Hi Brian
Cannot sent the TDSS report as is crashes the G2G website with this error
Error 520 Ray ID: 1db16b39a4aa1359 • 2015-04-22 12:44:45 UTC
What does that mean?
delboy
Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!
Hi Brian
Cannot sent the TDSS report as is crashes the G2G website with this error
Error 520 Ray ID: 1db16b39a4aa1359 • 2015-04-22 12:44:45 UTC
What does that mean?
delboy
I'm not sure. Could you please upload the TDSS report here instead?
http://www.bleepingc...php?channel=181
Hi Brian
Do I have to set up an account with Bleeping Computer?
By the way no threats were found by the TDSSKiller.
delboy
Try this instead. Please upload to https://www.sendspace.com/ and then just provide the link here to download it. Thanks.
Do I have to set up an account with Bleeping Computer?
No you don't.
Thank you. You're right, looks clean. Let's check for broken services.
Services Check
1. Please download Farbar Service Scanner to your desktop.
2. Make sure that ALL the options are checked:
3. Press "Scan".
4. It will create a log (FSS.txt) in the same directory the tool is run.
5. Please copy and paste the log to your reply.
Hi Brian
Here's the log for Service Scanner
Farbar Service Scanner Version: 17-01-2015
Ran by Del (administrator) on 23-04-2015 at 08:58:43
Running from "C:\Users\Del\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
System Restore:
============
System Restore Policy:
========================
Action Center:
============
Action Center Notification Icon =====> HKLM\...\ShellServiceObjects\{F56F6FDD-AA9D-4618-A949-C1B91AF43B1A}\\"AutoStart" value does not exist.
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
Other Services:
==============
File Check:
========
C:\Windows\system32\nsisvc.dll => File is digitally signed
C:\Windows\system32\Drivers\nsiproxy.sys => File is digitally signed
C:\Windows\system32\dhcpcore.dll => File is digitally signed
C:\Windows\system32\Drivers\afd.sys => File is digitally signed
C:\Windows\system32\Drivers\tdx.sys => File is digitally signed
C:\Windows\system32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\system32\dnsrslvr.dll => File is digitally signed
C:\Windows\system32\mpssvc.dll => File is digitally signed
C:\Windows\system32\bfe.dll => File is digitally signed
C:\Windows\system32\Drivers\mpsdrv.sys => File is digitally signed
C:\Windows\system32\SDRSVC.dll => File is digitally signed
C:\Windows\system32\vssvc.exe => File is digitally signed
C:\Windows\system32\wscsvc.dll => File is digitally signed
C:\Windows\system32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\system32\wuaueng.dll => File is digitally signed
C:\Windows\system32\qmgr.dll => File is digitally signed
C:\Windows\system32\es.dll => File is digitally signed
C:\Windows\system32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\system32\ipnathlp.dll => File is digitally signed
C:\Windows\system32\iphlpsvc.dll => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
**** End of log ****
delboy
Thanks for the information. Please do the following. I want to rule out any registry/file corruption.
Step#1 - FRST Fix
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
1. Download attached file and save it to the Desktop.
fixlist.txt 160bytes
185 downloads
Note. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
2. Run FRST by Right-Clicking on the file and choosing Run as administrator.
3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
4. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.
Step#2 - System Update Readiness Tool (SUR)
1. Download and run the following file.
2. When it asks you if you wish to install, please answer yes. Note: It could take 15 minutes or more to run. Please don't cancel.
3. You will get an Installation Complete screen when it's done running.
4. Please post the contents of the log from the following location. C:\Windows\Logs\CBS\CheckSUR.log
Items for your next post
1. FRST Fix log
2. CheckSUR log
Hi Brian
Here are the logs
FixLog
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 23-04-2015
Ran by Del at 2015-04-23 21:09:09 Run:4
Running from C:\Users\Del\Desktop
Loaded Profiles: Del (Available profiles: Del & Yvonne)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
reg: reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{F56F6FDD-AA9D-4618-A949-C1B91AF43B1A} /v AutoStart /d ""
*****************
========= reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{F56F6FDD-AA9D-4618-A949-C1B91AF43B1A} /v AutoStart /d "" =========
The operation completed successfully.
========= End of Reg: =========
==== End of Fixlog 21:09:11 ====
CheckSUR.txt
=================================
Checking System Update Readiness.
Binary Version 6.1.7601.22471
Package Version 26.0
2015-04-23 21:54
Checking Windows Servicing Packages
Checking Package Manifests and Catalogs
Checking Package Watchlist
Checking Component Watchlist
Checking Packages
Checking Component Store
=================================
Checking System Update Readiness.
Binary Version 6.1.7601.22471
Package Version 26.0
2015-04-24 07:12
Checking Windows Servicing Packages
Checking Package Manifests and Catalogs
Checking Package Watchlist
Checking Component Watchlist
Checking Packages
Checking Component Store
=================================
Checking System Update Readiness.
Binary Version 6.1.7601.22471
Package Version 26.0
2015-04-24 08:45
Checking Windows Servicing Packages
Checking Package Manifests and Catalogs
Checking Package Watchlist
Checking Component Watchlist
Checking Packages
Checking Component Store
Summary:
Seconds executed: 1861
No errors detected
delboy
Thank you. What I would like to do at this point is to try the following.
I would like you to uninstall your Sophos Antivirus. Please make sure you have any necessary license key information before doing it so we can re-install later if need be.
Once uninstalled and rebooted, please install Microsoft Security Essentials.
Use your machine and let me know if you have lockups.
Hi Brian
I am a bit uneasy about uninstalling Sophos. What is your reasoning to take this step? Is MS Security Essentials safe enough to give full protection?
Please let me know before I take this step.
delboy
I wanted to uninstall your AV temporarily to see if it could be contributing to your issues that you are having. Yes MS Security Essentials does provide full AV protection.
If you are uneasy about doing this and don't wish to that's fine and is your decision. At this point you are malware free. I can provide instructions to clean up our tools and then recommend you to our Windows forum to see if the experts there can assist you further.
Let me know your intentions. Thanks.
Hi Brian
I have uninstalled Sophos and installed MSE.
What's next?
delboy
Now we need to see if you have the freeze-up issues. Let me know if you do.
0 members, 0 guests, 0 anonymous users
Community Forum Software by IP.Board
Licensed to: Geeks to Go, Inc.