Solved

How do I manually remove the Backdoor.Tidserv.I!inf trojan? Best way to do this!

Posted on 2010-08-17
10
600 Views
Last Modified: 2013-11-22
I need to remove this nasty trojan manually, since Norton cannot remove it.
I need to know a couple of ways to do this!
0
Comment
Question by:jazzyarroyo
10 Comments
 
LVL 6

Expert Comment

by:WileCoyote8
ID: 33460681
download the VIPRE rescue program and install it in safe mode and run the program to clean your system
http://live.sunbeltsoftware.com

0
 
LVL 6

Accepted Solution

by:
siht earned 200 total points
ID: 33460706
I have had success with malwarebytes antimalware. You should run it in safe mode.
http://www.malwarebytes.org/
0
 
LVL 35

Expert Comment

by:torimar
ID: 33460721
Use TDSSKiller (http://support.kaspersky.com/downloads/utils/tdsskiller.zip) and Malwarebyte's (link given above).

Then follow instructions here: http://www.myantispyware.com/2008/11/05/how-to-remove-trojan-tdsserv/
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 13

Assisted Solution

by:JeremySBrown
JeremySBrown earned 200 total points
ID: 33460737
Run a temporary file remover...CCleaner is a good one and it's free.
http://www.ccleaner.com/

Download Combofix by sUBs.
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Before running Combofix, temporary disable any firewall(s) shield(s) ect...to prevent any conflicts with Combofix. After Combofix is done scanning, it will create a log, for further instructions, save and paste the results by Attach File, or by Code Snippet so other experts can take a look at it. Once after the log looks clean, you may enable your firewall(s) shield(s) ect. Combofix will disconnect your machine from the Internet. Your Internet connection will be automatically restored just before Combofix completes its scan. If Combofix runs into problems, your Internet connection can be manually restored by restarting your machine.

You'll might need to rename the file before saving to your desktop so it will not be blocked.

Please note: Don't run Combofix in Safe Mode.
0
 
LVL 11

Assisted Solution

by:farjadarshad
farjadarshad earned 100 total points
ID: 33461060
if you really wanted to do it manually then see the below link

http://farjadarshad.blogspot.com/2008/12/places-where-viruses-and-trojans-hide.html
http://farjadarshad.blogspot.com/2009/10/virus-unwiseexe-removing-technique.html

But i would prefer before manually removing them you go with the following

Antivirus (use any one)
1. Eset Nod32
2. Symantec End point
3. Kaspersky
4. Norton 360

Antimaleware and antispyware ( use all of these after updating them)

1. Malewarebytes >>          http:www.malwarebytes.org
2. Superantispyware >>     http://www.superantispyware.com/
3. Hitmanpro's Surfright >> http://www.surfright.nl/en/hitmanpro
4. Hijack this >>                   http://download.cnet.com/Trend-Micro-HijackThis/3000-8022_4-10227353.html
5. Combofix >>                    http://www.bleepingcomputer.com/combofix/how-to-use-combofix
6. Bitdefender >>                http://kb.bitdefender.com/site/KnowledgeBase/consumer/#627
7. SPybot                            http://www.filehippo.com/download_spybot_search_destroy/
8. CCleaner                         http://www.filehippo.com/download_ccleaner/
9. Registry Cleaner             http://www.eusing.com/free_registry_cleaner/registry_cleaner.htm

now after running all these i would recommend you to go for manual method because above utilities share most of work.

hope this will help you.
0
 
LVL 46

Expert Comment

by:noxcho
ID: 33462382
Try to run Avira Antivirus on that machine. Norton often misses problems.
http://www.avira.com/en/pages/index.php
0
 
LVL 1

Expert Comment

by:kernalguru
ID: 33463798
I would DL the latest v:
Stinger http://vil.nai.com/vil/stinger/
Combofix  http://www.bleepingcomputer.com/combofix/how-to-use-combofix
MalwareBytes   http:www.malwarebytes.org
You can run another spyware after malwarebytes. Perhaps Superantispyware or the newer A2
http://www.emsisoft.com/en/software/antimalware/
After machine has been cleaned run Ccleaner  http://www.filehippo.com/download_ccleaner/
to clean up any left over reg entries. Also check the startup programs and delete anything in there that is not needed.

Before you do any of this TURN OFF System Restore! It will make a back up and possibly cause you more headaches.
0
 

Author Comment

by:jazzyarroyo
ID: 33471537
I am trying Vipre rescue scanner, but it scans all drives on computer and it was taking over 4 hrs, so I stopped it......will try malwarebyte next in safemode. I tried it in active regular mode and it did not find anything.
0
 

Author Closing Comment

by:jazzyarroyo
ID: 33481814
Thanks, I think malwarebyte in safe mode solved the problem, also I will try some of the other ideas.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Buffalo Terastation - Drive and Raid configuration 5 47
Is this virus ? 6 41
Rolling back external USB drive 3 73
USB 3.0 or iSCSI for Server backups? 4 37
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
When we purchase storage, we typically are advertised storage of 500GB, 1TB, 2TB and so on. However, when you actually install it into your computer, your 500GB HDD will actually show up as 465GB. Why? It has to do with the way people and computers…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question