Solved

Need to remove atledit.dll spyware

Posted on 2004-10-13
11
172 Views
Last Modified: 2010-04-12
I have a piece of spyware on my computer that seems to be related to this .dll file:

Winnt/System32/atledit.dll

This .dll is hidden, and I am unable to delete it, even in safe mode.

I also found a reference to atledit.dll here:

HKLM\software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notitfy\WOW

IF I delete the WOW folder it just comes right back. This spyware creates IE popups on my desktop. How can i get rid of this?
0
Comment
Question by:dplusp
  • 4
  • 4
  • 2
  • +1
11 Comments
 
LVL 65

Accepted Solution

by:
SheharyaarSaahil earned 350 total points
Comment Utility
Hello dplusp =)

Do this, Download Adaware SE from here >> AdAware ==> http://www.spychecker.com/program/adaware.html
Install and Update it, and then get this plugin for it and install it >> http://www.lavasoftusa.com/software/addons/vx2cleaner.shtml

Then boot ur system in safemode, and run the scan with Adaware and delete everything it detects !!
Run Disk Cleanup to delete the temp and junks from ur hard drive !!

Restart back in normal mode and check for the problem now ??
if still the same, then Download this tool >> http://download.broadbandmedic.com/VbStuff/VX2Finder.exe
Run it and press the Find button and then the log button.
Copy everything and paste them here !!
Good Luck :)
0
 

Author Comment

by:dplusp
Comment Utility
I did run AdAware and also SpySweeper. Both programs found a lot of other junk and deleted it. But neither one can seem to detect this particular one.

I tried the link that you sent and got an error message.

0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
Comment Utility
But i wanted u to download and install that Vx2 Addon and then scan ur system with Adaware !!
and im sorry for that wrong link, here is the working one >> http://www.downloads.subratam.org/VX2Finder9x.exe
0
 

Author Comment

by:dplusp
Comment Utility
I downloaded and executed the Vx2 Finder and got a message that this Finder is only for 9x based systems. Sorry, I'm using XP.
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
Comment Utility
no problem :)
can u run this one >> http://www.downloads.subratam.org/VX2Finder.exe
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 

Author Comment

by:dplusp
Comment Utility
I ran the VX2 finder and it didn't detect the .dll i'm referring to.

I found the cause of my popups, but can't seem to get rid of this .dll. If I delete it from the registry it just comes right back, and if I try and remove it from the System32 folder I get an access denied error.

How can I get rid of this, or at least keep it from executing?
0
 

Expert Comment

by:rreister
Comment Utility
Try running the free online copy of X-Cleaner:  http://www.spywareguide.com/txt_onlinescan.html
0
 

Author Comment

by:dplusp
Comment Utility
I tried the X-Cleaner. The program ended up crashing.
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
Comment Utility
>> I ran the VX2 finder and it didn't detect the .dll i'm referring to.

hmmmmm i asked to post here the log it produces :)
0
 
LVL 4

Expert Comment

by:riotz
Comment Utility
Just Click Start > Run, type 'regsvr32 /u %WinDir%/System32/atledit.dll', then click Ok.
0
 
LVL 4

Expert Comment

by:riotz
Comment Utility
so how did you fix it now ?
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Suggested Solutions

You cannot be 100% sure that you can protect your organization against crypto ransomware but you can lower down the risk and impact of the infection.
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now