Solved

Boot.tidserv infection - Please Help!

Posted on 2011-03-17
5
883 Views
Last Modified: 2013-12-09
Two days ago I started getting a popup warning from Norton 360 warning about a threat labeled Boot.tidserv. When I asked Norton to fix the problem it came back and said that it could not remove it. I tried to do a restore yesterday going back to 3/10 which was before I started receiving the warning. However, the warning still existed and when I selected to undo the restore, Windows ran into a problem undoing the restore and now I get to the Windows login screen and then it goes to a blue screen or it freezes or in one case I got it to load up and after a couple minutes it froze again.
I use this computer for my livelihood and while I have the files backed up, I need this computer ASAP.  Please help I don't know where to start since I can't really login.
I am running Windows 7 Home Premium 64-bit on a Dell Studio 1555 laptop.  I purchased from Staples and I am absolutely shocked to learn that I did not get the OS disk with it.  You have to request a copy from Dell.  Anyway, any help would be much appreciated.
0
Comment
Question by:SDKCompany
  • 2
  • 2
5 Comments
 
LVL 11

Expert Comment

by:Pieter Jordaan
ID: 35163740
Hi

You can try to press F8 when the windows boot process starts, then select 'Safe mode'.
If you can get into windows using safe mode then we have some options.

If you can't, then you will have to reinstall, or run the repair from the CD.

Once in safe mode, run msconfig from your start menu search bar, or from command prompt.

Then untick everything except your anti-virus program under the 'Startup' tab.
also untick everything except Microsoft services that you do not know from the 'Services' tab
  You will see a check box at the bottom to 'Hide all Microsoft services' to help you filter them.

Then reboot, and try to login again.
Once in, run a full virus scan, and try to remove the virus.
0
 

Author Comment

by:SDKCompany
ID: 35166664
BitFreeze,

I can get into safe mode which is good and I will try what you suggest.  My only question would be that the reason I got where I am is because this is a master boot record virus (aka backdoor.tidserv) and Norton says that it can not remove it.  I have the latest Norton with up to date virus definitions and when I click on help, it takes me to their website to an article that states I should post a topic on a forum such as www.bleepingcomputer.com.  I have actually done this, but it has been 4 days without an answer and I need to get this thing back running as I am losing money each day it is down.

Thanks for you help.
0
 
LVL 11

Accepted Solution

by:
Pieter Jordaan earned 500 total points
ID: 35168206
Hi

Your anti-virus should be able to remove it.
If not, download and install AVG from avg.com.

Here is a guide to remove it manually. - http://www.precisesecurity.com/trojan/backdoortidserv/
0
 

Author Closing Comment

by:SDKCompany
ID: 35222669
Ultimately, TDSSKiller was what removed the virus and then some additional cleanup got me back in working condition.
0
 

Expert Comment

by:SergeKouper
ID: 35716605
This answer is wrong. Do I really have to pay 7 GB Pounds a month to be advised to download AVG? The level of the sa called experts is really going down. Please be a lil bit more selective in the accepted answer. thanks to answer me. thank you.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Some site administrators might be considering how to filter incoming traffic to a site by identifying the domains or networks of the traffic source, in the same way that a spam filter does on an email server, such as blocking all emails sent from th…
By the time you finish reading this article, you may have already lost all your money because you don't know the simple steps to securing your BitCoin wallet. BitCoin is an incredible invention. It is a decentralized currency system, which is the…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Many functions in Excel can make decisions. The most simple of these is the IF function: it returns a value depending on whether a condition you describe is true or false. Once you get the hang of using the IF function, you will find it easier to us…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

27 Experts available now in Live!

Get 1:1 Help Now