The new forums will be named Coin Return (based on the most recent vote)! You can check on the status and timeline of the transition to the new forums here.
The Guiding Principles and New Rules document is now in effect.

Computer Help

Josiah_9Josiah_9 Registered User regular
edited June 2008 in Help / Advice Forum
Hey smarter people than me, one of my coworkers is having some computer issues. The computer in question has had some slow down issues. I ran spyware and anti-viris, couldn't find anything. Now, the unit just shut it self off.So I ran Hijackthis and here is my long:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:33:26 AM, on 6/25/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDA.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live Toolbar\msn_sl.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.live.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [EPSON Stylus CX7400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDA.EXE /FU "C:\WINDOWS\TEMP\E_S7C.tmp" /EF "HKCU"
O4 - Global Startup: MRI_DISABLED
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.hotmail.com
O15 - Trusted Zone: http://aic.lgservice.com
O15 - Trusted Zone: http://biz.lgservice.com
O15 - Trusted Zone: http://www.myspace.com
O15 - Trusted Zone: http://www.whateverlife.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1207930493015
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1207930844765
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 4865 bytes

Any thing look questionable? Any ideas how to proceed?

Saturate.jpg
Josiah_9 on

Posts

  • bowenbowen Sup? Registered User regular
    edited June 2008
    Everything looks fairly standard. How the hardware on the computer? (it may be at it's end-of-life)

    bowen on
    not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
  • embrikembrik Registered User regular
    edited June 2008
    The stuff in the spool directory is not required. If you can end-task e_faticda.exe, wrtmon.exe and wrtproc.exe and still print, their startup references can be removed. That might help w/ speed a little.

    Anyway, all of the programs seem legit, although some are unnecessary. That's not to say that the PC isn't infected. I didn't see any references to antivirus. Do you have an AV client installed?

    embrik on
    "Damn you and your Daily Doubles, you brigand!"

    I don't believe it - I'm on my THIRD PS3, and my FIRST XBOX360. What the heck?
  • Josiah_9Josiah_9 Registered User regular
    edited June 2008
    Yes I have McAfee and adaware updated and no problems found. To further explaine my problem, we are using a small schedualing software at work. My coworker keeps getting major delay in switching screens, ect. The companys support is telling us it is because of issues on our end, I don't beleve it to be true.

    Thanks for the help, thats all I needed to know.

    Josiah_9 on
    Saturate.jpg
  • bowenbowen Sup? Registered User regular
    edited June 2008
    Josiah_9 wrote: »
    Yes I have McAfee and adaware updated and no problems found. To further explaine my problem, we are using a small schedualing software at work. My coworker keeps getting major delay in switching screens, ect. The companys support is telling us it is because of issues on our end, I don't beleve it to be true.

    Thanks for the help, thats all I needed to know.

    Is anything else giving you a similar delay?

    I ask because in order for it to be on your end and to troubleshoot you're going to have to know what part of your end is causing the problem. This usually stems from them using a third party tool-kit, like GTK or some-such, and the installation has become corrupt. If no other programs are giving you a delay, it's most likely a fubared install. Is this the only application that experiences sluggish performance? And, if you don't mind me asking, what is the application?

    bowen on
    not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
  • Josiah_9Josiah_9 Registered User regular
    edited June 2008
    Josiah_9 on
    Saturate.jpg
  • bowenbowen Sup? Registered User regular
    edited June 2008
    Josiah_9 wrote: »

    Jesus, okay.

    When you have them on the phone you need to give them the third degree. You need to know what is the problem, how they know specifically it isn't theirs, and what they've been checking on their end to understand. It's one thing to have a perfectly configured client on your end, but unless they've remote controlled that machine, they don't have a damned idea if it's their end or not. They're just trying to get you off the phone.

    I don't see this being a "your end" problem as much as a "I can't reproduce it on my end so I can't and won't troubleshoot this further despite it possibly being some obscure configuration issue solely tied to your workstation."

    I'm pissed off because I had to get up at 3:00am one time for this, and it turns out it was their problem because their automated installer deleted a needed configuration file.

    [/rant]

    bowen on
    not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
  • Josiah_9Josiah_9 Registered User regular
    edited June 2008
    ah, so you are familiar? The support line is less than helpful.

    Josiah_9 on
    Saturate.jpg
  • bowenbowen Sup? Registered User regular
    edited June 2008
    Josiah_9 wrote: »
    ah, so you are familiar? The support line is less than helpful.

    Well, we delt with another POS style system. But yeah, same thing. I also had to argue with Verizon for about 3 days that it wasn't a router issue that a client was having. Turns out it was a short in their FIOS interface unit (whatever they are called).

    Get him to admit to you what he knows and how he came to the conclusion that it's not their problem. Did they remote in to help you?

    bowen on
    not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
Sign In or Register to comment.