subject:"Weird machine issue \(home user\)"

RE: Weird machine issue (home user)

2011-07-06 Thread John Aldrich

Yeah... well, it'll be up to the user... :D




-Original Message-
From: kz2...@googlemail.com [mailto:kz2...@googlemail.com] 
Sent: Wednesday, July 06, 2011 2:19 PM
To: NT System Admin Issues
Subject: Re: Weird machine issue (home user)

There may be things that no one has discovered yet. Don't forget these AV
products are mainly reactive.

Nuke it :-)

Sent from my POS BlackBerry  wireless device, which may wipe itself at any
moment

-Original Message-
From: "John Aldrich" 
Date: Wed, 6 Jul 2011 13:43:25 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Weird machine issue (home user)

That was my thought, but I ran TDSSKiller and it didn't find anything...
*shrug* I'm sure there are other rootkits, but Vipre Home Premium is loaded
on there as is Malware Bytes. 



From: richardmccl...@aspca.org [mailto:richardmccl...@aspca.org] 
Sent: Wednesday, July 06, 2011 1:41 PM
To: NT System Admin Issues
Subject: RE: Weird machine issue (home user)


This is sounding more and more like a root kit of some sort! 
-- 
richard 

"John Aldrich"  wrote on 07/06/2011 12:38:41
PM:

> Another thing is that when you go to add/remove programs, it never shows
any
> programs in there... not sure if it's "hidden" or if it's just so slow
it's
> taking too long to show.
> 
> 
> 
> 
> -Original Message-
> From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
> Sent: Tuesday, July 05, 2011 10:09 PM
> To: NT System Admin Issues
> Subject: Weird machine issue (home user)
> 
> One of my former co-workers asked me to look at his computer awhile back.
I 
> cleaned a piece of malware off it and he was happy. A few weeks back he 
> called me and said it was acting strange again, so i took a look at it and

> ran the usual tests (malware bytes, Vipre Rescue) and nothing was found. I

> ran the "autoruns" and found a few "suspicious" or unnecessary things at 
> startup so I disabled those. 
> 
> The computer in question is a few years old Dell running XP Media Center. 
> It has Vipre Home Premium on it. This afternoon I ran TDSSKiller on it and

> *that* didn't find anything.
> 
> The main symptoms are just general sluggishness opening *any* app and 
> severe sluggishness on the internet. The internet *could* be the ISP. He's

> getting about 2.5 mb/sec down and should be getting at least 10, from what

> I've been told.
> 
> Anyway, just wondering if anyone has any suggestions on any other
utilities 
> I could try or any other suggestions?
> -- 
> Thanks,
> John Aldrich
> Blueridge Industries
> IT Manager
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> 
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> 
> ---
> To manage subscriptions click here: http://lyris.sunbelt-software.
> com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Weird machine issue (home user)

2011-07-06 Thread kz20fl

There may be things that no one has discovered yet. Don't forget these AV 
products are mainly reactive.

Nuke it :-)

Sent from my POS BlackBerry  wireless device, which may wipe itself at any 
moment

-Original Message-
From: "John Aldrich" 
Date: Wed, 6 Jul 2011 13:43:25 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Weird machine issue (home user)

That was my thought, but I ran TDSSKiller and it didn't find anything...
*shrug* I'm sure there are other rootkits, but Vipre Home Premium is loaded
on there as is Malware Bytes. 



From: richardmccl...@aspca.org [mailto:richardmccl...@aspca.org] 
Sent: Wednesday, July 06, 2011 1:41 PM
To: NT System Admin Issues
Subject: RE: Weird machine issue (home user)


This is sounding more and more like a root kit of some sort! 
-- 
richard 

"John Aldrich"  wrote on 07/06/2011 12:38:41
PM:

> Another thing is that when you go to add/remove programs, it never shows
any
> programs in there... not sure if it's "hidden" or if it's just so slow
it's
> taking too long to show.
> 
> 
> 
> 
> -Original Message-
> From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
> Sent: Tuesday, July 05, 2011 10:09 PM
> To: NT System Admin Issues
> Subject: Weird machine issue (home user)
> 
> One of my former co-workers asked me to look at his computer awhile back.
I 
> cleaned a piece of malware off it and he was happy. A few weeks back he 
> called me and said it was acting strange again, so i took a look at it and

> ran the usual tests (malware bytes, Vipre Rescue) and nothing was found. I

> ran the "autoruns" and found a few "suspicious" or unnecessary things at 
> startup so I disabled those. 
> 
> The computer in question is a few years old Dell running XP Media Center. 
> It has Vipre Home Premium on it. This afternoon I ran TDSSKiller on it and

> *that* didn't find anything.
> 
> The main symptoms are just general sluggishness opening *any* app and 
> severe sluggishness on the internet. The internet *could* be the ISP. He's

> getting about 2.5 mb/sec down and should be getting at least 10, from what

> I've been told.
> 
> Anyway, just wondering if anyone has any suggestions on any other
utilities 
> I could try or any other suggestions?
> -- 
> Thanks,
> John Aldrich
> Blueridge Industries
> IT Manager
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> 
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> 
> ---
> To manage subscriptions click here: http://lyris.sunbelt-software.
> com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Weird machine issue (home user)

2011-07-06 Thread Kennedy, Jim

First he gets his 'stuff' off to dvd then I would boot to the recovery console 
and run 'fixmbr'. Then use the restore disk.

-Original Message-
From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Wednesday, July 06, 2011 1:54 PM
To: NT System Admin Issues
Subject: RE: Weird machine issue (home user)

Yeah... I may just advise the user to wipe it and reinstall... Will the OEM 
"restore" disk be sufficient or would you use like a linux boot disk first to 
wipe it and then reinstall with the restore disk?



From: Shauna Hensala [mailto:she...@msn.com]
Sent: Wednesday, July 06, 2011 1:51 PM
To: NT System Admin Issues
Subject: RE: Weird machine issue (home user)

There are a ton of rootkits out there - the purpose of each is to avoid 
detection - just because you can't find it does not mean it is not present.

Shauna Hensala



> From: jaldr...@blueridgecarpet.com
> To: ntsysadmin@lyris.sunbelt-software.com
> Subject: RE: Weird machine issue (home user)
> Date: Wed, 6 Jul 2011 13:43:25 -0400
> 
> That was my thought, but I ran TDSSKiller and it didn't find anything...
> *shrug* I'm sure there are other rootkits, but Vipre Home Premium is
loaded
> on there as is Malware Bytes. 
> 
> 
> 
> From: richardmccl...@aspca.org [mailto:richardmccl...@aspca.org]
> Sent: Wednesday, July 06, 2011 1:41 PM
> To: NT System Admin Issues
> Subject: RE: Weird machine issue (home user)
> 
> 
> This is sounding more and more like a root kit of some sort! 
> --
> richard
> 
> "John Aldrich"  wrote on 07/06/2011 
> 12:38:41
> PM:
> 
> > Another thing is that when you go to add/remove programs, it never 
> > shows
> any
> > programs in there... not sure if it's "hidden" or if it's just so 
> > slow
> it's
> > taking too long to show.
> > 
> > 
> > 
> > 
> > -Original Message-
> > From: John Aldrich [mailto:jaldr...@blueridgecarpet.com]
> > Sent: Tuesday, July 05, 2011 10:09 PM
> > To: NT System Admin Issues
> > Subject: Weird machine issue (home user)
> > 
> > One of my former co-workers asked me to look at his computer awhile
back.
> I
> > cleaned a piece of malware off it and he was happy. A few weeks back 
> > he called me and said it was acting strange again, so i took a look 
> > at it
and
> 
> > ran the usual tests (malware bytes, Vipre Rescue) and nothing was found.
I
> 
> > ran the "autoruns" and found a few "suspicious" or unnecessary 
> > things at

> > startup so I disabled those. 
> > 
> > The computer in question is a few years old Dell running XP Media
Center. 
> > It has Vipre Home Premium on it. This afternoon I ran TDSSKiller on 
> > it
and
> 
> > *that* didn't find anything.
> > 
> > The main symptoms are just general sluggishness opening *any* app 
> > and severe sluggishness on the internet. The internet *could* be the ISP.
He's
> 
> > getting about 2.5 mb/sec down and should be getting at least 10, 
> > from
what
> 
> > I've been told.
> > 
> > Anyway, just wondering if anyone has any suggestions on any other
> utilities
> > I could try or any other suggestions?
> > --
> > Thanks,
> > John Aldrich
> > Blueridge Industries
> > IT Manager
> > 
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
> > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> > 
> > ---
> > To manage subscriptions click here:
> > http://lyris.sunbelt-software.com/read/my_forums/
> > or send an email to listmana...@lyris.sunbeltsoftware.com
> > with the body: unsubscribe ntsysadmin
> > 
> > 
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
> > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> > 
> > ---
> > To manage subscriptions click here: http://lyris.sunbelt-software.
> > com/read/my_forums/
> > or send an email to listmana...@lyris.sunbeltsoftware.com
> > with the body: unsubscribe ntsysadmin
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> 
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
> 
> ---
>

RE: Weird machine issue (home user)

2011-07-06 Thread John Aldrich

Yeah... I may just advise the user to wipe it and reinstall... Will the OEM
"restore" disk be sufficient or would you use like a linux boot disk first
to wipe it and then reinstall with the restore disk?



From: Shauna Hensala [mailto:she...@msn.com] 
Sent: Wednesday, July 06, 2011 1:51 PM
To: NT System Admin Issues
Subject: RE: Weird machine issue (home user)

There are a ton of rootkits out there - the purpose of each is to avoid
detection - just because you can't find it does not mean it is not present.

Shauna Hensala



> From: jaldr...@blueridgecarpet.com
> To: ntsysadmin@lyris.sunbelt-software.com
> Subject: RE: Weird machine issue (home user)
> Date: Wed, 6 Jul 2011 13:43:25 -0400
> 
> That was my thought, but I ran TDSSKiller and it didn't find anything...
> *shrug* I'm sure there are other rootkits, but Vipre Home Premium is
loaded
> on there as is Malware Bytes. 
> 
> 
> 
> From: richardmccl...@aspca.org [mailto:richardmccl...@aspca.org] 
> Sent: Wednesday, July 06, 2011 1:41 PM
> To: NT System Admin Issues
> Subject: RE: Weird machine issue (home user)
> 
> 
> This is sounding more and more like a root kit of some sort! 
> -- 
> richard 
> 
> "John Aldrich"  wrote on 07/06/2011 12:38:41
> PM:
> 
> > Another thing is that when you go to add/remove programs, it never shows
> any
> > programs in there... not sure if it's "hidden" or if it's just so slow
> it's
> > taking too long to show.
> > 
> > 
> > 
> > 
> > -----Original Message-
> > From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
> > Sent: Tuesday, July 05, 2011 10:09 PM
> > To: NT System Admin Issues
> > Subject: Weird machine issue (home user)
> > 
> > One of my former co-workers asked me to look at his computer awhile
back.
> I 
> > cleaned a piece of malware off it and he was happy. A few weeks back he 
> > called me and said it was acting strange again, so i took a look at it
and
> 
> > ran the usual tests (malware bytes, Vipre Rescue) and nothing was found.
I
> 
> > ran the "autoruns" and found a few "suspicious" or unnecessary things at

> > startup so I disabled those. 
> > 
> > The computer in question is a few years old Dell running XP Media
Center. 
> > It has Vipre Home Premium on it. This afternoon I ran TDSSKiller on it
and
> 
> > *that* didn't find anything.
> > 
> > The main symptoms are just general sluggishness opening *any* app and 
> > severe sluggishness on the internet. The internet *could* be the ISP.
He's
> 
> > getting about 2.5 mb/sec down and should be getting at least 10, from
what
> 
> > I've been told.
> > 
> > Anyway, just wondering if anyone has any suggestions on any other
> utilities 
> > I could try or any other suggestions?
> > -- 
> > Thanks,
> > John Aldrich
> > Blueridge Industries
> > IT Manager
> > 
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> > 
> > ---
> > To manage subscriptions click here:
> > http://lyris.sunbelt-software.com/read/my_forums/
> > or send an email to listmana...@lyris.sunbeltsoftware.com
> > with the body: unsubscribe ntsysadmin
> > 
> > 
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> > 
> > ---
> > To manage subscriptions click here: http://lyris.sunbelt-software.
> > com/read/my_forums/
> > or send an email to listmana...@lyris.sunbeltsoftware.com
> > with the body: unsubscribe ntsysadmin
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> 
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
> 
> ---
> To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
> 
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Weird machine issue (home user)

2011-07-06 Thread Shauna Hensala


There are a ton of rootkits out there - the purpose of each is to avoid 
detection - just because you can't find it does not mean it is not present.

Shauna Hensala




> From: jaldr...@blueridgecarpet.com
> To: ntsysadmin@lyris.sunbelt-software.com
> Subject: RE: Weird machine issue (home user)
> Date: Wed, 6 Jul 2011 13:43:25 -0400
> 
> That was my thought, but I ran TDSSKiller and it didn't find anything...
> *shrug* I'm sure there are other rootkits, but Vipre Home Premium is loaded
> on there as is Malware Bytes. 
> 
> 
> 
> From: richardmccl...@aspca.org [mailto:richardmccl...@aspca.org] 
> Sent: Wednesday, July 06, 2011 1:41 PM
> To: NT System Admin Issues
> Subject: RE: Weird machine issue (home user)
> 
> 
> This is sounding more and more like a root kit of some sort! 
> -- 
> richard 
> 
> "John Aldrich"  wrote on 07/06/2011 12:38:41
> PM:
> 
> > Another thing is that when you go to add/remove programs, it never shows
> any
> > programs in there... not sure if it's "hidden" or if it's just so slow
> it's
> > taking too long to show.
> > 
> > 
> > 
> > 
> > -Original Message-----
> > From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
> > Sent: Tuesday, July 05, 2011 10:09 PM
> > To: NT System Admin Issues
> > Subject: Weird machine issue (home user)
> > 
> > One of my former co-workers asked me to look at his computer awhile back.
> I 
> > cleaned a piece of malware off it and he was happy. A few weeks back he 
> > called me and said it was acting strange again, so i took a look at it and
> 
> > ran the usual tests (malware bytes, Vipre Rescue) and nothing was found. I
> 
> > ran the "autoruns" and found a few "suspicious" or unnecessary things at 
> > startup so I disabled those. 
> > 
> > The computer in question is a few years old Dell running XP Media Center. 
> > It has Vipre Home Premium on it. This afternoon I ran TDSSKiller on it and
> 
> > *that* didn't find anything.
> > 
> > The main symptoms are just general sluggishness opening *any* app and 
> > severe sluggishness on the internet. The internet *could* be the ISP. He's
> 
> > getting about 2.5 mb/sec down and should be getting at least 10, from what
> 
> > I've been told.
> > 
> > Anyway, just wondering if anyone has any suggestions on any other
> utilities 
> > I could try or any other suggestions?
> > -- 
> > Thanks,
> > John Aldrich
> > Blueridge Industries
> > IT Manager
> > 
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> > 
> > ---
> > To manage subscriptions click here:
> > http://lyris.sunbelt-software.com/read/my_forums/
> > or send an email to listmana...@lyris.sunbeltsoftware.com
> > with the body: unsubscribe ntsysadmin
> > 
> > 
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> > 
> > ---
> > To manage subscriptions click here: http://lyris.sunbelt-software.
> > com/read/my_forums/
> > or send an email to listmana...@lyris.sunbeltsoftware.com
> > with the body: unsubscribe ntsysadmin
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> 
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> 
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
> 
  
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Weird machine issue (home user)

2011-07-06 Thread Shauna Hensala


is the add/remove issue new?  

Is this device patched current for windows?
Are drivers current?  
Have you run a secunia scan against it see what vulnerable software packages 
may be under exploitation?
How much RAM is in the device?
How much free space is available?
What is the setting for the page file?
Have you deleted temp internet files?
Have you run ccleaner on this device?
How long since disk cleanup has been run?
Has the hard drive EVER been defragged?
Have you tried creating a new account and putting it in the admin group to 
check for the same misbehavior?

There are a ton of 'standard' troubleshooting measures to complete but you make 
no mention of having run through any of them so it is hard to know where to 
start.

Shauna Hensala




> From: jaldr...@blueridgecarpet.com
> To: ntsysadmin@lyris.sunbelt-software.com
> Subject: RE: Weird machine issue (home user)
> Date: Wed, 6 Jul 2011 13:38:41 -0400
> 
> Another thing is that when you go to add/remove programs, it never shows any
> programs in there... not sure if it's "hidden" or if it's just so slow it's
> taking too long to show.
> 
> 
> 
> 
> -Original Message-
> From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
> Sent: Tuesday, July 05, 2011 10:09 PM
> To: NT System Admin Issues
> Subject: Weird machine issue (home user)
> 
> One of my former co-workers asked me to look at his computer awhile back. I 
> cleaned a piece of malware off it and he was happy. A few weeks back he 
> called me and said it was acting strange again, so i took a look at it and 
> ran the usual tests (malware bytes, Vipre Rescue) and nothing was found. I 
> ran the "autoruns" and found a few "suspicious" or unnecessary things at 
> startup so I disabled those. 
> 
> The computer in question is a few years old Dell running XP Media Center. 
> It has Vipre Home Premium on it. This afternoon I ran TDSSKiller on it and 
> *that* didn't find anything.
> 
> The main symptoms are just general sluggishness opening *any* app and 
> severe sluggishness on the internet. The internet *could* be the ISP. He's 
> getting about 2.5 mb/sec down and should be getting at least 10, from what 
> I've been told.
> 
> Anyway, just wondering if anyone has any suggestions on any other utilities 
> I could try or any other suggestions?
> -- 
> Thanks,
> John Aldrich
> Blueridge Industries
> IT Manager
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> 
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> 
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
  
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Weird machine issue (home user)

2011-07-06 Thread John Aldrich

That was my thought, but I ran TDSSKiller and it didn't find anything...
*shrug* I'm sure there are other rootkits, but Vipre Home Premium is loaded
on there as is Malware Bytes. 



From: richardmccl...@aspca.org [mailto:richardmccl...@aspca.org] 
Sent: Wednesday, July 06, 2011 1:41 PM
To: NT System Admin Issues
Subject: RE: Weird machine issue (home user)


This is sounding more and more like a root kit of some sort! 
-- 
richard 

"John Aldrich"  wrote on 07/06/2011 12:38:41
PM:

> Another thing is that when you go to add/remove programs, it never shows
any
> programs in there... not sure if it's "hidden" or if it's just so slow
it's
> taking too long to show.
> 
> 
> 
> 
> -Original Message-
> From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
> Sent: Tuesday, July 05, 2011 10:09 PM
> To: NT System Admin Issues
> Subject: Weird machine issue (home user)
> 
> One of my former co-workers asked me to look at his computer awhile back.
I 
> cleaned a piece of malware off it and he was happy. A few weeks back he 
> called me and said it was acting strange again, so i took a look at it and

> ran the usual tests (malware bytes, Vipre Rescue) and nothing was found. I

> ran the "autoruns" and found a few "suspicious" or unnecessary things at 
> startup so I disabled those. 
> 
> The computer in question is a few years old Dell running XP Media Center. 
> It has Vipre Home Premium on it. This afternoon I ran TDSSKiller on it and

> *that* didn't find anything.
> 
> The main symptoms are just general sluggishness opening *any* app and 
> severe sluggishness on the internet. The internet *could* be the ISP. He's

> getting about 2.5 mb/sec down and should be getting at least 10, from what

> I've been told.
> 
> Anyway, just wondering if anyone has any suggestions on any other
utilities 
> I could try or any other suggestions?
> -- 
> Thanks,
> John Aldrich
> Blueridge Industries
> IT Manager
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> 
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> 
> ---
> To manage subscriptions click here: http://lyris.sunbelt-software.
> com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Weird machine issue (home user)

2011-07-06 Thread Kennedy, Jim

HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall and make sure system 
and you have full control on that key. That should populate the list and I bet 
you find something in there that is doing all this.

But I would just fdisk it myself at this point.

-Original Message-
From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Wednesday, July 06, 2011 1:39 PM
To: NT System Admin Issues
Subject: RE: Weird machine issue (home user)

Another thing is that when you go to add/remove programs, it never shows any
programs in there... not sure if it's "hidden" or if it's just so slow it's
taking too long to show.

-Original Message-
From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Tuesday, July 05, 2011 10:09 PM
To: NT System Admin Issues
Subject: Weird machine issue (home user)

One of my former co-workers asked me to look at his computer awhile back. I 
cleaned a piece of malware off it and he was happy. A few weeks back he 
called me and said it was acting strange again, so i took a look at it and 
ran the usual tests (malware bytes, Vipre Rescue) and nothing was found. I 
ran the "autoruns" and found a few "suspicious" or unnecessary things at 
startup so I disabled those. 

The computer in question is a few years old Dell running XP Media Center. 
It has Vipre Home Premium on it. This afternoon I ran TDSSKiller on it and 
*that* didn't find anything.

The main symptoms are just general sluggishness opening *any* app and 
severe sluggishness on the internet. The internet *could* be the ISP. He's 
getting about 2.5 mb/sec down and should be getting at least 10, from what 
I've been told.

Anyway, just wondering if anyone has any suggestions on any other utilities 
I could try or any other suggestions?
-- 
Thanks,
John Aldrich
Blueridge Industries
IT Manager

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Weird machine issue (home user)

2011-07-06 Thread RichardMcClary

This is sounding more and more like a root kit of some sort!
--
richard

"John Aldrich"  wrote on 07/06/2011 12:38:41 
PM:

> Another thing is that when you go to add/remove programs, it never shows 
any
> programs in there... not sure if it's "hidden" or if it's just so slow 
it's
> taking too long to show.
> 
> 
> 
> 
> -Original Message-
> From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
> Sent: Tuesday, July 05, 2011 10:09 PM
> To: NT System Admin Issues
> Subject: Weird machine issue (home user)
> 
> One of my former co-workers asked me to look at his computer awhile 
back. I 
> cleaned a piece of malware off it and he was happy. A few weeks back he 
> called me and said it was acting strange again, so i took a look at it 
and 
> ran the usual tests (malware bytes, Vipre Rescue) and nothing was found. 
I 
> ran the "autoruns" and found a few "suspicious" or unnecessary things at 

> startup so I disabled those. 
> 
> The computer in question is a few years old Dell running XP Media 
Center. 
> It has Vipre Home Premium on it. This afternoon I ran TDSSKiller on it 
and 
> *that* didn't find anything.
> 
> The main symptoms are just general sluggishness opening *any* app and 
> severe sluggishness on the internet. The internet *could* be the ISP. 
He's 
> getting about 2.5 mb/sec down and should be getting at least 10, from 
what 
> I've been told.
> 
> Anyway, just wondering if anyone has any suggestions on any other 
utilities 
> I could try or any other suggestions?
> -- 
> Thanks,
> John Aldrich
> Blueridge Industries
> IT Manager
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> 
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> 
> ---
> To manage subscriptions click here: http://lyris.sunbelt-software.
> com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Weird machine issue (home user)

2011-07-06 Thread kz20fl

Sounds well dodgy. Nuke it from orbit.

Sent from my POS BlackBerry  wireless device, which may wipe itself at any 
moment

-Original Message-
From: "John Aldrich" 
Date: Wed, 6 Jul 2011 13:38:41 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Weird machine issue (home user)

Another thing is that when you go to add/remove programs, it never shows any
programs in there... not sure if it's "hidden" or if it's just so slow it's
taking too long to show.

-Original Message-
From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Tuesday, July 05, 2011 10:09 PM
To: NT System Admin Issues
Subject: Weird machine issue (home user)

One of my former co-workers asked me to look at his computer awhile back. I 
cleaned a piece of malware off it and he was happy. A few weeks back he 
called me and said it was acting strange again, so i took a look at it and 
ran the usual tests (malware bytes, Vipre Rescue) and nothing was found. I 
ran the "autoruns" and found a few "suspicious" or unnecessary things at 
startup so I disabled those. 

The computer in question is a few years old Dell running XP Media Center. 
It has Vipre Home Premium on it. This afternoon I ran TDSSKiller on it and 
*that* didn't find anything.

The main symptoms are just general sluggishness opening *any* app and 
severe sluggishness on the internet. The internet *could* be the ISP. He's 
getting about 2.5 mb/sec down and should be getting at least 10, from what 
I've been told.

Anyway, just wondering if anyone has any suggestions on any other utilities 
I could try or any other suggestions?
-- 
Thanks,
John Aldrich
Blueridge Industries
IT Manager

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Weird machine issue (home user)

2011-07-06 Thread John Aldrich

Another thing is that when you go to add/remove programs, it never shows any
programs in there... not sure if it's "hidden" or if it's just so slow it's
taking too long to show.




-Original Message-
From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Tuesday, July 05, 2011 10:09 PM
To: NT System Admin Issues
Subject: Weird machine issue (home user)

One of my former co-workers asked me to look at his computer awhile back. I 
cleaned a piece of malware off it and he was happy. A few weeks back he 
called me and said it was acting strange again, so i took a look at it and 
ran the usual tests (malware bytes, Vipre Rescue) and nothing was found. I 
ran the "autoruns" and found a few "suspicious" or unnecessary things at 
startup so I disabled those. 

The computer in question is a few years old Dell running XP Media Center. 
It has Vipre Home Premium on it. This afternoon I ran TDSSKiller on it and 
*that* didn't find anything.

The main symptoms are just general sluggishness opening *any* app and 
severe sluggishness on the internet. The internet *could* be the ISP. He's 
getting about 2.5 mb/sec down and should be getting at least 10, from what 
I've been told.

Anyway, just wondering if anyone has any suggestions on any other utilities 
I could try or any other suggestions?
-- 
Thanks,
John Aldrich
Blueridge Industries
IT Manager

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Weird machine issue (home user)

2011-07-06 Thread John Aldrich

On Tue July 5 2011, you wrote:
> Back the profile up to a external drive scan it from a clean machine.
> fdisk /mbr and format the drive, do a clean install and updates and
> antivirus updated then restore the data. Only then can you be sure that
> you didn't miss something and ask for repeat work.
> 
Yeah... I'm about to that point...back up the stuff you want to keep, stick 
in the restore disk and reboot.
-- 
Thanks,
John Aldrich
Blueridge Industries
IT Manager

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

re: Weird machine issue (home user)

2011-07-05 Thread techconnect

Back the profile up to a external drive scan it from a clean machine. fdisk 
/mbr and format the drive, do a clean install and updates and antivirus updated 
then restore the data. Only then can you be sure that you didn't miss something 
and ask for repeat work.

jason
One of my former co-workers asked me to look at his computer awhile back. I 
cleaned a piece of malware off it and he was happy. A few weeks back he 
called me and said it was acting strange again, so i took a look at it and 
ran the usual tests (malware bytes, Vipre Rescue) and nothing was found. I 
ran the "autoruns" and found a few "suspicious" or unnecessary things at 
startup so I disabled those. 

The computer in question is a few years old Dell running XP Media Center. 
It has Vipre Home Premium on it. This afternoon I ran TDSSKiller on it and 
*that* didn't find anything. 

The main symptoms are just general sluggishness opening *any* app and 
severe sluggishness on the internet. The internet *could* be the ISP. He's 
getting about 2.5 mb/sec down and should be getting at least 10, from what 
I've been told. 

Anyway, just wondering if anyone has any suggestions on any other utilities 
I could try or any other suggestions? 
-- 
Thanks, 
John Aldrich 
Blueridge Industries 
IT Manager 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Weird machine issue (home user)

2011-07-05 Thread Jon Harris

Have you cleared his Internet cache, have you checked the hard drive for
space and fragmentation, and have you checked that they did not just delete
an installed file instead of removing it?  I always try looking at the
simple things and go from there where possible.  It does sound like an
infection and you did not do a full reinstall so it is possible you still
have something left like a keystroke logger or maybe a backdoor on the
system.  I would look at all the possiblities not just the most likely in
this case.  It maybe the system drive is full or that the hardware is
failing.  You also at this point need to be looking at the network traffic
that is passing into and out of the system.  If there is limited or no
traffic it could indicate a failing hardware or a need to reinstall the
sockets.  If all else fails try reinstalling from known good and go from
there.

Jon

On Tue, Jul 5, 2011 at 10:08 PM, John Aldrich
wrote:

> One of my former co-workers asked me to look at his computer awhile back. I
> cleaned a piece of malware off it and he was happy. A few weeks back he
> called me and said it was acting strange again, so i took a look at it and
> ran the usual tests (malware bytes, Vipre Rescue) and nothing was found. I
> ran the "autoruns" and found a few "suspicious" or unnecessary things at
> startup so I disabled those.
>
> The computer in question is a few years old Dell running XP Media Center.
> It has Vipre Home Premium on it. This afternoon I ran TDSSKiller on it and
> *that* didn't find anything.
>
> The main symptoms are just general sluggishness opening *any* app and
> severe sluggishness on the internet. The internet *could* be the ISP. He's
> getting about 2.5 mb/sec down and should be getting at least 10, from what
> I've been told.
>
> Anyway, just wondering if anyone has any suggestions on any other utilities
> I could try or any other suggestions?
> --
> Thanks,
> John Aldrich
> Blueridge Industries
> IT Manager
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Weird machine issue (home user)

2011-07-05 Thread John Aldrich

One of my former co-workers asked me to look at his computer awhile back. I 
cleaned a piece of malware off it and he was happy. A few weeks back he 
called me and said it was acting strange again, so i took a look at it and 
ran the usual tests (malware bytes, Vipre Rescue) and nothing was found. I 
ran the "autoruns" and found a few "suspicious" or unnecessary things at 
startup so I disabled those. 

The computer in question is a few years old Dell running XP Media Center. 
It has Vipre Home Premium on it. This afternoon I ran TDSSKiller on it and 
*that* didn't find anything.

The main symptoms are just general sluggishness opening *any* app and 
severe sluggishness on the internet. The internet *could* be the ISP. He's 
getting about 2.5 mb/sec down and should be getting at least 10, from what 
I've been told.

Anyway, just wondering if anyone has any suggestions on any other utilities 
I could try or any other suggestions?
-- 
Thanks,
John Aldrich
Blueridge Industries
IT Manager

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Weird machine issue (home user)

Re: Weird machine issue (home user)

RE: Weird machine issue (home user)

RE: Weird machine issue (home user)

RE: Weird machine issue (home user)

RE: Weird machine issue (home user)

RE: Weird machine issue (home user)

RE: Weird machine issue (home user)

RE: Weird machine issue (home user)

Re: Weird machine issue (home user)

RE: Weird machine issue (home user)

Re: Weird machine issue (home user)

re: Weird machine issue (home user)

Re: Weird machine issue (home user)

Weird machine issue (home user)

15 matches

Site Navigation

Mail list logo

Footer information