Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Missing tdx.sys file


  • Please log in to reply
13 replies to this topic

#1 smfoy

smfoy

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 28 May 2011 - 10:55 PM

I am working on a friend's system. DHCP client service would not start. Error 1075 was thrown. After checking dependencies for DHCP in the registry, three services were dependent: AFD, TDX, NSI. After deleting TDX, the DHCP service starts. However, I know TDX should be included. I found tdx.sys is missing from C:\Windows\System32\Drivers.

Also, System Restore will not run, and sfc errors at 82%.

Rkill, TDSKill, and Malwarebytes all run. Malwarebytes finds no infections.

System particulars:

Acer Aspire 5315
Intel Celeron 530 @ 1.73G
1 GB RAM
32 bit OS
Windows Vista Home Basic, Service Pack 2

Any suggestions are appreciated...

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,710 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:10 PM

Posted 29 May 2011 - 12:04 AM

Vista should have some replacements available.

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

64-bit users go HERE
  • Double-click SystemLook.exe to run it.
  • Vista\Win 7 users:: Right click on SystemLook.exe, click Run As Administrator
  • Copy the content of the following box into the main textfield:
    :filefind
    tdx.sys
    
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 smfoy

smfoy
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 29 May 2011 - 03:24 PM

Thanks for your quick response, Broni.

Results of SystemLook:

SystemLook 04.09.10 by jpshortstuff
Log created at 16:20 on 29/05/2011 by G
Administrator - Elevation successful

========== filefind ==========

Searching for "tdx.sys"
C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6000.16386_none_e807064fdf2a97e3\tdx.sys --a---- 68096 bytes [08:57 02/11/2006] [08:57 02/11/2006] AB4FDE8AF4A0270A46A001C08CBCE1C2
C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6001.18000_none_ea3dc84bdc15a8b7\tdx.sys --a---- 71680 bytes [14:44 30/05/2008] [05:55 19/01/2008] D09276B1FAB033CE1D40DCBDF303D10F
C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.18005_none_ec294157d9377403\tdx.sys --ah--- 72192 bytes [11:37 11/09/2009] [04:45 11/04/2009] (Unable to calculate MD5)

-= EOF =-

Thanks,

smfoy

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,710 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:10 PM

Posted 29 May 2011 - 03:33 PM

There you go...
Copy the file form the 1st, or 2nd location (do NOT use the 3rd one, as it seems to be something wrong with that file - "Unable to calculate MD5") and paste it to C:\Windows\System32\Drivers folder

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 smfoy

smfoy
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 29 May 2011 - 04:04 PM

Broni:

I copied tdx.sys to C:\Windows\System32\Drivers from the second listed location.

I modified the DHCP service in the Registry to depend again on TDX.

I re-booted the system, and networking is not running - the Wireless Network (and the Ethernet network, if connected) both show 'Identifying'.

I cannot restarte the DHCP client service from services.msc - it again throws error 1075 - 'The dependency service does not exist or has been marked for deletion'.

I looked in C:\Windows\System32\Drivers and tdx.sys is there.

Thank you for your help!

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,710 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:10 PM

Posted 29 May 2011 - 04:17 PM

Check here: http://support.microsoft.com/kb/915162

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 smfoy

smfoy
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 29 May 2011 - 04:31 PM

Broni:

The article you cite above refers to Windows XP. As I stated in my initial post, I am running Vista.

The dependencies cited in the article apply to XP, not Vista.

Further suggestions?

Kind Regards,

smfoy

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,710 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:10 PM

Posted 29 May 2011 - 04:40 PM

The very same key exist in Vista.
This is what I have in DependOnService value on my Vista:


Attached Files


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 smfoy

smfoy
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 29 May 2011 - 05:01 PM

Broni:

The article states that the following are services that DHCP depends on in Windows XP:

* Tcpip
* Afd
* NetBt

I am running Vista, and agree with your previous post, the following are services that DHCP depends on in Vista:

* NSI
* Tdx
* Afd

These three dependency services are configured on my Vista machine in question - NSI, Tdx, Afd.

Vista continues to throw error 1075 when attempting to start DHCP.

Perhaps I am not understanding your answers or the article.

Regards,

smfoy

#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,710 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:10 PM

Posted 29 May 2011 - 05:09 PM

You're doing fine.
It looks like your settings are correct.

It may take a while to pinpoint the culprit, because we may have quite a few possible causes.

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List last 10 Event Viewer log
  • List Users, Partitions and Memory size
Click Go and post the result.

Post that and....

Go Start>Run ("Start Search" in Vista/7), type in:
sfc /scannow
Click OK (hold CTRL, and SHIFT, hit Enter in Vista/7).
Have Windows CD/DVD handy (with Vista/7, most likely, you won't need it).
If System File Checker (sfc) will find any errors, it may ask you for the CD/DVD (rarely in Vista/7 case).

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#11 smfoy

smfoy
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 29 May 2011 - 06:00 PM

Broni:

Results of MiniToolBox.exe are atteched.

Running sfc /scannow stops at 82% - see screen shot also attached.



Kind Regards,

smfoy

Attached Files



#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,710 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:10 PM

Posted 29 May 2011 - 06:06 PM

Let's see....

MiniToolBox by Farbar
Ran by G (administrator) on 29-05-2011 at 18:33:50
Windows Vista ™ Home Basic Service Pack 2 (X86)

***************************************************************************


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= End of IE Proxy Settings ========================
=============== Hosts content: ============================================

# Copyright © 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
::1 localhost
# Start of entries inserted by Spybot - Search & Destroy
# This list is Copyright 2000-2008 Safer Networking Limited
127.0.0.1 007guard.com
....more 127.0.0.1 entries...
# End of entries inserted by Spybot - Search & Destroy

=============== End of Hosts ==============================================

================= IP Configuration: =======================================

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : eo
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : tampabay.rr.com

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : tampabay.rr.com
Description . . . . . . . . . . . : Broadcom 590x 10/100 Ethernet
Physical Address. . . . . . . . . : 00-1B-38-60-B2-C2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : tampabay.rr.com
Description . . . . . . . . . . . : Atheros AR5007EG Wireless Network Adapter
Physical Address. . . . . . . . . : 00-1D-D9-25-97-D3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Autoconfiguration IPv4 Address. . : 169.254.219.17(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 65.32.5.111
65.32.5.112
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.home
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 17:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{406E899B-F33F-416E-863E-3FC58F76CF56}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 65.32.5.111

Ping request could not find host google.com. Please check the name and try again.

Server: UnKnown
Address: 65.32.5.111

Ping request could not find host yahoo.com. Please check the name and try again.



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
16 ...00 1b 38 60 b2 c2 ...... Broadcom 590x 10/100 Ethernet
8 ...00 1d d9 25 97 d3 ...... Atheros AR5007EG Wireless Network Adapter
1 ........................... Software Loopback Interface 1
18 ...00 00 00 00 00 00 00 e0 isatap.home
9 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
13 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
17 ...00 00 00 00 00 00 00 e0 isatap.{406E899B-F33F-416E-863E-3FC58F76CF56}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 169.254.219.17 281
169.254.219.17 255.255.255.255 On-link 169.254.219.17 281
169.254.255.255 255.255.255.255 On-link 169.254.219.17 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 169.254.219.17 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 169.254.219.17 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

================= End of IP Configuration =================================

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/29/2011 05:29:18 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070422.


Operation:
Instantiating VSS server

Error: (05/29/2011 05:29:18 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: The Volume Shadow Copy service (VSS) is disabled. Please
enable the service and try again.


Operation:
Instantiating VSS server

Error: (05/29/2011 00:21:08 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070422.


Operation:
Instantiating VSS server

Error: (05/29/2011 00:21:08 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: The Volume Shadow Copy service (VSS) is disabled. Please
enable the service and try again.


Operation:
Instantiating VSS server

Error: (05/28/2011 11:31:02 PM) (Source: System Restore) (User: )
Description: Failed to create restore point on volume (Process = C:\Windows\system32\svchost.exe -k netsvcs; Descripton = Windows Update; Hr = 0x8000ffff).

Error: (05/28/2011 11:31:02 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070422.


Operation:
Instantiating VSS server

Error: (05/28/2011 11:31:02 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: The Volume Shadow Copy service (VSS) is disabled. Please
enable the service and try again.


Operation:
Instantiating VSS server

Error: (05/28/2011 10:47:27 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (05/28/2011 10:22:55 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070422.


Operation:
Instantiating VSS server

Error: (05/28/2011 10:22:55 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: The Volume Shadow Copy service (VSS) is disabled. Please
enable the service and try again.


Operation:
Instantiating VSS server


System errors:
=============
Error: (05/29/2011 05:01:47 PM) (Source: Service Control Manager) (User: )
Description: DHCP ClientTdx

Error: (05/29/2011 05:01:23 PM) (Source: Service Control Manager) (User: )
Description: DHCP ClientTdx

Error: (05/29/2011 04:55:35 PM) (Source: Service Control Manager) (User: )
Description: Windows Media Player Network Sharing ServiceUPnP Device Host%%1068

Error: (05/29/2011 04:55:35 PM) (Source: Service Control Manager) (User: )
Description: UPnP Device HostSSDP Discovery%%1058

Error: (05/29/2011 04:55:30 PM) (Source: Service Control Manager) (User: )
Description: KtmRm for Distributed Transaction CoordinatorSecurity Accounts Manager%%1058

Error: (05/29/2011 04:52:40 PM) (Source: Service Control Manager) (User: )
Description: UPnP Device HostSSDP Discovery%%1058

Error: (05/29/2011 04:52:40 PM) (Source: Service Control Manager) (User: )
Description: Advanced SystemCare Service%%1053

Error: (05/29/2011 04:52:40 PM) (Source: Service Control Manager) (User: )
Description: 30000Advanced SystemCare Service

Error: (05/29/2011 04:52:40 PM) (Source: Service Control Manager) (User: )
Description: DNS ClientTdx

Error: (05/29/2011 04:52:40 PM) (Source: Service Control Manager) (User: )
Description: DHCP ClientTdx


Microsoft Office Sessions:
=========================
Error: (05/29/2011 05:29:18 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80070422

Operation:
Instantiating VSS server

Error: (05/29/2011 05:29:18 PM) (Source: VSS)(User: )
Description: Operation:
Instantiating VSS server

Error: (05/29/2011 00:21:08 AM) (Source: VSS)(User: )
Description: CoCreateInstance0x80070422

Operation:
Instantiating VSS server

Error: (05/29/2011 00:21:08 AM) (Source: VSS)(User: )
Description: Operation:
Instantiating VSS server

Error: (05/28/2011 11:31:02 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x8000ffff

Error: (05/28/2011 11:31:02 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80070422

Operation:
Instantiating VSS server

Error: (05/28/2011 11:31:02 PM) (Source: VSS)(User: )
Description: Operation:
Instantiating VSS server

Error: (05/28/2011 10:47:27 PM) (Source: EventSystem)(User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (05/28/2011 10:22:55 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80070422

Operation:
Instantiating VSS server

Error: (05/28/2011 10:22:55 PM) (Source: VSS)(User: )
Description: Operation:
Instantiating VSS server


========================= End of Event log errors =========================

========================= Memory info: ====================================

Percentage of memory in use: 84%
Total physical RAM: 1013.27 MB
Available physical RAM: 155.26 MB
Total Pagefile: 2474.6 MB
Available Pagefile: 1413.88 MB
Total Virtual: 2047.88 MB
Available Virtual: 1959.25 MB

======================= Partitions: =======================================

1 Drive c: (ACER) (Fixed) (Total:32.51 GB) (Free:6.84 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:32.26 GB) (Free:32.17 GB) NTFS
4 Drive f: (CISCO LIVE) (Removable) (Total:1.85 GB) (Free:0 GB) FAT

================= Users: ==================================================

User accounts for \\EO

-------------------------------------------------------------------------------
Administrator G Guest
The command completed successfully.

================= End of Users ============================================

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#13 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,710 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:10 PM

Posted 29 May 2011 - 06:16 PM

Let me know about "sfc".

Meanwhile...
Are we talking here about wireless connection suffering?
Did you try wired connection?
Do we have any errors in Device Manager especially regarding network adapters?

Do you have any info, what did lead to this situation?

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#14 smfoy

smfoy
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 29 May 2011 - 06:25 PM

Broni:

As stated in my immediate previous post, I attached a screenshot of sfc scan. It stops at 82%.

There are no Device Manager errors.

As stated in previous posts, the problem affects both the wired and wireless connections. It is a DHCP Client service problem.

What led to this problem:

My friend asked me to look at their laptop. He stated it had a virus, and could not access the Internet. I suspect he tried to fix it himself, as he had rKill, Malwarebytes, and AdAware already installed.

That's where we are.

Regards,

smfoy




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users