmpp.dll file.
    I could find the C:\Windows\system32 folder, but there was no dxmpp.dll file in it, and therefor, I could not delete it.
    I continued anyway, and the RunThis.bat tool worked as it should, I think, and when it was done I rebooted to normal mode, and again I searched for dxmpp.dll, but it still wasnt there.
    The annoying popup still remains, so the SpyFalcon does not seem to have been deleted.
     

    Attached Files:

    Lunne, Mar 6, 2006
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    There is a new version of SpyFalcon out. Try the below.

    First, make sure you have followed the steps in this link: How to view hidden, system files & folders!

    Now copy the contents of the below Quote Box to Notepad. Then click File and then Save As. Change the Save as Type to All Files. Name the file fixfalcon.reg and then click save. it to your Desktop. We will use it later after a reboot into safe mode.
    • Now download smitRem.exe written by noahdfear and save the file to your Desktop.
    • Double click on the smitRem.exe file to extract it to it's own folder on the desktop. (this should be the default selection). Do not run the program yet!
    • Now you will need to print or save these instructions locally (to a text file on your Desktop) for later reference. This is necessary because you must not have any browers open and must not connect to the internet while following the below steps.
    • Now disconnect your cable to the internet (physically unplug it).
    • After saving the instructions, reboot into Safe mode
    • Now once in safe mode, goto Add/Remove programs and uninstall SpyFalcon.
    • Now double-click on the fixfalcon.reg file on your desktop (or locate it with Windows Explorer and double click on it if not saved to the Desktop) and when it prompts to Add in to the registry, say yes.
    • Run Windows Explorer by right clicking Start & Select Explore
    • Locate the C:\Windows\system32 \dxmpp.dll and right click on it and select delete. If it will not delete now. We will retry later.
    • Also locate C:\WINDOWS\system32\ginuerep.dll and delete it too.
    • Now open the smitRem folder on your Deskop, double click on it to access the folder, then double click the RunThis.bat file to start the tool. Follow the prompts on screen. Wait for the tool to complete and disk cleanup to finish.
    • The tool will create a log named smitfiles.txt in the root of the drive that you ran the batch file on, eg; Local Disk C: or partition where your operating system is installed. Upload this file later after reboot.
    • Now reboot your system into normal mode.
    • If you had any problems deleting the dxmpp.dll or the ginuerep.dll files, try deleting them again now.
    • Now also locate the below files and delete them:
    C:\Program Files\SpyFalcon <--- the whole folder
    • Reconnect your cable to the internet.
    • Now attached your smitfiles.txt log to a message and provide information about the steps above and what your current status is with SpyFalcon.
     
    chaslang, Mar 6, 2006
    #2
  3. Lunne

    Lunne Private E-2

    OK:
    I did everything as it said, and still I could not find any dxmpp.dll file, but I found the ginuerep.dll, and tried to remove, but it didnt work first, so I started RunThis.bat and when it was done I removed the ginuerep.dll file successfully, and Windows Defender seemed to have removed the SpyFalcon folder too, becouse it alerted about it before I started trying this, and I allowed it to remove it. So when I looked for it it wasnt there, I also used the search function but only found broken shortcuts, which I deleted.
    I seem to be clean now, since that annoying popup is gone.
    Thanks a lot, now I can go back to playing games:)
     

    Attached Files:

    Lunne, Mar 7, 2006
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome.

    If you are not having any other malware problems, it is time to go to step 1 of the READ & RUN ME to Disable System Restore which will flush your Restore Points. Then reboot and enable System Restore to create a new clean Restore Point.

    After that, you should work thru the below link:

    How to Protect yourself from malware!
     
    chaslang, Mar 7, 2006
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds