Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

BOOT.TIDSERV


  • Please log in to reply
14 replies to this topic

#1 Greg2004

Greg2004

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:12:02 AM

Posted 03 April 2012 - 12:42 AM

TDSSkiller Did this and del it

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

If TDSSkiller scan comes out clean ,try this

Download

FIXTDSS Did this said all is fine

Launch it ,It may ask for restart,reboot the PC

On reboot let me know what it finds


Press Windows+R key and type

diskmgmt.msc and click ok

Can you post a screenshot of your disk management?

Also norton should have specified a location of boot.tidserv,can you check its details





I had norton remove it but it keeps popping up. I lost all my pics and games cause of this.Can i get them back or no? Plus my comp wont let me have a wallpaper it keeps saying access denied

Edited by Greg2004, 03 April 2012 - 01:09 AM.


BC AdBot (Login to Remove)

 


#2 Greg2004

Greg2004
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:12:02 AM

Posted 03 April 2012 - 12:51 AM

01:05:51.0193 0544 ============================================================
01:05:51.0193 0544 Scan finished
01:05:51.0193 0544 ============================================================
01:05:51.0209 5076 Detected object count: 1
01:05:51.0209 5076 Actual detected object count: 1
01:06:02.0285 5076 c:\program files (x86)\common files\akamai/netsession_win_6c825ce.dll - copied to quarantine
01:06:02.0300 5076 HKLM\SYSTEM\ControlSet001\services\Akamai - will be deleted on reboot
01:06:02.0316 5076 HKLM\SYSTEM\ControlSet002\services\Akamai - will be deleted on reboot
01:06:02.0347 5076 HKLM\SYSTEM\ControlSet003\services\Akamai - will be deleted on reboot
01:06:02.0550 5076 c:\program files (x86)\common files\akamai/netsession_win_6c825ce.dll - will be deleted on reboot
01:06:02.0550 5076 Akamai ( HiddenFile.Multi.Generic ) - User select action: Delete
01:06:13.0985 1300 Deinitialize success

Edited by Orange Blossom, 03 April 2012 - 01:15 AM.
Moved to AII from Windows 7. ~ OB


#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:02 AM

Posted 03 April 2012 - 10:27 AM

Can you post a screenshot of your disk management?

Also norton should have specified a location of boot.tidserv,can you check its details


Did you do this?

Go to C drive,if you have a folder called TDSSkiller quarantine ,delete it,now click on FIX option in norton when you get the boot.tidserv pop up.

If that doesnt work,download

http://download.bleepingcomputer.com/farbar/ListParts.exe

Click on scan and post the logs

good luck

#4 Greg2004

Greg2004
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:12:02 AM

Posted 03 April 2012 - 12:26 PM

Can you post a screenshot of your disk management?

Also norton should have specified a location of boot.tidserv,can you check its details


Did you do this?

Go to C drive,if you have a folder called TDSSkiller quarantine ,delete it,now click on FIX option in norton when you get the boot.tidserv pop up.

If that doesnt work,download

http://download.bleepingcomputer.com/farbar/ListParts.exe

Click on scan and post the logs

good luck





ListParts by Farbar Version: 12-03-2012 03
Ran by hayden2004 (administrator) on 03-04-2012 at 13:25:51
Windows 7 (X64)
Running From: C:\Users\hayden2004\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UXHUHK6N
Language: 0409
************************************************************

========================= Memory info ======================

Percentage of memory in use: 69%
Total physical RAM: 5879.89 MB
Available physical RAM: 1796.88 MB
Total Pagefile: 11757.98 MB
Available Pagefile: 7502.41 MB
Total Virtual: 4095.88 MB
Available Virtual: 3988.72 MB

======================= Partitions =========================

1 Drive c: (OS) (Fixed) (Total:919.75 GB) (Free:648.71 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:11.48 GB) (Free:1.4 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 931 GB 0 B
Disk 1 No Media 0 B 0 B
Disk 2 No Media 0 B 0 B
Disk 3 No Media 0 B 0 B
Disk 4 No Media 0 B 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 919 GB 101 MB
Partition 3 Primary 11 GB 919 GB
Partition 4 Primary 10 MB 931 GB

======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 SYSTEM NTFS Partition 100 MB Healthy System (partition with boot components)

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C OS NTFS Partition 919 GB Healthy Boot

======================================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 D HP_RECOVERY NTFS Partition 11 GB Healthy

======================================================================================================

Disk: 0
Partition 4
Type : 17 (Suspicious Type)
Hidden: Yes
Active: No

There is no volume associated with this partition.

======================================================================================================

****** End Of Log ******

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:02 AM

Posted 03 April 2012 - 12:43 PM

Click on startmenu and type

cmd

right click on it and select run as administrator,now run these commands one by one and press ENTER after each command

diskpart

select disk=0 

select partition=4

delete partition override


Now restart the PC ,if norton shows boot.tidserv,allow it to fix it,you should get a successful message

good luck

Edited by narenxp, 03 April 2012 - 12:44 PM.


#6 Greg2004

Greg2004
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:12:02 AM

Posted 03 April 2012 - 01:44 PM

Click on startmenu and type

cmd

right click on it and select run as administrator,now run these commands one by one and press ENTER after each command

diskpart

select disk=0 

select partition=4

delete partition override


Now restart the PC ,if norton shows boot.tidserv,allow it to fix it,you should get a successful message

good luck



Is all my picture's and games lost? Or can i get them back

Edited by Greg2004, 03 April 2012 - 01:48 PM.


#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:02 AM

Posted 03 April 2012 - 01:47 PM

Is all my picture and games lost? Or can i get them back

You didnot give us any details on how you lost them?

Let me guess that you were infected by SMARTHDD or SYSTEM CHECK rogue

Download

http://download.bleepingcomputer.com/grinler/unhide.exe

Run the UNHIDE tool,it should restore your hidden files

Do you still have boot.tidserv pop up?

Edited by narenxp, 03 April 2012 - 01:48 PM.


#8 Greg2004

Greg2004
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:12:02 AM

Posted 03 April 2012 - 01:49 PM

Is all my picture and games lost? Or can i get them back

You didnot give us any details on how you lost them?

Let me guess that you were infected by SMARTHDD or SYSTEM CHECK rogue

Download

http://download.bleepingcomputer.com/grinler/unhide.exe

Run the UNHIDE tool,it should restore your hidden files

Do you still have boot.tidserv pop up?



Did everything you said to do running norton now.

#9 Greg2004

Greg2004
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:12:02 AM

Posted 03 April 2012 - 02:01 PM

Is all my picture and games lost? Or can i get them back

You didnot give us any details on how you lost them?

Let me guess that you were infected by SMARTHDD or SYSTEM CHECK rogue

Download

http://download.bleepingcomputer.com/grinler/unhide.exe

Run the UNHIDE tool,it should restore your hidden files

Do you still have boot.tidserv pop up?




Looks like i got most of it back start menu is sill messed up. Man thank you so much love the help.

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:02 AM

Posted 03 April 2012 - 02:11 PM

Lets fix the startmenu

Right click on your startmenu-properties

Check mark

store and display recently opened programs
store and display recently items

Click on customize

Click on Use default settings at the bottom

Now go to C:\ProgramData\Microsoft\Windows

Right click on startmenu folder

Click on restore previous versions.If you have previous snap shot of startmenu ,restore it to a previous date(probably before 2-3 weeks)

That should restore icons in your startmenu programs folder which now looks empty.

Make sure to delete SMART HDD or SYSTEM CHECK folder from your startmenu

good luck

Edited by narenxp, 03 April 2012 - 02:11 PM.


#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:02 AM

Posted 03 April 2012 - 02:13 PM

Its time for bed,i would check your reply tomorrow

good luck

#12 Greg2004

Greg2004
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:12:02 AM

Posted 03 April 2012 - 02:19 PM

Right click on startmenu folder


I cant find this folder

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:02 AM

Posted 05 April 2012 - 04:45 AM

Click on startmenu and type

cmd

Right click-Select-Run as administrator and run this command


attrib -h c:\*.* /s /d

After the command gets completed let me know if you can see the startmenu folder

good luck

#14 Greg2004

Greg2004
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:12:02 AM

Posted 05 April 2012 - 11:10 AM

Click on startmenu and type

cmd

Right click-Select-Run as administrator and run this command


attrib -h c:\*.* /s /d

After the command gets completed let me know if you can see the startmenu folder

good luck



It's back but things like calculator are all gone can i get those back?

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:02 AM

Posted 05 April 2012 - 11:30 PM

It's back but things like calculator are all gone can i get those back?

Now try the previous instructions i gave

Go to C:\ProgramData\Microsoft\Windows

Right click on startmenu folder

Click on restore previous versions.If you have previous snap shot of startmenu ,restore it to a previous date(probably before 2-3 weeks)

That should restore icons in your startmenu programs folder which now looks empty.


Let me know if you dont have any previous versions

good luck

Edited by narenxp, 05 April 2012 - 11:31 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users