Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Backdoor.Tidserv!inf HELP


  • Please log in to reply
8 replies to this topic

#1 theblueghost

theblueghost

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 10 December 2008 - 08:57 AM

NORTON POPED UP WITH THIS AND SAID IT COULD REMOVE IT, BUT MY COMPUTER JUST KEEPS REBOOTING, PER A COMBINATION OF FORMS I READ I stopped system restore, RAN ccleaner, AND A squared anti malware, I HAVE DOWNLOADED MBAM Malware removal TOOL BUT IT WILL NOT LOAD IN REG MODE(BEFORE IT STARTED REBOOTING) OR IN SAFE MODE, I CAN NOT GET TO WINDOWS UPDATE SITE, SO RIGHT NOW I AM IN SAFE MODE WITH NETWORKING ON SO I CAN GET ONLINE AND TYPE THIS,ALSO MY SPYBOT WONT RUN BUT MY AD AWARE 6 DOES, ANY IDEAS?

SORRY FORGOT TO SAY

RUNNING WINDOWS XPSP3

THIS TIME WHEN I REBOOT REG JUST GOT A BLACK SCREEN WITH THE MOUSE AND NOTHING ELSE SO I AM BACK IN SAFE MODE NOW

Edited by theblueghost, 10 December 2008 - 10:47 AM.


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,399 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:35 PM

Posted 10 December 2008 - 10:53 AM

Have you tried using Last Known Good Configuration or System Restore from a command prompt in Safe Mode to return to a previous state before your problems began?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 theblueghost

theblueghost
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 10 December 2008 - 11:53 AM

YES /Last Known Good Configuration DIDNT WORK STILL BLACKSCREEN WITH POINTER ONLY, NO /System Restore from a command prompt in Safe Mode WONT WORK SINCE I TURNED OFF SYSTEM RESTORE LIKE ONE OF THE OTHER POSTS SAID

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,399 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:35 PM

Posted 10 December 2008 - 12:22 PM

Disabling System Restore as one of the first steps when attempting to clean a system or when scanning for malware is not advisable. Unfortunately, some still recommend doing this before attempting malware removal and many folks follow that advice. This is really not a good practice when dealing with infected computer systems. There is always a possibility of something going wrong during the malware removal process and you end up with more problems. If an incident renders your system problematic or unbootable, you can use System Restore to return it to a previous working state. Without a restore point to fall back on, you are left with a limited means of restoring your system to a usable condition as you are dealing with now.

Since you have safe mode with networking capability, have you tried doing any Online Virus Scan like BitDefender?
(These require Internet Explorer to work. Watch the Address bar in IE. You may receive alerts that "This site might require the following ActiveX control...Click here to install...". Click on that alert and then Click Install ActiveX component. If given the option, choose "Quarantine" instead of delete.)

You can also download and scan with Dr.Web CureIt which works in safe mode. Follow the instructions here.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 theblueghost

theblueghost
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 10 December 2008 - 12:48 PM

i WAS GOING TO TRY ONE OF THE ONLINE ONES BUT WHEN I TY TO GO TO ONE OF THOSE SITES IT SEAM I AM HYJACKED(BUT ONLY WHEN I GO TO SPYWARE OR ANTI VIRUS SITES) OTHER SITES WORK NORMALLY, I WAS ABLE TO BOOT INTO WINDOWS NARMALLY THIS TIME AGAIN BUT IT STILL JUST REBOOTS ITSELF,I GOT Spyware Cease AND IT LOADED BUT THEY WANT 40 BUCKS TO REMOVE THE PROBLEM JUST THE SCANNER IS FREE, I FOUND IT WHILE TRYING TO GET SDFIX, I DID GET SDFIX BUT IT WILL NOT INSTALL, NO WILL Malwarebytes Antimalware AND A FEW OTHERS, IT SEAMS SOME WILL LOAD BUT MOST WONT,I GET A MESSAGE THIS SERVICE CAN NOT BE STARTED IN SAFEMODE, I EVEN DID THIS

"1. You have to disable the drivers, Reboot, then Remove. By doing this,



Go to the "Control Panel" click on "System

Click on the "Hardware" tab.

Click on "Device Manager" to open it
Click 'View' in the menu and select 'Show Hidden Devices'
Expand the 'Non-Plug and Play' Drivers category
(If you find them, You can tell me), Right-click and 'Disable' "clbdriver.sys", "tdsserv.sys" (or tdssxyz.sys where xyz.sys are random characters), and/or "seneka.sys"

Restart computer to Safe Mode
After restart, go back to Device Manager and right-click 'Uninstall' for the above drivers"

BASED ON INFO FROM THE NORTON SITE, ALMOST TEMPTED TO SPEND THE 40 BUCKS ON THE ONE THATS WORKING BUT I HAVE NEVER HEARD OF THAT CO AND AFRAID I WAS SENT THERE BY THE VIRUS

#6 theblueghost

theblueghost
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 10 December 2008 - 12:51 PM

TRYING Dr.Web CureIt NOW IT IS RUNNING *CROSSES FINGERS*

#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,399 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:35 PM

Posted 10 December 2008 - 01:39 PM

I don't know how effective Spyware Cease will be. Its not one of the tools we recommend. If you can into Windows normally, there are other tools that can be used in the HJT forum and I will direct you there.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 theblueghost

theblueghost
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 10 December 2008 - 07:33 PM

thanks between that program and what i found here

http://community.norton.com/norton/board/m...thread.id=23740

i was able to get it fixed, thanks alot

#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,399 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:35 PM

Posted 11 December 2008 - 08:14 AM

Can you run a scan with MBAM now? If so, please do and post the log results for review.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users