Results 1 to 5 of 5

Thread: Virus Rootkit.Win32.clbd.jg

  1. #1
    bennyd Guest

    Default Virus Rootkit.Win32.clbd.jg

    Having a problem with this virus,
    will not
    rename, will not delete. Does anyone know anything
    that may help?
    When opening web or local programmes the message received is : Application or DLL C:\windows\system 32\........ is not a valid windows image. Please check against your installation diskette.

    Message Edited by BennyD on 09-03-2008 07:47 PM

  2. #2
    bennyd Guest

    Default Re: Virus Rootkit.Win32.clbd.jg - edit/adit

    Full message string :- Application or DLL C:\windows\system32\TDSSAWL.DLL

  3. #3
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Virus Rootkit.Win32.clbd.jg - edit/adit

    Start in the safe mode.
    Open the registry and delete any entry for the
    TDSSAWL.DLL as shown by the Find of the regedit (this may not show results as this dll could be using other windows applications that it has hooked into and therefore an new run or start key could be this malware in disguise. for example.)

    Then reboot back again into the safe mode.
    Now delete the file.
    Immediately clean the recycle bin.

    While still in the safe mode, next make a "dummy" file.
    In windows\system32 folder next make a simple text file and open it. Type in "this is a dummy file" and date it with the time and put your name in. Then close the text file and then rename it to... you guessed it...TDSSAWL.DLL
    Then open the Properties of the dummy file just made.
    Check the Read Only and Apply and OK.
    Close everything and do a complete shutdown.
    Wait two minutes and then startup windows.

    Maybe this works and maybe not.

    Oldsod.
    Best regards.
    oldsod

  4. #4
    bennyd Guest

    Default Re: Virus Rootkit.Win32.clbd.jg - edit/adit

    Thankyou for the advice Old Sod, I'll give it a go.

  5. #5
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Virus Rootkit.Win32.clbd.jg - edit/adit

    You should have a look at this thread for extra helps:

    http://forum.zonelabs.org/zonelabs/b...essage.id=4280

    and maybe consider going to a proper Hi Jack This forum and getting some free professional help.

    Oldsod.
    Best regards.
    oldsod

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •