|
-
July 4th, 2006, 05:42 PM
#1
Question about apps...
I've got a client who called me about his PC running slow since it came back from a DVD replacement at a major retailer (who shall remain unnamed). As he described the problem, it's obvious that WinAntiVirus 2006 is the problem. He's thinks the retailer's repair guys screwed it up, though I'm not sure. But I'd like to be sure, thus my question:
Is there any way of telling when a rogue app (or any app for that matter) got installed on a PC? In my experience, time stamps aren't always indicative of when an app went into a PC. Would the application log indicate when something like WinAntiVirus got installed?
Thanks...
“Everybody is ignorant, only on different subjects.” — Will Rogers
-
July 4th, 2006, 05:47 PM
#2
Greeting's
If the system restore is on that will ndicate all the detail you need to know of when an application got installed. 
Parth Maniar,
CISSP, CISM, CISA, SSCP
*Thank you GOD*
Greater the Difficulty, SWEETER the Victory.
Believe in yourself.
-
July 5th, 2006, 03:27 AM
#3
Well, WinAntivirus isn't something that I would install 
http://www.spywarewarrior.com/rogue_anti-spyware.htm
You don't say what OS he is running or what other interactive security products are there. For example, if he has XP SP2 is the firewall activated?
As a general rule you should not run more than one interactive AV, Firewall and pop-up stopper.
I do not see how replacing a DVD drive could affect a security application. All you would do is install a driver, as the DVD management tools should already be there?
I would get rid of WinAntivirus 
-
July 5th, 2006, 03:40 AM
#4
Oh yeah, WinAV is out the door when I get there. He's running XP (Home?) with SP 1 or 2. I'll shake the whole thing down and run any needed updates. You know, the SOB (standard operating bullscheiss).
This guy asked me to replace his DVD a few weeks back and I begged off, telling him to take it into a store for replacement. All I know is he calls me last night, telling me it hasn't been right since it came back and could I come look at it. He said something called WinAV kept giving him pop-ups. He doesn't recall installing WinAV, and why would he? Apps like that got a way of sneakin' in...it's an ActiveX/IE thing you know.
“Everybody is ignorant, only on different subjects.” — Will Rogers
-
July 5th, 2006, 11:03 AM
#5
I've worked at a service center for years.. I've heard it a million times before....
"After I got my machine back, this or that doesn't work anymore"
Yeah, right.. That $h1t never worked.. So don't blame me 
"After I got my machine back it runs really slow"
Yeah right, there is such a thing as perception... They "think" it's slower and blame you...
It is possible though but any respectable service center wouldn't install ad- or spyware.. I'm sure of that.. Heck, they probably scanned it with all sorts of tools just to make sure it's clean.. At least that's what we did..
Oliver's Law:
Experience is something you don't get until just after you need it.
-
July 5th, 2006, 11:46 AM
#6
Yeah, SirDice, I hear it all the time. I doubt it went in at the shop.
I had the guy on Firefox for a browser, but he switched back to IE. Pretty sure WinAV installs via ActiveX/IE combo (like SpyFalcon). Probably picked it up via a gambling site (they're the worst anymore).
I just wanna know so I can show him when it went in.
“Everybody is ignorant, only on different subjects.” — Will Rogers
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote