TechSpot

How do I get rid of this threat: Backdoor.Tidserv!inf

By saintpeters
Feb 15, 2011
  1. saintpeters

    saintpeters TS Rookie Topic Starter Posts: 17

    Reply 13

    I hope this helps, sorry.



    Scan Statistics:
    Scan Time: 28 seconds
    Scan Targets: Commonly infected areas
    Counts:
    Total items scanned: 7,355
    - Files & Directories: 1,301
    - Registry Entries: 208
    - Processes & Start-up Items: 5,615
    - Network & Browser Items: 225
    - Other: 4
    - Trusted Files: 1,177
    - Skipped Files: 44

    Total security risks detected: 10
    Total items resolved: 9
    Total items that require attention: 1

    Resolved Threats:
    9 Tracking Cookies
    Type: Anomaly
    Risk: Low (Low Stealth, Low Removal, Low Performance, Low Privacy)
    Categories: Tracking Cookies
    Status: Fully Resolved
    -----------




    Unresolved Threats:
    Backdoor.Tidserv!inf
    Type: Anomaly
    Risk: High (High Stealth, High Removal, High Performance, High Privacy)
    Categories: Virus
    Status: Review
    -----------
    2 Files
    c:\windows\system32\drivers\iastor.sys - No action taken
    c:\windows\system32\drivers\iastor.sys - Failed
    1 Browser Cache
     
  2. Broni

    Broni Malware Annihilator Posts: 52,747   +342

    It may be false positive, but we better check...

    Download TDSSKiller and save it to your desktop.
    • Extract (unzip) its contents to your desktop.
    • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    • If an infected file is detected, the default action will be Cure, click on Continue.
    • If a suspicious file is detected, the default action will be Skip, click on Continue.
    • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
    • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
     
  3. saintpeters

    saintpeters TS Rookie Topic Starter Posts: 17

    Reply 14

    **********
     
  4. Broni

    Broni Malware Annihilator Posts: 52,747   +342

    Good we checked.
    Apparently a rootkit was present.

    Restart computer and see, if Norton stopped complaining.
     
  5. saintpeters

    saintpeters TS Rookie Topic Starter Posts: 17

    Reply 15

    Is there a reason a rootkit would have infected my computer? By the way, what is a rootkit? Norton quit complaining and Windows FINALLY updated. Awesome!!!
     
  6. Broni

    Broni Malware Annihilator Posts: 52,747   +342

    There is really no way to say how it happened.
    There are too many way a computer can get infected.

    Rootkit: http://en.wikipedia.org/wiki/Rootkit

    Make sure, you reset your restore points and you should be good to go.
    Turn system restore off.
    Restart computer.
    Turn system restore on.

    Good luck and stay safe :)
     
  7. saintpeters

    saintpeters TS Rookie Topic Starter Posts: 17

    Reply 16

    Thank you so much for ALL your help. I cannot believe that darn Backdoor.Tidserv!inf virus message is finally off of my computer. What a relief.

    This was very helpful and educational process; you were extremely knowledgeable and patient through the whole process. THANKS!!!
     
  8. Broni

    Broni Malware Annihilator Posts: 52,747   +342

    You're very welcome [​IMG]
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...