Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

CryptOSD problem.....


  • This topic is locked This topic is locked
21 replies to this topic

#1 Waterlilyz

Waterlilyz

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Australia
  • Local time:10:36 AM

Posted 07 February 2013 - 01:46 AM

I have a Dell Studio 17 running Windows 7 Home Premium.
Recently I have noticed issues with the display partially freezing.
I mean partially, in the sense that the images are not moveable, clickable etc.,
but the mouse remains free. Sometimes the situation will resolve itself over
5 minutes or so, other times I will have to restart the pc.
Along with this I have become aware of a problem with CryptOSD.
When I check device manager there is a caution sign.
Analysing the pc with AVG Tuneup I receive the message....
...Windows reports that the "CryptOSD" device is not working properly.
I have tried to update the driver as suggested by AVG Tuneup but have not been
able to locate an update.

I can find my way around a pc on a superficial level... but this kind of thing is beyond my knowledge.
Can someone please shed some light on this and perhaps point me in the right direction?
Any help gratefully appreciated.

BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:36 AM

Posted 07 February 2013 - 05:00 AM

Hello Waterlilyz and Welcome (from a fellow Aussie) -

Is AVG your only and normal Antivirus program, or did you download AVG Tuneup ?
CryptOSD seems to be part of a Dell video or viewing device -

Lets see if we can repair or find the file first -

Click on the start ORB then all Programs > Accessories > Find and Right click on Command Prompt, select Run as Admin.
Then type in sfc /scannow and hit enter. Note the space between c and / as this is important - No disks are needed for Windows7 -

The scan should take no more than ~ 15 minutes (on average) unless you have un-correctable files.

Thank You -



#3 Waterlilyz

Waterlilyz
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Australia
  • Local time:10:36 AM

Posted 07 February 2013 - 04:51 PM

Hello Aussie Addict andthank you for coming to my assistance!

 

This is what was on the screen at the end of the scan.....

 

 

Microsoft Windows [Version 6.1.7601]
Copyright © 2009 Microsoft Corporation.  All rights reserved.
 
C:\Windows\system32>sfc /scannow
 
Beginning system scan.  This process will take some time.
 
Beginning verification phase of system scan.
Verification 100% complete.
Windows Resource Protection found corrupt files but was unable to fix some of th
em.
Details are included in the CBS.Log windir\Logs\CBS\CBS.log. For example
C:\Windows\Logs\CBS\CBS.log
 
C:\Windows\system32>
 
Have tried to gain access to the CBS.log so I could post it for you but keeps telling me access denied...I am administrator.


#4 Waterlilyz

Waterlilyz
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Australia
  • Local time:10:36 AM

Posted 07 February 2013 - 05:29 PM

Sorry forgot to answer the AVG bit..... AVG free is now my only antivirus, but I also had a one day trial of AVG Tuneup (which I used to the max!) and has now expired.

Before that McAfee was my antivirus for 3 years.



#5 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:36 AM

Posted 07 February 2013 - 11:25 PM

Windows Resource Protection found corrupt files but was unable to fix some of them.

Hi -

First please re-run that same tool and see if it can recover any more corrupt files, (sorry but this is the eaier way).

Can I please make sure that you used the Full McAfee Removal Tool, prior to installing AVG -

 

Thank You -

PS. Are you in the Floods or Fire states ?



#6 Waterlilyz

Waterlilyz
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Australia
  • Local time:10:36 AM

Posted 08 February 2013 - 01:11 AM

Ok here we go.... this is the second scan.....

 

  Microsoft Windows [Version 6.1.7601]

Copyright © 2009 Microsoft Corporation.  All rights reserved.
 
C:\Windows\system32>sfc /scannow
 
Beginning system scan.  This process will take some time.
 
Beginning verification phase of system scan.
Verification 100% complete.
Windows Resource Protection found corrupt files but was unable to fix some of th
em.
Details are included in the CBS.Log windir\Logs\CBS\CBS.log. For example
C:\Windows\Logs\CBS\CBS.log
 
C:\Windows\system32>
 
as for McAfee....I used Windows Add and Remove Programs (as recommended by McAfee)
Would you like me to use the McAfee Removal Tool?
Thank you....
=))
 
PS... In Qld (The Lucky State...lol) still got fires here and floods have mostly finished! 


#7 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:36 AM

Posted 08 February 2013 - 04:02 AM

Would you like me to use the McAfee Removal Tool? < < Yes you must run the Removal Tool or it will leave remains -

Could you please post a log for me to have a better look -

Please download MiniToolBox, Save it to your desktop and run it.


Checkmark the following boxes:


•Flush DNS
•Report IE Proxy Settings
•Reset IE Proxy Settings
•Report FF Proxy Settings
•Reset FF Proxy Settings
•List content of Hosts
•List IP configuration
•List last 10 Event Viewer log
•List Installed Programs
List devices >>(Problem only)<<
•List Users, Partitions and Memory size.
•List Minidump Files

Click Go and copy / paste the result (Result.txt) in your next reply -

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

This will show current errors, or incorrectly installed programs.

 

Download Security Check by Screen317 from HERE or HERE, and save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If a security program requests permission to access the Internet, allow it to do so.

This will show updated or not updated installed security etc.

 

Thank You -



#8 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:36 AM

Posted 08 February 2013 - 05:10 PM

Hi -

Nice weekend (if there are no fires or flood cleanups to do)

Please post the requested logs, then read the next part -

 

Please download SystemLook from one of the links below and Save it to your Desktop.
Download Mirror #1
Download Mirror #2
64-bit users go HERE


•Double-click SystemLook.exe to run it.
•Vista / Windows7 users users:: Right click on SystemLook.exe, click Run As Administrator
•Copy the content of the following box into the main textfield:

:filefind
CryptOSD

•Click the Look button to start the scan.

If there are no results, change the bottom line to Cryptosd.sys
 

•When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

 

Thank You -



#9 Waterlilyz

Waterlilyz
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Australia
  • Local time:10:36 AM

Posted 08 February 2013 - 09:54 PM

Thank you Noknojon!

 

McAfee removal has been run.

Here is the Result.txt from Mini Toolbox...

 

 

MiniToolBox by Farbar  Version:10-01-2013
Ran by Dog (administrator) on 09-02-2013 at 12:35:53
Running from "C:\Users\Dog\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
"network.proxy.no_proxies_on", "*.local"
"network.proxy.type", 0
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Intel® WiFi Link 5100 AGN = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : DogsOne
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : BigPond
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 0C-60-76-95-F0-7E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 00-26-B9-97-55-F2
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : BigPond
   Description . . . . . . . . . . . : Intel® WiFi Link 5100 AGN
   Physical Address. . . . . . . . . : 00-24-D6-1F-97-88
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::cfb:c56c:157b:277f%10(Preferred) 
   IPv4 Address. . . . . . . . . . . : 10.0.0.5(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, 9 February 2013 12:32:54 p.m.
   Lease Expires . . . . . . . . . . : Sunday, 10 February 2013 12:32:55 p.m.
   Default Gateway . . . . . . . . . : 10.0.0.138
   DHCP Server . . . . . . . . . . . : 10.0.0.138
   DHCPv6 IAID . . . . . . . . . . . : 184558806
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-B5-D7-79-00-26-B9-97-55-F2
   DNS Servers . . . . . . . . . . . : 10.0.0.138
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.BigPond:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : BigPond
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 12:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:10d5:e25:f5ff:fffa(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::10d5:e25:f5ff:fffa%22(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  BigPond.BigPond
Address:  10.0.0.138
 
Name:    google.com
Addresses:  2404:6800:4006:803::1002
      74.125.237.105
      74.125.237.99
      74.125.237.102
      74.125.237.100
      74.125.237.101
      74.125.237.97
      74.125.237.98
      74.125.237.96
      74.125.237.103
      74.125.237.104
      74.125.237.110
 
 
Pinging google.com [74.125.237.99] with 32 bytes of data:
Reply from 74.125.237.99: bytes=32 time=43ms TTL=52
Reply from 74.125.237.99: bytes=32 time=41ms TTL=52
 
Ping statistics for 74.125.237.99:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 41ms, Maximum = 43ms, Average = 42ms
Server:  BigPond.BigPond
Address:  10.0.0.138
 
Name:    yahoo.com
Addresses:  98.139.183.24
      206.190.36.45
      98.138.253.109
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=274ms TTL=42
Reply from 98.139.183.24: bytes=32 time=361ms TTL=42
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 274ms, Maximum = 361ms, Average = 317ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 13...0c 60 76 95 f0 7e ......Bluetooth Device (Personal Area Network)
 11...00 26 b9 97 55 f2 ......Realtek PCIe GBE Family Controller
 10...00 24 d6 1f 97 88 ......Intel® WiFi Link 5100 AGN
  1...........................Software Loopback Interface 1
 21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 22...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0       10.0.0.138         10.0.0.5     25
         10.0.0.0    255.255.255.0         On-link          10.0.0.5    281
         10.0.0.5  255.255.255.255         On-link          10.0.0.5    281
       10.0.0.255  255.255.255.255         On-link          10.0.0.5    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link          10.0.0.5    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link          10.0.0.5    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 22     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 22     58 2001::/32                On-link
 22    306 2001:0:9d38:953c:10d5:e25:f5ff:fffa/128
                                    On-link
 10    281 fe80::/64                On-link
 22    306 fe80::/64                On-link
 10    281 fe80::cfb:c56c:157b:277f/128
                                    On-link
 22    306 fe80::10d5:e25:f5ff:fffa/128
                                    On-link
  1    306 ff00::/8                 On-link
 22    306 ff00::/8                 On-link
 10    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (02/09/2013 01:02:09 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
 
Error: (02/08/2013 03:14:07 PM) (Source: Application Error) (User: )
Description: Faulting application name: TuneUpUtilitiesApp64.exe, version: 12.0.4000.108, time stamp: 0x5035f809
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000000000015a7d0
Faulting process id: 0x103c
Faulting application start time: 0xTuneUpUtilitiesApp64.exe0
Faulting application path: TuneUpUtilitiesApp64.exe1
Faulting module path: TuneUpUtilitiesApp64.exe2
Report Id: TuneUpUtilitiesApp64.exe3
 
Error: (02/08/2013 00:30:48 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
 
Error: (02/07/2013 07:05:00 PM) (Source: Application Error) (User: )
Description: Faulting application name: CALMAIN.exe, version: 8.1.0.14, time stamp: 0x433d11f9
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeaf722
Exception code: 0xc0000005
Fault offset: 0x00009966
Faulting process id: 0xc6c
Faulting application start time: 0xCALMAIN.exe0
Faulting application path: CALMAIN.exe1
Faulting module path: CALMAIN.exe2
Report Id: CALMAIN.exe3
 
Error: (02/07/2013 00:31:01 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
 
Error: (02/06/2013 06:14:27 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Volume/disk not connected or not found.
Error context: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1 - 0000000000000120,0x00560038,0000000000402FE0,0,000000000054EEE0,4096,[0]).
 
 
Operation:
   Processing PostFinalCommitSnapshots
 
Context:
   Execution Context: System Provider
 
Error: (02/06/2013 06:09:56 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Volume/disk not connected or not found.
Error context: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy4 - 0000000000000180,0x00560038,0000000000252FE0,0,000000000012EEE0,4096,[0]).
 
 
Operation:
   Processing PostFinalCommitSnapshots
 
Context:
   Execution Context: System Provider
 
Error: (02/06/2013 06:05:10 PM) (Source: Microsoft-Windows-RestartManager) (User: DogsOne)
Description: Application or service 'Vodafone Mobile Connect Service' could not be restarted.
 
Error: (02/06/2013 03:50:52 PM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue
 
Error: (02/06/2013 03:48:34 PM) (Source: VMCService) (User: )
Description: GetProcessOwner
 
 
System errors:
=============
Error: (02/09/2013 00:32:50 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (02/09/2013 00:32:48 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (02/09/2013 00:32:48 PM) (Source: Service Control Manager) (User: )
Description: The Browser Manager service failed to start due to the following error: 
%%2
 
Error: (02/09/2013 00:31:38 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (02/08/2013 07:14:33 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.
 
Error: (02/08/2013 03:30:06 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (02/08/2013 03:30:02 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (02/08/2013 03:30:02 PM) (Source: Service Control Manager) (User: )
Description: The Browser Manager service failed to start due to the following error: 
%%2
 
Error: (02/08/2013 03:28:55 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (02/08/2013 03:12:42 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2013-02-09 12:32:24.280
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\CryptOSD.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-02-09 12:32:24.249
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\CryptOSD.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-02-08 15:29:42.218
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\CryptOSD.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-02-08 15:29:42.187
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\CryptOSD.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-02-08 15:10:53.674
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\CryptOSD.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-02-08 15:10:52.941
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\CryptOSD.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-02-06 22:26:26.614
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\CryptOSD.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-02-06 22:26:26.583
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\CryptOSD.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-02-06 18:19:32.725
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\CryptOSD.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-02-06 18:19:32.694
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\CryptOSD.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
=========================== Installed Programs ============================
 
 Update for Microsoft Office 2007 (KB2508958)
64 Bit HP CIO Components Installer (Version: 7.2.8)
Acrobat.com (Version: 2.1.0)
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 10 ActiveX (Version: 10.1.102.64)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader X (10.1.1) (Version: 10.1.1)
Advanced Audio FX Engine (Version: 1.12.05)
ATI Catalyst Control Center (Version: 2.009.0625.1811)
AVG 2013 (Version: 13.0.2639)
AVG 2013 (Version: 13.0.2897)
AVG 2013 (Version: 2013.0.2897)
AVG PC TuneUp (Version: 12.0.4000.108)
AVG PC TuneUp Language Pack (en-US) (Version: 12.0.4000.108)
B110 (Version: 140.0.283.000)
BigPond Broadband ADSL (Version: 9.2)
BufferChm (Version: 140.0.212.000)
Canon Camera Access Library (Version: 8.1.1.17)
Canon Camera Support Core Library (Version: 7.3.1.6)
Canon Camera Window DC_DV 5 for ZoomBrowser EX (Version: 5.4.5.17)
Canon Camera Window DC_DV 6 for ZoomBrowser EX (Version: 6.2.0.8)
Canon Camera Window MC 6 for ZoomBrowser EX (Version: 6.1.0.7)
Canon G.726 WMP-Decoder (Version: 1.0.1.3)
Canon MovieEdit Task for ZoomBrowser EX (Version: 2.2.0.13)
Canon RAW Image Task for ZoomBrowser EX (Version: 2.3.0.11)
Canon RemoteCapture Task for ZoomBrowser EX (Version: 1.5.0.5)
Canon Utilities EOS Utility (Version: 1.0.2.16)
Canon Utilities PhotoStitch (Version: 3.1.17.41)
Canon Utilities ZoomBrowser EX (Version: 5.6.0.27)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0625.1812.30825)
Catalyst Control Center Graphics Full Existing (Version: 2009.0625.1812.30825)
Catalyst Control Center Graphics Full New (Version: 2009.0625.1812.30825)
Catalyst Control Center Graphics Light (Version: 2009.0625.1812.30825)
Catalyst Control Center Graphics Previews Common (Version: 2009.0625.1812.30825)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0625.1812.30825)
Catalyst Control Center InstallProxy (Version: 2009.0625.1812.30825)
Catalyst Control Center Localization All (Version: 2009.0625.1812.30825)
ccc-core-static (Version: 2009.0625.1812.30825)
ccc-utility64 (Version: 2009.0625.1812.30825)
CCC Help Chinese Standard (Version: 2009.0625.1811.30825)
CCC Help Chinese Traditional (Version: 2009.0625.1811.30825)
CCC Help Danish (Version: 2009.0625.1811.30825)
CCC Help Dutch (Version: 2009.0625.1811.30825)
CCC Help English (Version: 2009.0625.1811.30825)
CCC Help Finnish (Version: 2009.0625.1811.30825)
CCC Help French (Version: 2009.0625.1811.30825)
CCC Help German (Version: 2009.0625.1811.30825)
CCC Help Italian (Version: 2009.0625.1811.30825)
CCC Help Japanese (Version: 2009.0625.1811.30825)
CCC Help Korean (Version: 2009.0625.1811.30825)
CCC Help Norwegian (Version: 2009.0625.1811.30825)
CCC Help Portuguese (Version: 2009.0625.1811.30825)
CCC Help Russian (Version: 2009.0625.1811.30825)
CCC Help Spanish (Version: 2009.0625.1811.30825)
CCC Help Swedish (Version: 2009.0625.1811.30825)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Dell Dock (Version: 2.0.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 140.0.212.000)
Dulux MyColour4
FastAccess (Version: 2.4.7.1)
Google Chrome (Version: 24.0.1312.57)
Google Earth (Version: 6.1.0.5001)
Google Gmail Notifier
Google Update Helper (Version: 1.3.21.135)
GoToAssist 8.0.0.514
Graboid Video 3.31 (Version: 3.31)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photo Creations (Version: 1.0.0.2024)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (Version: 14.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HPAppStudio (Version: 140.0.95.000)
HPDiagnosticAlert (Version: 1.00.0000)
HPPhotoGadget (Version: 140.0.524.000)
Intel® Rapid Storage Technology (Version: 10.5.0.1029)
Intel® Matrix Storage Manager
IrfanView (remove only) (Version: 4.27)
Java Auto Updater (Version: 2.0.7.2)
Java™ 6 Update 14 (64-bit) (Version: 6.0.140)
Java™ 6 Update 39 (Version: 6.0.390)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Default Manager (Version: 2.1.54.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1)
MSVC80_x64_v2 (Version: 1.0.3.0)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x64 (Version: 1.0.1.2)
MSVC90_x86 (Version: 1.0.1.2)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Network64 (Version: 140.0.215.000)
Network64 (Version: 140.0.221.000)
Nokia Connectivity Cable Driver (Version: 7.1.92.0)
Nokia_Multimedia_Common_Components_2_5 (Version: 2.7.69)
PC Connectivity Solution (Version: 12.0.48.0)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PowerDVD DX (Version: 8.3.5424)
PS_AIO_07_B110_SW_Min (Version: 140.0.142.000)
Qlock Pro
QuickTransfer (Version: 140.0.98.000)
Roxio Burn (Version: 1.0)
Roxio Burn (Version: 1.0.0)
Roxio Update Manager (Version: 6.0.0)
Scan (Version: 140.0.80.000)
Shared C Run-time for x64 (Version: 10.0.0)
Skins (Version: 2009.0625.1812.30825)
Skype Click to Call (Version: 6.5.11422)
Skype™ 6.1 (Version: 6.1.129)
SmartWebPrinting (Version: 140.0.186.000)
Sound Blaster X-Fi MB (Version: 1.0)
Speccy (Version: 1.20)
Spybot - Search & Destroy (Version: 2.0.12)
Status (Version: 140.0.256.000)
Synaptics Pointing Device Driver (Version: 13.2.2.2)
Toolbox (Version: 140.0.428.000)
TrayApp (Version: 140.0.212.000)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
WebReg (Version: 140.0.212.017)
WIDCOMM Bluetooth Software (Version: 6.2.0.9600)
Windows Driver Package - Atheros Communications Inc. (arusb_lhx) Net  (09/25/2008 3.1.0.101) (Version: 09/25/2008 3.1.0.101)
Windows Driver Package - NETGEAR Inc. (RTL8187) Net  (12/01/2006 6.1258.1201.2006) (Version: 12/01/2006 6.1258.1201.2006)
Windows Driver Package - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
Windows Driver Package - Thomson (USB_RNDIS) Net  (02/15/2007 2.0.0.0) (Version: 02/15/2007 2.0.0.0)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
 
========================= Devices: ================================
 
Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: facap, FastAccess Video Capture
Description: facap, FastAccess Video Capture
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Sensible Vision
Service: FACAP
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 51%
Total physical RAM: 4090.96 MB
Available physical RAM: 1987.67 MB
Total Pagefile: 8180.11 MB
Available Pagefile: 5790.25 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.09 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:283.4 GB) (Free:225.18 GB) NTFS
2 Drive d: (DATAPART1) (Fixed) (Total:298.09 GB) (Free:297.98 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\DOGSONE
 
Administrator            Dog                      Guest                    
 
========================= Minidump Files ==================================
 
No minidump file found
 
 
**** End of log ****
 
 
Here is the Checkup.txt from Screen 317...
 

 Results of screen317's Security Check version 0.99.57  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 9  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
AVG Anti-Virus Free Edition 2013   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Spybot - Search & Destroy 
 AVG PC TuneUp   
 AVG PC TuneUp Language Pack (en-US) 
 Java™ 6 Update 39  
 Java version out of Date! 
 Adobe Flash Player 10 Flash Player out of Date! 
  Adobe Flash Player 11.4.402.287 Flash Player out of Date!  
 Adobe Reader 10.1.1 Adobe Reader out of Date!  
 Google Chrome 24.0.1312.52  
 Google Chrome 24.0.1312.57  
````````Process Check: objlist.exe by Laurent````````  
 Spybot Teatimer.exe is disabled! 
 AVG avgwdsvc.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 0% 
````````````````````End of Log`````````````````````` 
 
Ok thats the first lot done...just out for a couple of hours and will do your next instruction post when I get back.
Again your time and expertise is much appreciated =))


#10 Waterlilyz

Waterlilyz
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Australia
  • Local time:10:36 AM

Posted 09 February 2013 - 12:29 AM

Here are the results of SystemLook.....

 

 

SystemLook 30.07.11 by jpshortstuff
Log created at 15:25 on 09/02/2013 by Dog
Administrator - Elevation successful
 
========== filefind ==========
 
Searching for "Cryptosd.sys"
C:\Windows\System32\drivers\CryptOSD.sys    --a---- 431488 bytes    [09:35 25/06/2009]    [09:35 25/06/2009] 0D7F96AF026D7C1AFDE2A83980A65018
C:\Windows\System32\DriverStore\FileRepository\cryptosd.inf_amd64_neutral_17d93ef7f91f1446\CryptOSD.sys    --a---- 431488 bytes    [09:35 25/06/2009]    [09:35 25/06/2009] B9B502F6CB17BD16346F9B21307F6ABA
 
-= EOF =-
 
Thank you!


#11 Waterlilyz

Waterlilyz
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Australia
  • Local time:10:36 AM

Posted 09 February 2013 - 12:31 AM

Here is the result of SystemLook....

 

 

SystemLook 30.07.11 by jpshortstuff
Log created at 15:25 on 09/02/2013 by Dog
Administrator - Elevation successful
 
========== filefind ==========
 
Searching for "Cryptosd.sys"
C:\Windows\System32\drivers\CryptOSD.sys    --a---- 431488 bytes    [09:35 25/06/2009]    [09:35 25/06/2009] 0D7F96AF026D7C1AFDE2A83980A65018
C:\Windows\System32\DriverStore\FileRepository\cryptosd.inf_amd64_neutral_17d93ef7f91f1446\CryptOSD.sys    --a---- 431488 bytes    [09:35 25/06/2009]    [09:35 25/06/2009] B9B502F6CB17BD16346F9B21307F6ABA
 
-= EOF =-
 
Thank you......hope you are having a great weekend!


#12 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:36 AM

Posted 09 February 2013 - 02:12 AM

Hi -

 

Sorry I missed your reply, but I was called out for a while -

Back soon -



#13 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:36 AM

Posted 09 February 2013 - 02:48 AM

Hello -

First -

You have had a minor infection as Hosts content is currently vacant. Follow this -

http://go.microsoft.com/?linkid=9668866 << Run this M/soft Fixit Program
Click Run and follow any onscreen directions - This will also reset your Hosts File for you -

 

Thank You -



#14 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:36 AM

Posted 09 February 2013 - 03:41 AM

Hi -
Please note that the torum is usually closed for 10 to 15 minutes around 4 to 5 PM our time for a cleanup


Well we did find that the C:\Windows\System32\drivers\CryptOSD.sys exists. I just need to find how to enable it.


These programs can be deleted from Control Panel > Programs and Features ........
AVG PC TuneUp (Version: 12.0.4000.108)
AVG PC TuneUp Language Pack (en-US) (Version: 12.0.4000.108)
Adobe AIR (Version: 1.5.3.9130) < Now "End of Life" program
Java™ 6 Update 14 (64-bit) (Version: 6.0.140)
Java™ 6 Update 39 (Version: 6.0.390)
Current Java is 7 Update 13 - Look in Control panel for a Java Icon - Open it and the second Tab is Update - Click on this -
Then click on Update at the bottom Right side -


Have you deliberately disabled  these 2, or are they meant to be running >
Photosmart B110 series
FastAccess Video Capture


Please download, Update, and run Full scans with Malwarebytes Anti-Malware Free and SuperantiSpyware Free
Each one will create a log - Please post it back here


Thank You -



#15 Waterlilyz

Waterlilyz
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Australia
  • Local time:10:36 AM

Posted 09 February 2013 - 07:40 AM

Hello...

 

Have run the Msoft Fixit program, removed the programs as requested and installed the Java7 Update13.

 

Yes those 2 are deliberately disabled at present.

 

Will run the other 2 programs tomorrow.

 

Thanks again =))






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users