also @ TechSpot: Google, Samsung unveil Chromebook, Chromebox with Chrome OS 19

TechSpot
Collaborate in the cloud with Office, Exchange, SharePoint, and Lync.
Microsoft Office 365. Pay-as-you-go starting at $8/user/month. Begin your free trial now.

[Solved] How do I get rid of this threat: Backdoor.Tidserv!inf

Discussion in 'Virus and Malware Removal' started by saintpeters, Feb 15, 2011.

Thread Status:
Not open for further replies.
Page 2 of 2

  1. Broni Malware Annihilator

    Whenever ready....
    Broni, Feb 18, 2011
    #21

  2. saintpeters Newcomer, in training

    Reply 11

    Broni,

    I went ahead and attempted to update Windows; however, it said 2 critical updates failed to install properly. Also, the Backdoor.Tidserv!inf virus that originally required manual removal is still showing up. Were the clean up steps I completed in the previous replies suppose to remove this?

    Thanks!
    saintpeters, Feb 18, 2011
    #22

  3. Broni Malware Annihilator

    Where exactly?
    Broni, Feb 18, 2011
    #23

  4. saintpeters Newcomer, in training

    Reply 12

    The Norton Internet Security scan is running behind the scenes and mentioned that there I was 1 virus that could not be removed, Backdoor.Tidserv!inf. Norton said this virus has to be manually removed.
    saintpeters, Feb 18, 2011
    #24

  5. Broni Malware Annihilator

    I need to know exact info.
    What file, location and whatever details is given by Norton.
    Broni, Feb 18, 2011
    #25

  6. saintpeters Newcomer, in training

    Reply 13

    I hope this helps, sorry.



    Scan Statistics:
    Scan Time: 28 seconds
    Scan Targets: Commonly infected areas
    Counts:
    Total items scanned: 7,355
    - Files & Directories: 1,301
    - Registry Entries: 208
    - Processes & Start-up Items: 5,615
    - Network & Browser Items: 225
    - Other: 4
    - Trusted Files: 1,177
    - Skipped Files: 44

    Total security risks detected: 10
    Total items resolved: 9
    Total items that require attention: 1

    Resolved Threats:
    9 Tracking Cookies
    Type: Anomaly
    Risk: Low (Low Stealth, Low Removal, Low Performance, Low Privacy)
    Categories: Tracking Cookies
    Status: Fully Resolved
    -----------




    Unresolved Threats:
    Backdoor.Tidserv!inf
    Type: Anomaly
    Risk: High (High Stealth, High Removal, High Performance, High Privacy)
    Categories: Virus
    Status: Review
    -----------
    2 Files
    c:\windows\system32\drivers\iastor.sys - No action taken
    c:\windows\system32\drivers\iastor.sys - Failed
    1 Browser Cache
    saintpeters, Feb 18, 2011
    #26

  7. Broni Malware Annihilator

    It may be false positive, but we better check...

    Download TDSSKiller and save it to your desktop.
    • Extract (unzip) its contents to your desktop.
    • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    • If an infected file is detected, the default action will be Cure, click on Continue.
    • If a suspicious file is detected, the default action will be Skip, click on Continue.
    • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
    • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
    Broni, Feb 18, 2011
    #27

  8. saintpeters Newcomer, in training

    Reply 14

    **********
    saintpeters, Feb 18, 2011
    #28

  9. Broni Malware Annihilator

    Good we checked.
    Apparently a rootkit was present.

    Restart computer and see, if Norton stopped complaining.
    Broni, Feb 18, 2011
    #29

  10. saintpeters Newcomer, in training

    Reply 15

    Is there a reason a rootkit would have infected my computer? By the way, what is a rootkit? Norton quit complaining and Windows FINALLY updated. Awesome!!!
    saintpeters, Feb 18, 2011
    #30

  11. Broni Malware Annihilator

    There is really no way to say how it happened.
    There are too many way a computer can get infected.

    Rootkit: http://en.wikipedia.org/wiki/Rootkit

    Make sure, you reset your restore points and you should be good to go.
    Turn system restore off.
    Restart computer.
    Turn system restore on.

    Good luck and stay safe :)
    Broni, Feb 18, 2011
    #31

  12. saintpeters Newcomer, in training

    Reply 16

    Thank you so much for ALL your help. I cannot believe that darn Backdoor.Tidserv!inf virus message is finally off of my computer. What a relief.

    This was very helpful and educational process; you were extremely knowledgeable and patient through the whole process. THANKS!!!
    saintpeters, Feb 18, 2011
    #32

  13. Broni Malware Annihilator

    You're very welcome [IMG]
    Broni, Feb 18, 2011
    #33
Page 2 of 2
Thread Status:
Not open for further replies.