Computer seems to have picked up a bug as Symantic gives me message of Tidserv Activity 5 detected? Having a pop-up from Norton indicating it has blocked a recent attempted attack? Another problem is that I can’t run certain EXE files? Norton 360 windows appear with “Threat requiring manual removal detected: Tidserv Activity 5”? How do I handle this? Reading this article will help you fix it.

General Description of Tidserv Activity Virus

Tidserv Activity 5 is recognized as a Trojan horse that uses an advanced rootkit to hide itself in the infected computers. The Trojan is put in Internet by the hackers and then extends all over the world. Recently this latest virus has been very popular and millions of computers have become the victims. That’s why you need to be cautious when surfing the Internet because the tricky virus can hide in those unsafe pages that you just visited and there’s greater chance to catch the virus by clicking on images and videos from adult sites. Once installed, the Trojan immediately take actions to affect your computer by displaying advertisements, redirecting user search results and opening back door for cyber criminals to remote in. The Trojan uses an advanced rootkit that can intercept system functions to hide itself and bypass the detection from antivirus so that it’s very hard to be deleted from your computer completely. Under this circumstances, how to remove Tidserv Activity 5 completely? Please do not worry, after persistent study on this tricky virus, we’ve find out proper solution to kill it permanently by manual removal.

Common Signs of Tidserv Activity Infection

A) Windows firewall is disable and it would not be activated even you try to turn it on.
B) The Trojan virus can block the functions of your antivirus programs, you can’t run them as well as updating them via Internet.
C) Strange e-mails that you didn’t write are being sent from your mailbox
D) Fails to view hidden files; fails to make files viewable or hidden, since Tidserv Activity 5 sets all your folders on your partitions to be hidden.
E) Computer is working very slowly because the virus propagates very fast and thus leads to great consumption of system resource and network bandwidth.
F) Some desktop shortcuts have appeared or the home page has changed.
G) Annoying pop-ups keep appearing on your PC.
H) The nasty Trojan forces your computer restart or shutdown frequently and unreasonably. Sometimes you even found your PC is totally crash down.
I) The trojan virus attack and damage your system files and programs, you will find your computer is running weirdly and some programs are not able to run any more.
J) Other threats were found bundled with the Trojan virus.

If there’s any difficulty for you to remove Tidserv Activity 5 from your computer, please contact YooSecurity professionals to keep your computer safe and virus free, or you can follow our step-by-step virus removal instruction below to clean the virus yourself. (For advanced computer users)

Best Way to Remove Tidserv Activity Step by Step:

Firstly, please go to the folder option to show hidden files, here’s the guide:

1) Click on Start button and then click on Control Panel
2) Click on Appearance and Personalization item


3) Click on Folder Options item
4) Click on View tab in the Folder Options window


5) Check the box of Show hidden files, folders, and drives under the Hidden files and folders category

Next, please follow these steps to get rid of Tidserv Activity 5 manually:
Step 1: Press CTRL+ALT+DEL or CTRL+SHIFT+ESC. Open the Windows Task Manager.
If that didn’t work, try another way. Press the Start button and click on the Run option. This will start the Run tool. Type in task-mgr and press OK. This should start the Windows Task Manager.

Step 2: Within the Windows Task Manager click on the Processes tab. Find the process by name. random.exe related to Tidserv Activity 5. Then scroll the list to find required process. Select it with your mouse or keyboard and click on the End Process button. This will kill the process.

Step3: Remove malicious files of Tidserv Activity.

C:\windows\system32\services.exe
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
C:\Windows\Installer\{bbee3ba2-89af-930c-bb78-1fb4e17db3cc}

Step4: Delete malicious registry entries of Tidserv Activity 5.

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\Random.exe
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Random.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer
“EnableShellExecuteHooks”= 1 (0x1)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\Random.exe

Video Show You on How to Modify or Change Windows Registry:

In conclusion, Tidserv Activity 5 has been proven as a very sophisticated malicious program and a serious security threat to user’s computer. Besides the same regular damages made by other virus, this Trojan may attempt to contact a remote server created by cyber criminals to provide information of status to receive commands. It’s so smart that just like a tiny robot hidden in your computer who is controlled by hackers to monitor your every action and collect all the valuable information from your end. In order to save your computer and protect your personal privacy you need to delete the nasty virus immediately. Your Symantec product may report the Trojan was found, sometimes Norton report it as IPS signature, it could indicate the presence of the variant of this trojan that is detected by the current antivirus signatures on the computer, but it can not delete it completely. Thus, manual removal is needed to get rid of Tidserv Activity 5 forever.

Kindly reminder: Manual removal needs expert skills, if you failed to remove Tidserv Activity 5 by yourself,please contact YooSecurity professionals to keep your computer safe and virus free.

Published by Michael Myn & last updated on June 3, 2013 7:52 am

Leave a Reply