Solved

Need to remove atledit.dll spyware

Posted on 2004-10-13
11
184 Views
Last Modified: 2010-04-12
I have a piece of spyware on my computer that seems to be related to this .dll file:

Winnt/System32/atledit.dll

This .dll is hidden, and I am unable to delete it, even in safe mode.

I also found a reference to atledit.dll here:

HKLM\software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notitfy\WOW

IF I delete the WOW folder it just comes right back. This spyware creates IE popups on my desktop. How can i get rid of this?
0
Comment
Question by:dplusp
  • 4
  • 4
  • 2
  • +1
11 Comments
 
LVL 65

Accepted Solution

by:
SheharyaarSaahil earned 350 total points
ID: 12303124
Hello dplusp =)

Do this, Download Adaware SE from here >> AdAware ==> http://www.spychecker.com/program/adaware.html
Install and Update it, and then get this plugin for it and install it >> http://www.lavasoftusa.com/software/addons/vx2cleaner.shtml

Then boot ur system in safemode, and run the scan with Adaware and delete everything it detects !!
Run Disk Cleanup to delete the temp and junks from ur hard drive !!

Restart back in normal mode and check for the problem now ??
if still the same, then Download this tool >> http://download.broadbandmedic.com/VbStuff/VX2Finder.exe
Run it and press the Find button and then the log button.
Copy everything and paste them here !!
Good Luck :)
0
 

Author Comment

by:dplusp
ID: 12303176
I did run AdAware and also SpySweeper. Both programs found a lot of other junk and deleted it. But neither one can seem to detect this particular one.

I tried the link that you sent and got an error message.

0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 12303200
But i wanted u to download and install that Vx2 Addon and then scan ur system with Adaware !!
and im sorry for that wrong link, here is the working one >> http://www.downloads.subratam.org/VX2Finder9x.exe
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 

Author Comment

by:dplusp
ID: 12303241
I downloaded and executed the Vx2 Finder and got a message that this Finder is only for 9x based systems. Sorry, I'm using XP.
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 12303263
no problem :)
can u run this one >> http://www.downloads.subratam.org/VX2Finder.exe
0
 

Author Comment

by:dplusp
ID: 12309071
I ran the VX2 finder and it didn't detect the .dll i'm referring to.

I found the cause of my popups, but can't seem to get rid of this .dll. If I delete it from the registry it just comes right back, and if I try and remove it from the System32 folder I get an access denied error.

How can I get rid of this, or at least keep it from executing?
0
 

Expert Comment

by:rreister
ID: 12309267
Try running the free online copy of X-Cleaner:  http://www.spywareguide.com/txt_onlinescan.html
0
 

Author Comment

by:dplusp
ID: 12309539
I tried the X-Cleaner. The program ended up crashing.
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 12309809
>> I ran the VX2 finder and it didn't detect the .dll i'm referring to.

hmmmmm i asked to post here the log it produces :)
0
 
LVL 4

Expert Comment

by:riotz
ID: 12514604
Just Click Start > Run, type 'regsvr32 /u %WinDir%/System32/atledit.dll', then click Ok.
0
 
LVL 4

Expert Comment

by:riotz
ID: 12538167
so how did you fix it now ?
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question