7 replies to this topic

[Wingfoot]

New member here, seeking assistance with what looks to be malware problem ... tdlwsp.dll
(will categorize myself as light-to-midweight tech aware)

I found a couple of other discussions elsewhere that are very similar to my problem, but not certain.


It seems I have this tdlwsp.dll problem on my laptop.
All of my programs still work, but I get these annoying messages everytime I click on something or launch something.
And I have to click "OK" in order to continue.
Rebooting doesn't clear it ... but the path in the message changes slightly after each reboot

Could not find a tdlwsp.dll file anywhere on my hard drive.

TODAY, after reboot, it looks like this:
The application DLL globalroot\Device\Ide\IdePort1\xxyritix\xxyritix\tdlwsp.dll is not a valid Windows image. Please check this against your installation diskette.

Registry search shows:
; Registry Keys Registry Values Registry Data
; HKEY_LOCAL_MACHINE HKEY_USERS
[HKEY_USERS\S-1-5-21-3816482534-676919736-641692032-500\Software\Microsoft\Search Assistant\ACMru\5603]
"009"="tdlwsp.dll"



Yesterday it looked like this:
The application DLL globalroot\Device\Ide\IdePort1\fpxmdrib\fpxmdrib\tdlwsp.dll is not a valid Windows image. Please check this against your installation diskette.

Registry Search showed:
; Registry Keys Registry Values Registry Data
; HKEY_LOCAL_MACHINE HKEY_USERS
[HKEY_USERS\S-1-5-21-3816482534-676919736-641692032-500\Software\Microsoft\Search Assistant\ACMru\5603]
"008"="tdlwsp.dll"


A bit lost on this one, and any assistance would be greatly appreciated

[Blade81]

Hi,

Download DDS and save it to your desktop from here or here or here.
Disable any script blocker, and then double click dds.scr to run the tool.

• When done, DDS will open two (2) logs:
  • DDS.txt
    
  • Attach.txt
• Save both reports to your desktop. Post them back to your topic.

[Wingfoot]

Blade81, on Oct 18 2009, 05:27 AM, said:

Hi,

Download DDS and save it to your desktop from here or here or here.
Disable any script blocker, and then double click dds.scr to run the tool.

• When done, DDS will open two (2) logs:
  • DDS.txt
    
  • Attach.txt

<li>Save both reports to your desktop. Post them back to your topic.

 Attach.txt   15.73K   29 downloads
 DDS.txt   14.17K   32 downloads

[Blade81]

Please download Malwarebytes' Anti-Malware to your desktop.

• Double-click mbam-setup.exe and follow the prompts to install the program.
  
• At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select Perform full scan, then click Scan.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Be sure that everything is checked, and click Remove Selected.
  
• When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be found here: C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  
• Please post contents of that file in your next reply.

[Wingfoot]

Blade81, on Oct 19 2009, 09:13 AM, said:

Please download Malwarebytes' Anti-Malware to your desktop.

• Double-click mbam-setup.exe and follow the prompts to install the program.
  
• At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select Perform full scan, then click Scan.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Be sure that everything is checked, and click Remove Selected.
  
• When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be found here: C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  
• Please post contents of that file in your next reply.

[Wingfoot]

Malwarebytes' Anti-Malware 1.41
Database version: 2775
Windows 5.1.2600 Service Pack 2

10/19/2009 7:34:29 PM
mbam-log-2009-10-19 (19-33-57).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 227322
Time elapsed: 2 hour(s), 19 minute(s), 29 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\minint\system32\drivers\dmload.sys (Worm.Spambot) -> No action taken.

[Blade81]

Hi Wingfoot,


Please upload this files:

C:\minint\system32\drivers\dmload.sys (note: in C:\minint\system32\drivers folder and not c:\windows\system32\drivers)

to this website.

Kindly include a link to this topic in the message.


Let me know when that's been done.

[AdvancedSetup]

Due to the lack of feedback this Topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

The fixes and advice in this thread are for this machine only. Do not apply the instructions from this thread to your own machine. Please start a new thread describing your issue and someone will be along to assist you.