Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Datim.dll

Status
Not open for further replies.
jinxs

jinxs

Vendor
Mar 28, 2003
725
US
Hello everyone,

I have found from hijack this that I have a BHO in my c:\windows\system32 folder as well as a CLSID registy entry in
HKEY_CLASSES_ROOT\CLSID\{1AF27D5D-C694-4BEA-A360-64EE8BC6E64B}\InprocServer32.
I can't delete the DLL or the CLSID..it pretty much says access denied. After Multiple searches here on Tek-tips, I have tried ending the process explorer and deleting the DLL, nothing, tried to have AVG and Hijackthis remove the file, still comes back, and I have also downloaded Killbox and tried to have it delete the DLL with no avail. Everytime I delete the file and do a reboot, the file comes back. Does anyone have any other ideas on how to remove this file. It is really a nuisance whenever I use IE or windows explorer. This file does not affect mozilla. Thanks for any input. If I did not provide enough information, please let me know what you need.

Alan Wiesner
 
Sort by date Sort by votes
As well, I have tried doing all the above in safe mode with system restore off and I have have tried deleting the file in safe mode command menu through the command menu. I also have tried disabling the DLL using the regsvr32 /uc:\windows\system32\datim.dll command in start run. Thank you.
 
Upvote 0 Downvote
A couple of things to try.

First off you can try unlocker
(right click the file, left click unlock, then unlock the process using it)

if that does not work you can use killbox
(have it delete the file on reboot)

If that does not work you can make a bart pe cd using your windows install cd. Then you can boot from the cd , use its file manager, locate the file and delete it that way.


Let us know the results

There is a point in wisdom and knowledge that when you reach it, you exceed what is considered possible - Jason Schoon
 
Upvote 0 Downvote
Hello,

I've come across only a handful of cases that give me that same type of problem and usually it's a fight getting it off. You can try using subinacl to reset permissions on everything, You might also have to check all windows files to ensure they're in tact and in their original filesize by running: sfc /scannow in normal mode. You can also try using cacls <insert filename> /E /P Everyone:N
this will deny access to everyone for that file. you might also have to run subinacl in safemode under the administrator account.

Good luck
Scott
 
Upvote 0 Downvote
In a lot of the spyware/malware nowadays, the file you see as a problem is protected by other files more hidden. I suspect that is the case on your system.

Googling the datim.dll gets this thread:


where you can see how an experienced spyware fighter is starting to address the issues on that system.
 
Upvote 0 Downvote
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top