Your computer is infected with malicious software? Do you have pop-ups on your PC?
If so, search this blog for removal instructions or browse computer threats by category.

Sunday, January 1, 2012

Remove Tidserv Activity 2 (Uninstall Guide)

Tell your friends:
Tidserv Activity 2 is Norton's IPS signature designed to inform you about the network activities initiated by a Trojan horse called Backdoor.Tidserv (alias Alureon, TDSS, TDL) and to prevent further damage from happening. IPS (Intrusion Prevention System) protects your computer from exploits that attempt to install malicious software, in this case Backdoor.Tidserv, via known software vulnerabilities. It's a very sophisticated malicious code and a serious security threat. It uses an advanced rootkit that can intercept system functions to hide itself and bypass antivirus detection. This Trojan/rootkit combination redirects search results, displays advertisements and leaves your computer wide open to web attacks. Your anti-virus software or Windows system utilities may also report high memory and CPU usage for ping.exe. Ping.exe write-up.

Norton does a good job of protecting people, however, certain intrusion attempts and malicous code require manual removal. If you see an alert saying "Threat requiring manual removal detected: System infected: Tidserv Activity 2", it means your computer is infected by Backdoor.Tidserv and you need to use additional utility that allows removing sophisticated combination of backdoor Trojan horse and rootkits. Norton has developed the Backdoor.Tidserv Removal Tool. Kaspersky Lab has the TDSSKiller utility. Both tools can be used to remove Backdoor.Tidserv infection and to stop an intrusion attempt message Tidserv Activity 2 triggered by this malware. To remove this malware from your computer, please follow the removal instructions below. Good luck and be safe online!


Tidserv Activity 2 / Backdoor.Tidserv removal instructions:

1. Download Backdoor.Tidserv Removal Tool.

2. Close all running programs. Double-click the FixTDSS.exe file to start the removal tool.

3. Click Start to begin the process, and then allow the tool to run. Remove found malware and close the program. That's it!

4. Then download and execute TDSSKiller. Press the button Start scan for the utility to start scanning. It will detect and cure found malware automatically. A reboot might require after disinfection.

5. Finally, scan your computer with anti-malware software to make sure that your computer is virus free.

Share this information with your friends:

9 comments:

Anonymous said...

The virus will not allow me to run FixTDSS.exe. What is the next step?

Anonymous said...

You will need to install a .exe fix. The file associations are missing.

1. go here http://www.dougknox.com/
2. click on "Win XP Fixes" on the left
3. click "File Association Fixes", its in the first column towards the bottom
4. Download "EXE File Association Fix" and run it. It modifies your registry so click yes. Restart and there you go.

Cheers.
ShadowBorn

Anonymous said...

TDSS killer fixed up 1-2-6
Thanks!

Anonymous said...

i RAN THE REMOVAL TOOL BUT IT SAYS i DON'T HAVE THE TIDSERV INFECTION EVEN THOUGH IT SAYS IT. wHAT TO DO NEXT

Admin said...

Then use Norton Power Eraser:

http://security.symantec.com/nbrt/npe.aspx?

Anonymous said...

I ran power eraser first and it didn't pick up tidserv and then rean the norton tdss and then akspersky and norton still pop up saying I have to remove it

Anonymous said...

I Downloaded the Removal Tool and forgot to download the TDSSKiller and i just Shutted off the comp. Then the next day i turned on the computer but it said the Windows couldn't start and i also tried the System repair but nothing works.What do i do?

Anonymous said...

I am having the same problem as Anonymous Jan11. I have tried everything mentioned yet Norton still pops up with "Threat requiring manual removal detected:System Infected:Tidserv Activity 2".
What should I do now?
Thanks.

Anonymous said...

My daughter's computer was infected, and I initially had the same problem as many have noted above. I rebooted into safe mode and then ran the Kaspersky utility. It appears to have worked. Upon rebooting normally, I was able to stay on the machine for a couple of hours without the Symantec warning reappearing. It's not conclusive yet, but I'm keeping my fingers crossed.