also @ TechSpot: Codemasters announces £125,000 special edition of GRID 2

Computer running incredibly slow, and it is spreading

Discussion in 'Virus and Malware Removal' started by Corsaiga, Aug 12, 2010.

Page 2 of 2

  1. Corsaiga Newcomer, in training Posts: 20

    Part 3
    [ Application Events ]
    Error - 8/24/2010 4:35:54 PM | Computer Name = HANCOCK-HR | Source = Timberline | ID = 100
    Description =

    Error - 8/26/2010 8:11:48 AM | Computer Name = HANCOCK-HR | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
    Description = EventType clr20r3, P1 simnotify.exe, P2 9.7.0.0, P3 4bc5a08e, P4 sage.sim.desktopnotification.clientlibrary,
    P5 9.7.0.0, P6 4bc5a06b, P7 1e, P8 2e, P9 system.nullreferenceexception, P10 NIL.

    Error - 8/26/2010 8:12:17 AM | Computer Name = HANCOCK-HR | Source = UserInit | ID = 1000
    Description = Could not execute the following script C:\WINDOWS\SYSVOL\sysvol\englishconst.com\scripts\logon.bat.
    The system cannot find the file specified. .

    Error - 8/26/2010 9:15:55 AM | Computer Name = HANCOCK-HR | Source = Application Error | ID = 1000
    Description = Faulting application zshp1020.exe, version 1.0.1007.0, faulting module
    zshp1020.exe, version 1.0.1007.0, fault address 0x0001eb8f.

    Error - 8/26/2010 2:43:20 PM | Computer Name = HANCOCK-HR | Source = Microsoft Office 11 | ID = 1000
    Description = Faulting application msaccess.exe, version 11.0.8321.0, stamp 4b4f9cfd,
    faulting module tscommon.dll, version 9.7.1.114, stamp 4bbd50f1, debug? 0, fault
    address 0x00244846.

    Error - 8/26/2010 4:13:46 PM | Computer Name = HANCOCK-HR | Source = Microsoft Office 11 | ID = 1000
    Description = Faulting application msaccess.exe, version 11.0.8321.0, stamp 4b4f9cfd,
    faulting module tscommon.dll, version 9.7.1.114, stamp 4bbd50f1, debug? 0, fault
    address 0x00244846.

    Error - 8/27/2010 7:58:29 AM | Computer Name = HANCOCK-HR | Source = UserInit | ID = 1000
    Description = Could not execute the following script C:\WINDOWS\SYSVOL\sysvol\englishconst.com\scripts\logon.bat.
    The system cannot find the file specified. .

    Error - 8/27/2010 8:00:08 AM | Computer Name = HANCOCK-HR | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
    Description = EventType clr20r3, P1 simnotify.exe, P2 9.7.0.0, P3 4bc5a08e, P4 sage.sim.desktopnotification.clientlibrary,
    P5 9.7.0.0, P6 4bc5a06b, P7 1e, P8 2e, P9 system.nullreferenceexception, P10 NIL.

    Error - 8/27/2010 4:22:22 PM | Computer Name = HANCOCK-HR | Source = UserInit | ID = 1000
    Description = Could not execute the following script C:\WINDOWS\SYSVOL\sysvol\englishconst.com\scripts\logon.bat.
    The system cannot find the file specified. .

    Error - 8/27/2010 4:29:05 PM | Computer Name = HANCOCK-HR | Source = UserInit | ID = 1000
    Description = Could not execute the following script C:\WINDOWS\SYSVOL\sysvol\englishconst.com\scripts\logon.bat.
    The system cannot find the file specified. .

    [ Sage Events ]
    Error - 6/29/2010 2:11:28 PM | Computer Name = HANCOCK-HR | Source = Sage Diagnostics | ID = 0
    Description = Minidump created at: T:\9.5\Accounting\Misc\Dumps\PR(9e8)-20100629-14112778.dmp

    Error - 6/29/2010 2:11:28 PM | Computer Name = HANCOCK-HR | Source = Sage Diagnostics | ID = 0
    Description = Aborted. Pervasive status code 161. Your system has reached the maximum
    number of licenses. This situation can occur when the Pervasive Server engine shuts
    down and another workstation takes control of the processing. Contact Timberline
    Support for a resolution [TS 2696]

    Error - 6/29/2010 2:11:45 PM | Computer Name = HANCOCK-HR | Source = Sage Diagnostics | ID = 0
    Description = Minidump created at: T:\9.5\Accounting\Misc\Dumps\IA(8d8)-20100629-14114481.dmp

    Error - 6/29/2010 2:11:45 PM | Computer Name = HANCOCK-HR | Source = Sage Diagnostics | ID = 0
    Description = Aborted. Pervasive status code 161. Your system has reached the maximum
    number of licenses. This situation can occur when the Pervasive Server engine shuts
    down and another workstation takes control of the processing. Contact Timberline
    Support for a resolution [TS 2696]

    Error - 6/29/2010 2:11:48 PM | Computer Name = HANCOCK-HR | Source = Sage Diagnostics | ID = 0
    Description = End Information Assistant

    Error - 6/29/2010 2:12:21 PM | Computer Name = HANCOCK-HR | Source = Sage Diagnostics | ID = 0
    Description = Minidump created at: T:\9.5\Accounting\Misc\Dumps\IA(5e8)-20100629-14122162.dmp

    Error - 6/29/2010 2:12:21 PM | Computer Name = HANCOCK-HR | Source = Sage Diagnostics | ID = 0
    Description = Aborted. Pervasive status code 161. Your system has reached the maximum
    number of licenses. This situation can occur when the Pervasive Server engine shuts
    down and another workstation takes control of the processing. Contact Timberline
    Support for a resolution [TS 2696]

    Error - 6/29/2010 2:12:26 PM | Computer Name = HANCOCK-HR | Source = Sage Diagnostics | ID = 0
    Description = End Information Assistant

    Error - 7/29/2010 3:07:00 PM | Computer Name = HANCOCK-HR | Source = Sage Diagnostics | ID = 0
    Description =

    Error - 8/6/2010 11:13:06 AM | Computer Name = HANCOCK-HR | Source = Business Layer | ID = 0
    Description = Message Source: tsGoldSuiteManager.SuiteManager FinalConstruct Invalid
    System Mode

    [ System Events ]
    Error - 8/12/2010 12:43:52 PM | Computer Name = HANCOCK-HR | Source = Service Control Manager | ID = 7000
    Description = The BDFsDrv service failed to start due to the following error: %%2

    Error - 8/12/2010 12:43:52 PM | Computer Name = HANCOCK-HR | Source = Service Control Manager | ID = 7000
    Description = The BDRsDrv service failed to start due to the following error: %%2

    Error - 8/12/2010 12:46:52 PM | Computer Name = HANCOCK-HR | Source = NETLOGON | ID = 5719
    Description = No Domain Controller is available for domain ENGLISHCONST due to the
    following: %%1311. Make sure that the computer is connected to the network and try
    again.
    If the problem persists, please contact your domain administrator.

    Error - 8/12/2010 12:48:40 PM | Computer Name = HANCOCK-HR | Source = Print | ID = 33
    Description = The PrintQueue Container could not be found because the DNS Domain
    name could not be retrieved. Error: 54b

    Error - 8/18/2010 8:13:31 AM | Computer Name = HANCOCK-HR | Source = DCOM | ID = 10010
    Description = The server {7E477741-01A6-4C06-9DAC-55F6174C08A3} did not register
    with DCOM within the required timeout.

    Error - 8/23/2010 8:16:02 AM | Computer Name = HANCOCK-HR | Source = DCOM | ID = 10005
    Description = DCOM got error "%1053" attempting to start the service LiveUpdate
    with arguments "" in order to run the server: {03E0E6C2-363B-11D3-B536-00902771A435}

    Error - 8/23/2010 8:16:16 AM | Computer Name = HANCOCK-HR | Source = Service Control Manager | ID = 7009
    Description = Timeout (30000 milliseconds) waiting for the LiveUpdate service to
    connect.

    Error - 8/23/2010 8:16:16 AM | Computer Name = HANCOCK-HR | Source = Service Control Manager | ID = 7000
    Description = The LiveUpdate service failed to start due to the following error:
    %%1053

    Error - 8/27/2010 4:32:28 PM | Computer Name = HANCOCK-HR | Source = SRService | ID = 104
    Description = The System Restore initialization process failed.

    Error - 8/27/2010 4:32:29 PM | Computer Name = HANCOCK-HR | Source = Service Control Manager | ID = 7023
    Description = The System Restore Service service terminated with the following error:
    %%2


    < End of report >
    Corsaiga, Aug 27, 2010
    #21

  2. Broni Malware Annihilator Posts: 39,398   +177

    Your computer would definitely benefit from adding another 512MB of RAM.

    ========================================================================

    Run OTL
    • Under the Custom Scans/Fixes box at the bottom, paste in the following

      Code:
      :OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Softwin\BitDefender10\trufos.sys -- (Trufos)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Softwin\BitDefender10\profos.sys -- (Profos)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\ADMINI~1.ENG\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys -- (BDRsDrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys -- (BDFsDrv)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present


:Services

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" =-

:Files

:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • You will get a log that shows the results of the fix. Please post it.

    =====================================================================

    Last scans....

    1. Download Security Check from HERE, and save it to your Desktop.
    • Double-click SecurityCheck.exe
    • Follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


    2. Download Temp File Cleaner (TFC)
    • Double click on TFC.exe to run the program.
    • Click on Start button to begin cleaning process.
    • TFC will close all running programs, and it may ask you to restart computer.


    3. Go to Kaspersky website and perform an online antivirus scan.

    • Disable your active antivirus program.
    • Read through the requirements and privacy statement and click on Accept button.
    • It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
    • When the downloads have finished, click on Settings.
    • Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
      • Spyware, Adware, Dialers, and other potentially dangerous programs
      • Archives
      • Mail databases
    • Click on My Computer under Scan.
    • Once the scan is complete, it will display the results. Click on View Scan Report.
    • You will see a list of infected items there. Click on Save Report As....
    • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.
    Broni, Aug 27, 2010
    #22

  3. Broni Malware Annihilator Posts: 39,398   +177

    Are you still out there?
    Broni, Sep 1, 2010
    #23
Page 2 of 2
Topic Status:
Not open for further replies.

Add New Comment

Social Login & Guest Posting

TechSpot Members
Login here or sign up for free,
it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.