Jump to content

Welcome to Geeks to Go
Geeks to Go Welcome
Create Account Login to Account

How to remove SpyFalcon

- - - - -

  • Please log in to reply
1 reply to this topic



    Founder Geek

  • Community Leader
  • 24,639 posts
How-to remove SpyFalcon

SpyFalcon Screenshot:

Removal Instructions:Step 1:
  • Download:
    Use this URL to download the latest version (the file contains both English and French versions):

    Mirrors: Alternate official download locations for Smitfraudfix.zip

    • Extract all the archive content
    • Search:
    • Double-click smitfraudfix.cmd
    • Select 1 and hit Enter to create a report of the infected files. The report can be found at the root of the system drive, usually at C:\rapport.txt
  • Clean:
    • Reboot your computer in Safe Mode (before the Windows icon appears, tap the F8 key continually)
    • Double-click smitfraudfix.cmd
    • Select 2 and hit Enter to delete infect files.
    • You will be prompted: Do you want to clean the registry ? answer Y (yes) and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection.
    • The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found): Replace infected file ? answer Y (yes) and hit Enter to restore a clean file.
    • A reboot may be needed to finish the cleaning process. The report can be found at the root of the system drive, usually at C:\rapport.txt
  • Optional:
    • To restore Trusted and Restricted site zone, select 3 and hit Enter.
    • You will be prompted: Restore Trusted Zone ? answer Y (yes) and hit Enter to delete trusted zone.
process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool". It is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
Optional: Use this step only if your computer still seems infected:Step 2:
  • Reboot your system back into Normal Mode and perform an online scan with Panda ActiveScan
  • Once you are on the Panda site click the Scan your PC button.
  • A new window will open...click the Check Now button.
    • Enter your Country
    • Enter your State/Province
    • Enter your e-mail address and click send
    • Select either Home User or Company
    • Click the big Scan Now button
  • If it wants to install an ActiveX component allow it
  • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
  • When the download is complete, click on Local Disks to start the scan
  • When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location.

    To confirm that Spyfalcon is removed from your computer
Post the contents of the Panda ActiveScan report, along with a new HijackThis Log, the contents of smitfiles.txt in a new Topic in the Malware Removal Forum

This is a self-help guide. Use at your own risk.

Important Note: If you need assistance with SpyFalcon, please start a new topic in our Malware Removal Forum.
  • 0




    Founder Geek

  • Community Leader
  • 24,639 posts
This topic has been left open to allow specific questions and comments related ONLY to this guide. It's NOT for posting HJT logs, links to your logs, or any other general malware help. Replies not following these rules will be deleted. Thanks for your cooperation.
  • 0

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Malware Removal How to Guides Windows 7 System Building Download Files Register welcome

Never used a forum? Learn how.