Solved

Boot.tidserv infection - Please Help!

Posted on 2011-03-17
5
910 Views
Last Modified: 2013-12-09
Two days ago I started getting a popup warning from Norton 360 warning about a threat labeled Boot.tidserv. When I asked Norton to fix the problem it came back and said that it could not remove it. I tried to do a restore yesterday going back to 3/10 which was before I started receiving the warning. However, the warning still existed and when I selected to undo the restore, Windows ran into a problem undoing the restore and now I get to the Windows login screen and then it goes to a blue screen or it freezes or in one case I got it to load up and after a couple minutes it froze again.
I use this computer for my livelihood and while I have the files backed up, I need this computer ASAP.  Please help I don't know where to start since I can't really login.
I am running Windows 7 Home Premium 64-bit on a Dell Studio 1555 laptop.  I purchased from Staples and I am absolutely shocked to learn that I did not get the OS disk with it.  You have to request a copy from Dell.  Anyway, any help would be much appreciated.
0
Comment
Question by:SDKCompany
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 11

Expert Comment

by:Pieter Jordaan
ID: 35163740
Hi

You can try to press F8 when the windows boot process starts, then select 'Safe mode'.
If you can get into windows using safe mode then we have some options.

If you can't, then you will have to reinstall, or run the repair from the CD.

Once in safe mode, run msconfig from your start menu search bar, or from command prompt.

Then untick everything except your anti-virus program under the 'Startup' tab.
also untick everything except Microsoft services that you do not know from the 'Services' tab
  You will see a check box at the bottom to 'Hide all Microsoft services' to help you filter them.

Then reboot, and try to login again.
Once in, run a full virus scan, and try to remove the virus.
0
 

Author Comment

by:SDKCompany
ID: 35166664
BitFreeze,

I can get into safe mode which is good and I will try what you suggest.  My only question would be that the reason I got where I am is because this is a master boot record virus (aka backdoor.tidserv) and Norton says that it can not remove it.  I have the latest Norton with up to date virus definitions and when I click on help, it takes me to their website to an article that states I should post a topic on a forum such as www.bleepingcomputer.com.  I have actually done this, but it has been 4 days without an answer and I need to get this thing back running as I am losing money each day it is down.

Thanks for you help.
0
 
LVL 11

Accepted Solution

by:
Pieter Jordaan earned 500 total points
ID: 35168206
Hi

Your anti-virus should be able to remove it.
If not, download and install AVG from avg.com.

Here is a guide to remove it manually. - http://www.precisesecurity.com/trojan/backdoortidserv/
0
 

Author Closing Comment

by:SDKCompany
ID: 35222669
Ultimately, TDSSKiller was what removed the virus and then some additional cleanup got me back in working condition.
0
 

Expert Comment

by:SergeKouper
ID: 35716605
This answer is wrong. Do I really have to pay 7 GB Pounds a month to be advised to download AVG? The level of the sa called experts is really going down. Please be a lil bit more selective in the accepted answer. thanks to answer me. thank you.
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Symantec EndPoint Protection 15 63
Linux / any OS that is much less prone to ransomware / malware than Windows 16 133
Zepto Virus Infection 3 99
ransomware virus 21 126
PREFACE The purpose of this guide is to provide information to successfully install the MS SQL client tools for the Symantec Endpoint Protection Manager (SEPM) to function properly when installed on Windows 2008. AUDIENCE Information Technology…
Have you ever tried to find someone you know on Facebook and searched to find more than one result with the same picture? Perhaps someone you know has told you that they have a 'facebook stalker' or someone who is 'posing as them' online and ta…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question