Results 1 to 9 of 9

Thread: How can I remove "tdlwsp.dll" rootkit?

  1. #1
    joems Guest

    Default How can I remove "tdlwsp.dll" rootkit?

    Zone Alarm virus scan detected the following virus, but gives an error when I try to remove it:
    "Memory: was found in \\?\globalroot\device\ide\ideport1\owprppbw\owprpp bw\tdlwsp.dll on 9/21/2009 7:35:32"

    The virus seems to be a browser hijacker. When I click on a web link, I usually get taken to some other site, often a shopping or advertising site, rather than the link I clicked on.

    What can I do to remove this virus from my system? Thanks for your help.

    Joel

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,291

    Default Re: How can I remove "tdlwsp.dll" rootkit?

    Hi!
    try to follow all steps as detailed in the sticky thread here.

    Cheers,
    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    joems Guest

    Default Re: How can I remove "tdlwsp.dll" rootkit?

    Hi Fax,

    Sorry if I'm being dense, but where's the "sticky thread"? I didn't see a link in your reply.

    Thanks again,
    Joel

  4. #4
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,291

    Default Re: How can I remove "tdlwsp.dll" rootkit?

    It is just the first message in this page. it is always there. It is sticky and will be always the first in the "malware discussion" section

    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  5. #5
    joems Guest

    Default Re: How can I remove "tdlwsp.dll" rootkit?

    I followed the steps in the Sticky note, but I've still got the virus. Zone Alarm detects it, but can't remove it (still give an error). MBAM detects it, says it will remove it on reboot, but the virus is still there after I reboot (I know this because MBAM detects it again after I reboot and run a scan, and my browser continues to be hijacked). Super-antispyware doesn't detect it.

    I'm currently running Zone Alarm 8. Do you think Zone Alarm 9 would be able to remove it? Any other ideas on how I can get rid of this virus?

    Thanks,
    Joel

  6. #6
    Hiero2 Guest

    Default Re: How can I remove "tdlwsp.dll" rootkit?

    Joe:

    I've got a machine suffering from a similar RAM resident dll virus/trojan. Mine hijacks the default browser to fake AV ransome-ware web sites. I've been unsuccesfull in cleaning it, and I believe that there is ultimately only the final solution: wipe the hdd and reinstall.

    I could be mistaken, but I'm pretty sure that this type of trojan has been built with the old RAM resident viruses capacity of hiding in RAM until shutdown, then writing to the hard drive, possibly even to the boot area. It's been so long since I've dealt with these, I've forgotten how they worked!

    Regardless, this is not usually the answer somebody prefers to hear (reboot from CD, format, and reinstall), but it may be your best solution.

  7. #7
    Join Date
    Dec 2002
    Location
    San Carlos, California
    Posts
    1,636

    Default Re: How can I remove "tdlwsp.dll" rootkit?

    Just a thought

    Have you tried booting up in Safe Mode with Net working and trying MBAM or ZA that way?

    If that does not work have you search the internet for Manual removal directions? Just beware of site trying to get you to load software and then having to buy it with promises it will be removed.

    There are a number of threads on the Malware-Bytes forum with user who have the same issues also. Maybe it might help some but so far looks like there no success removing this nasty.

    http://www.malwarebytes.org/forums/i...howtopic=24978


    Forum Moderator

  8. #8
    thegrimmling Guest

    Default Re: How can I remove "tdlwsp.dll" rootkit?

    Actually, the "tdlwsp.dll" seems to only be able to be removed with one program. I tried close to 30 to remove it.


    The program that can remove the rootkit of "tdlwsp.dll" is...... Windows Defender!!!!



    I was shocked that out of all the programs that could not remove it, Windows Defender did.

  9. #9
    thegrimmling Guest

    Default Re: How can I remove "tdlwsp.dll" rootkit?

    On a side note,

    After the removed of the "tdlwsp.dll", you may need to uninstall and re-install your java platform.

    I had a hard crash when java opened on a page after removing the "tdlwsp.dll" and a reinstall corrected it.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •