Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Problem removing Tidserv.Activity.2


  • Please log in to reply

#31
tedins

tedins

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts
The Command Prompt Scan yielded some problem areas. Tried to post results but they were too long for the forum. Safe mode didnt work. Have not tried Opera yet.
  • 0

Advertisements


#32
tedins

tedins

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts
Opera is a no go. I have no idea where it went. When I do a search for Opera, for Opera_1151_int_Setup.exe, nothing is returned. When I do a search for all files downloaded today greater than 10 megs, only the different malware programs that I downloaded today show up.
  • 0

#33
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP
To read the log:

Copy the next line:

findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >%userprofile%\Desktop\sfcdetails.txt

Start, Programs, Accessories, right click on Command Prompt and select Run As Administrator
right click and Paste or Edit then Paste then hit Enter.



exit

You should find the sfcdetails.txt file on your desktop. Open it and see if it is complaining about anything other than .ini files. If so tell me what file it doesn't like.


I'm beginning to wonder if maybe removing Symantic left us in a strange state. Symantec is known for its poor uninstall.

Download and save the norton removal tool
ftp://ftp.symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exe
Uninstall Symantec (save the product license key in case you decide to reinstall it:http://us.norton.com/support/kb/web_view.jsp?wv_type=public_web&docurl=20080710133834EN&ln=en_US)

Run the Norton Removal tool. Reboot.
  • 0

#34
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP
On mine it went to C:\Users\Ron\ so perhaps C:\Users\Tim\

You could open up a command pro9mpt and type:

\Users\Tim\Opera_1151_int_Setup.exe

and see if it finds it.

Make sure you are searching for all files including hidden and system files. It might help to make them visible:

Open the Control Panel menu and click Folder Options.
After the new window appears select the View tab.
Put a checkmark in the checkbox labeled Display the contents of system folders.
Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.
Remove the checkmark from the checkbox labeled Hide file extensions for known file types.
Remove the checkmark from the checkbox labeled Hide protected operating system files.
Press the Apply button and then the OK button and exit My Computer.
Now your computer is configured to show all hidden files.

I think there is a command in ftp:

lcd {path}

which tells it where to store it. You might try:

lcd \TEMP

Come to think of it if you just log in and type
lcd
it will probably tell you where you are going to be saving files. (Just tried it and it tells me C:\Users\Ron\

That makes sense since in Unix this would be your home directory.)
  • 0

#35
tedins

tedins

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts
Here is the 10% that was not "normal", although most of it does seem to deal with system.ini

2011-10-10 19:31:02, Info CSI 000001a9 [SR] Verifying 100 (0x0000000000000064) components
2011-10-10 19:31:02, Info CSI 000001aa [SR] Beginning Verify and Repair transaction
2011-10-10 19:31:16, Info CSI 000001ac [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2011-10-10 19:31:18, Info CSI 000001ae [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2011-10-10 19:31:18, Info CSI 000001af [SR] This component was referenced by [l:162{81}]"Package_17_for_KB948465~31bf3856ad364e35~amd64~~6.0.1.18005.948465-60_neutral_GDR"


2011-10-10 19:34:40, Info CSI 000002c0 [SR] Beginning Verify and Repair transaction
2011-10-10 19:34:43, Info CSI 000002c2 [SR] Repairing corrupted file [ml:520{260},l:64{32}]"\??\C:\Windows\PolicyDefinitions"\[l:24{12}]"inetres.admx" from store
2011-10-10 19:34:43, Info CSI 000002c5 [SR] Repairing corrupted file [ml:520{260},l:76{38}]"\??\C:\Windows\PolicyDefinitions\en-US"\[l:24{12}]"InetRes.adml" from store
2011-10-10 19:34:44, Info CSI 000002c8 [SR] Verify complete


2011-10-10 19:36:58, Info CSI 0000033c [SR] Repairing 3 components
2011-10-10 19:36:58, Info CSI 0000033d [SR] Beginning Verify and Repair transaction
2011-10-10 19:36:58, Info CSI 0000033f [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2011-10-10 19:36:58, Info CSI 00000341 [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2011-10-10 19:36:58, Info CSI 00000342 [SR] This component was referenced by [l:162{81}]"Package_17_for_KB948465~31bf3856ad364e35~amd64~~6.0.1.18005.948465-60_neutral_GDR"
2011-10-10 19:36:58, Info CSI 00000344 [SR] Repairing corrupted file [ml:520{260},l:64{32}]"\??\C:\Windows\PolicyDefinitions"\[l:24{12}]"inetres.admx" from store
2011-10-10 19:36:58, Info CSI 00000347 [SR] Repairing corrupted file [ml:520{260},l:76{38}]"\??\C:\Windows\PolicyDefinitions\en-US"\[l:24{12}]"InetRes.adml" from store
2011-10-10 19:36:58, Info CSI 0000034a [SR] Repair complete
2011-10-10 19:36:58, Info CSI 0000034b [SR] Committing transaction
2011-10-10 19:36:58, Info CSI 0000034f [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction have been successfully repaired
  • 0

#36
tedins

tedins

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts
Found Opera.... can't believe I missed it. No go though. It says Internal Communications Error

Will try the Symantec Removal Tool next.
  • 0

#37
tedins

tedins

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts
No help on the cleanup of the Symantec removal.
  • 0

#38
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP
I'm hoping that is the problem. Do you remember if you rebooted after uninstalling Symantec?

Ron
  • 0

#39
tedins

tedins

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts
I did reboot, then I uninstalled Lavasoft and rebooted.
  • 0

#40
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP
Start, Settings, Control Panel, Network and Sharing Center.

Does it say (Private Network) on the left about half way down?

Is there any chance of connecting with a cable instead of wireless?

Ron
  • 0

Advertisements


#41
tedins

tedins

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts
It does say private network. Connected to my fastest connection. I tried connecting with a network cable straight to router and had the same problem. I checked LAN settings and they were correct.
  • 0

#42
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP
We are sure the router is working since you are talking to me on another computer connected to the same router. Correct?

Open a command prompt.

ping localhost

(Does that work?)

ipconfig /flushdns

(Does that work)

nslookup att.com

(Does that work?)



notepad \windows\system32\drivers\etc\hosts

It should say:

# Copyright © 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a "#" symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
#
127.0.0.1 localhost


(the only important part is the last line. The rest are comments.)
  • 0

#43
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP
You did reset IE didn't you? Does it still refuse to run?

Ron
  • 0

#44
tedins

tedins

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts
The router is working, and I am connected with a second computer. Getting a crash course on a MAC.

Anything done through the Command Prompt works. Local host listed was 127.0.0.1

Successfully flushed the DNS Resolver Cache

nslookup on att.com worked fine

The notepad file lists only one entry with no comments.

127.0.0.1 localhost
::1 localhost
  • 0

#45
tedins

tedins

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts
I did reset IE. It does still refuse to run. Just opens a white shell, hangs for a few seconds, then closes.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP