Recently my computer became infected with the Boot.Tidserv rootkit(or bootkit, whatever you want to call it). It caused no real issues on loading my windows vista OS(64-bit SP2). However, the known issues it DID cause were a redirection of Google links and a more and more frequent BSoD while my computer was idle(Note: this is not my current issue.)
As the BSoD became more and more frequent(began happening maybe once every few days, to once a day, to multiple times in a day randomly), it became more of a bother and definitely needed to be fixed soon. This morning, I did more research on how I could actually fix it and came upon multiple solutions, of which I used FixTDSS.exe as was recommended not only by the Norton site, but also multiple other replies on threads related to the Boot.Tidserv infection.
After running the FixTDSS.exe, it showed that the infection laid within my MBR, and I proceeded to cure the issue(I cannot remember the exact wording of the program, but I basically just continued through the prompts). I was asked to fix my MBR, which I did. Upon restarting my computer, I now cannot load Normal Mode in Windows Vista as it will BSoD directly before the Windows Login screen comes up. It shows the GUI boot screen, my screen goes black for a moment(it always did this), then you can see the mouse load for just a moment. This is where the BSoD occurs.
I get the error code 0x1000007E.
I can boot into safe mode(with networking/cmd) and it loads perfectly fine, however, normal mode does not. I've since made multiple attempts to rewrite my MBR. I used MBRChecker.exe that was recommended from other sites and "successfully" rewrote my MBR. But, I'm currently at a standstill as it still goes straight into the BSoD as it did before.
What else can I attempt to do? Simple Google searches have stopped providing me with possible solutions. I can get any information off my system if needed with whatever programs. And, as far as I can tell, through scanning countless times with FixTDSS.exe again, NBRT, along with TDSSKiller.exe(which never showed any infections to begin with - but that may have been due to still having protected system files hidden, but they are being shown now and it picks up nothing), the infection has been disposed of. So, that shouldn't be the issue. I cannot think of any more solutions myself and, as I said, I cannot find anymore information on what may be causing this to begin with.
I do have this computer dual-booted with Ubuntu, however that has never caused any problems so far, and I can still load into it perfectly fine.
I'm mainly trying to fix this problem without having to reinstall my entire Vista OS. The "repair" disk I have has no cmd option with the DOS commands and ONLY has options to completely reinstall the OS. Through past experience, this also rewrites my ubuntu partition without any real warning - it completely wipes the disk.
So, with all that said... What now?
(I posted this to Symantec forums and was redirected to post it here)
Edited by Caru93, 02 November 2011 - 08:25 PM.