Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Boot.tidserv virus - computer won't boot


  • This topic is locked This topic is locked

#1
hlgreens

hlgreens

    New Member

  • Member
  • Pip
  • 2 posts
Hi

Yesterday my PC shut down. Since then I've been unable to boot it. I've used a Norton's Rescue CD that informed me that I had "boot.tidserv" with the symbol of dangerous. It was unable to fix the problem.

Since then I tried to restore my C partition from a Norton's Ghost rescue CD. The virus still remained. I've hit every option on the "Microsoft Windows unexpectedly closed page with no luck.

Currently I'm running Avira AntiVir Rescue CD with no luck. It has found 6 phishing (?) e-mails that I didn't have a chance to delete and has indicated "master boot record drive 128 error (25) cannot read"
"master boot record drive 129 error (2) cannot read"
"master boot record drive 130 error (2) cannot read"
"auto excluding/ sys/ from scans (is a special fs)"
"auto excluding/proc from scans (is a special fs)"

I've also read more about the virus, and solutions on several forums until my eyes are bleary.

What I propose is to replace my "C" hard drive with a new clean hard drive and reinstall Windows and then download my recent "C" drive backup. Will that work??
Can I safely transfer whatever files (photos etc.) I have on my old "C" hard drive without corrupting my system?

Thanks for whatever help you are able to give me.

herb greenslade

Edited by SweetTech, 24 July 2011 - 06:18 PM.
removed e-mail address.--ST

  • 0

Advertisements


#2
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hello hlgreens and welcome to G2G! :)

My nick is maliprog and I'll will be your technical support on this issue. Before we start please read my notes carefully:

NOTE:
  • Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
  • Absence of symptoms does not always mean the computer is clean
  • Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
  • Please DO NOT run any scans or fix on your own without my direction.
  • Please read all of my response through at least once before attempting to follow the procedures described.
  • If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply.
  • You must reply within 3 days or your topic will be closed

If you still need help with your PC then we can try to save your system and data.

Please print these instruction out so that you know what you are doing

  • Download OTLPEStd.exe to your desktop
  • Ensure that you have a blank CD in the drive
  • Double click OTLPENet.exe and this will then open imgburn to burn the file to CD
  • Reboot your system using the boot CD you just created.
    Note : If you do not know how to set your computer to boot from CD follow the steps here
  • As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads :unsure:
  • Your system should now display a Reatogo desktop.
    Note : as you are running from CD it is not exactly speedy
  • Double-click on the OTLPE icon.
  • Select the Windows folder of the infected drive if it asks for a location
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start.
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\\OTL.txt
  • Copy this file to your USB drive if you do not have internet connection on this system.
  • Right click the file and select send to : select the USB drive.
  • Confirm that it has copied to the USB drive by selecting it
  • You can backup any files that you wish from this OS
  • Please post the contents of the C:\\OTL.txt file in your reply.

  • 0

#3
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP