Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

SID:23621 System Infected Tidserv Activity Detected [Solved]


  • This topic is locked This topic is locked

#91
Homburg

Homburg

    Trusted Helper

  • Malware Removal
  • 665 posts
So everythings looking good at the moment? :thumbsup:
  • 0

Advertisements


#92
knarf1

knarf1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
Working smoothly, but this is still the case:


"In the Windows Security Window it says the Malware protection is turned off. Under that (details) it says that Sophow Anti-Virus reports that it is turned off. That is not so. When I take the moves in the Security Center to turn it off it still says the same thing.

When I try to turn on Windows Defender it says that the Security Center cannot turn it on--try again later (same old)."
  • 0

#93
Homburg

Homburg

    Trusted Helper

  • Malware Removal
  • 665 posts
Hi,
I'm not sure why you're getting that. You could try uninstalling the Sophos AntiVirus and reinstalling it again. Or uninstalling Sophos and installing Avast then see if you get the same message.

Also to see if the Security Centre is running ok:

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

  • 0

#94
knarf1

knarf1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
Here is what I get (without uninstalling Sophos):

Farbar Service Scanner Version: 22-02-2012
Ran by msuman (administrator) on 28-02-2012 at 08:24:20
Running from "C:\Users\msuman\Downloads"
Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is blocked.
LAN connected.
Attempt to access Google IP returned error: Google IP is offline
Attempt to access Yahoo IP returend error: Yahoo IP is offline


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

Edited by knarf1, 28 February 2012 - 10:28 AM.

  • 0

#95
knarf1

knarf1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
One more time:

Farbar Service Scanner Version: 22-02-2012
Ran by msuman (administrator) on 28-02-2012 at 09:30:39
Running from "C:\Users\msuman\Downloads"
Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****
  • 0

#96
knarf1

knarf1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts

You could try uninstalling the Sophos AntiVirus and reinstalling it again.


I tried this and it did nothing.

And the same problems held with security center while it was uninstalled (all the same except that it did not mention sophos).
  • 0

#97
Homburg

Homburg

    Trusted Helper

  • Malware Removal
  • 665 posts
I can see that you are getting the error message about Windows Defender but there appears to be nothing wrong with the Security Centre or Defender. It's most likely to be a conflict with the software.

You're using Sophos as an AntiVirus, what are you using as a Firewall? Have you reinstalled MalwareBytes or any other spyware software?
  • 0

#98
knarf1

knarf1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
I am using Zonealarm as my firewall.
I have not reinstalled malwarebytes, put now plan to after asking their tech guys how to avoid the freeze that it was causing...

Edited by knarf1, 01 March 2012 - 07:41 AM.

  • 0

#99
Homburg

Homburg

    Trusted Helper

  • Malware Removal
  • 665 posts
Running MalwareBytes and Windows Defender on a Vista machine is known to cause conflicts, they are similar programs giving real time protection.

I would turn off Defender, reinstall MalwareBytes and continue using ZoneAlarm. I think then you're good to go.
  • 0

#100
knarf1

knarf1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
I'll do as you suggest.

MANY THANKS FOR AAALLLLL YOUR HELP, Homburg. YOU HAVE BEEN GREAT--WITH YOUR KNOWLEDGE, SKILL, PATIENCE, AND KINDNESS. I REALLY APPRECIATE IT!!
  • 0

Advertisements


#101
Homburg

Homburg

    Trusted Helper

  • Malware Removal
  • 665 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP