Any Other Ideas
Just did it and the ^%$#^*&^(* icon still there... i'm running XP Home, already look for all those files are they are no there, when i do the "del fyhh..... " said the file is not there...
HELP... Anyone???
SolumTECH said:Get rid of it once and for ALL(atmclk.exe)
i am running WINDOWS 2000 but this should work for 2k also
files that must be removed
to kill this damn program(incomplete but smitfraud get all of them except1)
atmclk.exe - in system32
regperf.exe
ld28E0.tmp
1024 folder
fyhhxw.dll---problem dill---fix= boot to cmd line go to c:\winnt\system32
type del fyhhxw.dill
stdole3.tlb
simpole.tlb
wapisvsu.exe
**********************
Lets destroy the malicious prorams!!
i fixed this problem by
1. uninstalling Spyfalcon(just use the windows uninstaller)
**(note trendmicro's pccillin internet security trial edition removed 4 viruses that come
with this malware. i used this in between steps 1 and 2 but if you have your own virus removal prog it should do the same)
2. dling the security task manager-install and run it
*(shows all the hidden processes running on you computer and has an excellent "google it"
option when you right click on a process to see if its real)
3. stop the atmclk.exe process
3. dling and running SmitfraudFix
4. after i did that dispite people saying it fixed all their problems i
still had a pop up every min saying i had 4 viruses. the program manifested
itself on my system tray and was completely uninteractable except when you
click it you get sent to the spyfalcon site.
5.Smitfraud fix couldnt remove or forgot to remove fyhhxw.dll
6. secruity task manager can see a process called Run a dill as an app
and you cannot stop the process.
7. now we know how that pop up is always running even though it isnt an exe and
you cat find any registry values
8.boot to cmd line go to c:\winnt\system32 type del fyhhxw.dill
EVERY TRACE WILL FINALLY BE GONE
(if you dont really know how to move around the command line its no problem just remember
1.cd= change directory
2.cd \. takes you to the root directory, c:
3.cd winnt takes you to the winnt folder
4.cd system32 takes you to the system32 folder
5.once you are there delete fyhhxw.dill by typing
del fyhhxw.dill
dl links
trendmicro antivirus -click try- http://www.trendmicro.com/buy/us/personal.asp
security task manager - http://www.neuber.com/taskmanager/download.html
smitfraudfix -zip file- http://siri.geekstogo.com/SmitfraudFix.php
spyfalcon info - do with it what you will =)
Domain Name: SPYFALCON.COM (195.225.176.79)
Registrant:
SunShine Ltd
David Taylor
U-12 Gamma Commercial Complex # 47
Rizal Highway cor. Manila Ave Subic Bay
Olongapo City
null, 98101, PH
Tel. +206.9543154
Other domains at the same IP address:
Spyfalconupdate.com
Updateyourwindows.com
a major help in beating this was looking at the time stamp on the file properties in system32
if you get a virus look for files with the same time stamp almost certantly they are products of the virus
please send me an email or post a response i wanna know if this helps anyone =)
i know i fixed it in a round about way but i think i avoided alot of unpleasent registry editing
Tank you everyone on the boards every little bit helped slay the beast
Just did it and the ^%$#^*&^(* icon still there... i'm running XP Home, already look for all those files are they are no there, when i do the "del fyhh..... " said the file is not there...
HELP... Anyone???