Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


System Infectected: Tidserv Activity 2

  • Please log in to reply
1 reply to this topic

#1 kiwifrost4


  • Members
  • 1 posts
  • Local time:06:25 AM

Posted 23 September 2011 - 08:58 PM

Since 17 September I have been getting bombarded with pop-ups saying "Threat requiring manual removal detected: System Infected: Tidserv Activity 2". On my history I am seeing an intrusion attempt approx. every 20 minutes. At the same time I have started seeing "80000032.@ (Trojan.Gen.2) detected by Auto-Protect,Blocked,Resolved - No Action Required" every 20 minutes or so as well.

I have attempted various "fixes" etc but all to no avail:

1) used Norton's recommended fix (per the security pop-up) Backdoor Tidserv Removal Tool FixTDSS.exe - ran scan, no infected files found, no action taken

2) browsed various forums for ideas - ran full system scan in both "regular" and "safe" modes with Norton and Malwarebytes - once again, no infected files found, no action taken. One thing to note here - various forums have said to unhide non-plug and play drivers and delete ones labelled TDSS - I never found any labelled as such.

3) Posted issue on Norton forums - was recommended to run TDSSKiller from kaspersky.com. Did so, and once again no infected files found.

4) upon completion of TDSSKiller, with no results was referred to this forum for further assistance. Apparently you use "more advanced tools".

This has been going on since 17 September and is driving me crazy - I don't know if I should even be using this computer. I do not know if it is infected, if it is not and just reading a "false positive", if someone is trying to hack it, if there is someting in that is allowing people to hack, or what. I'm at my wit's end right now and need help.

BC AdBot (Login to Remove)


#2 boopme


    To Insanity and Beyond

  • Global Moderator
  • 73,537 posts
  • Gender:Male
  • Location:NJ USA
  • Local time:07:25 AM

Posted 23 September 2011 - 09:15 PM

Hello kiwifrost4, we need a deeper look. Please go here....
Preparation Guide ,do steps 6 - 9.

Create a DDS log and post it in the new topic explained in step 9,which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If Gmer won't run,skip it and move on.
Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users