TechSpot

How do I get rid of this threat: Backdoor.Tidserv!inf

Solved
By saintpeters
Feb 15, 2011
  1. saintpeters

    saintpeters TS Rookie Topic Starter Posts: 17

    Reply 13

    I hope this helps, sorry.



    Scan Statistics:
    Scan Time: 28 seconds
    Scan Targets: Commonly infected areas
    Counts:
    Total items scanned: 7,355
    - Files & Directories: 1,301
    - Registry Entries: 208
    - Processes & Start-up Items: 5,615
    - Network & Browser Items: 225
    - Other: 4
    - Trusted Files: 1,177
    - Skipped Files: 44

    Total security risks detected: 10
    Total items resolved: 9
    Total items that require attention: 1

    Resolved Threats:
    9 Tracking Cookies
    Type: Anomaly
    Risk: Low (Low Stealth, Low Removal, Low Performance, Low Privacy)
    Categories: Tracking Cookies
    Status: Fully Resolved
    -----------




    Unresolved Threats:
    Backdoor.Tidserv!inf
    Type: Anomaly
    Risk: High (High Stealth, High Removal, High Performance, High Privacy)
    Categories: Virus
    Status: Review
    -----------
    2 Files
    c:\windows\system32\drivers\iastor.sys - No action taken
    c:\windows\system32\drivers\iastor.sys - Failed
    1 Browser Cache
     
  2. Broni

    Broni Malware Annihilator Posts: 47,718   +268

    It may be false positive, but we better check...

    Download TDSSKiller and save it to your desktop.
    • Extract (unzip) its contents to your desktop.
    • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    • If an infected file is detected, the default action will be Cure, click on Continue.
    • If a suspicious file is detected, the default action will be Skip, click on Continue.
    • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
    • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
     
  3. saintpeters

    saintpeters TS Rookie Topic Starter Posts: 17

    Reply 14

    **********
     
  4. Broni

    Broni Malware Annihilator Posts: 47,718   +268

    Good we checked.
    Apparently a rootkit was present.

    Restart computer and see, if Norton stopped complaining.
     
  5. saintpeters

    saintpeters TS Rookie Topic Starter Posts: 17

    Reply 15

    Is there a reason a rootkit would have infected my computer? By the way, what is a rootkit? Norton quit complaining and Windows FINALLY updated. Awesome!!!
     
  6. Broni

    Broni Malware Annihilator Posts: 47,718   +268

    There is really no way to say how it happened.
    There are too many way a computer can get infected.

    Rootkit: http://en.wikipedia.org/wiki/Rootkit

    Make sure, you reset your restore points and you should be good to go.
    Turn system restore off.
    Restart computer.
    Turn system restore on.

    Good luck and stay safe :)
     
  7. saintpeters

    saintpeters TS Rookie Topic Starter Posts: 17

    Reply 16

    Thank you so much for ALL your help. I cannot believe that darn Backdoor.Tidserv!inf virus message is finally off of my computer. What a relief.

    This was very helpful and educational process; you were extremely knowledgeable and patient through the whole process. THANKS!!!
     
  8. Broni

    Broni Malware Annihilator Posts: 47,718   +268

    You're very welcome [​IMG]
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.