generalj
New Member
- Reaction score
- 0
- Location
- Keizer, Oregon
I had a job the other day. A ladies hard drive was failing so she bought a new hdd and wanted me to install the OS on it.
On the phone before the job I asked her about the OS which is XP. She had a compaq so I asked her if she had any type of recovery reinstall cd from them for XP and she said that she didnt. So I told her about going into the start menu and finding the option to create the cd's which she found and burned 6 recovery cd's (the computer is 2 years old)
So I get to the job and I get the new hdd in and the recovery install just fine, She had the free McAfee from her comcast account before so I asked her if she would like to try AVG Free instead and she agreed. So I install SP2 all the updates, install AVG update it. and everything is going good, I install her printer software and driver etc etc.
Well I sent her an email 2 days later asking how things are going with the computer and she replied back saying everything is fine.
About an hour later after that she sent me another email with screenshots of her desktop which had been hijacked.
She ran the AVG which found 4 threats, then spybot which found 8 or so threats but the problem would stay there. She also could not get out on the net as IE would shut down as soon as she opened it. She lives 45 miles away so I tried to help her over the phone and email, she never called. I also asked if she would want me to come check it out and I would not charge her for it because I felt a little bad to be honest.
Well I noticed one of the screenshots has a threat called smitfraud. so I research it and find out that it seems to be the whole problem and that it needs to be manually removed. So you know the deal reboot to safe mode, find the files and delete them. find the registry keys and get rid of them etc etc.
I really did not want to explain her how to do this and I actually stumbled upon a program specificall made to get rid of this smitfraud and all its variants. I tested the program on my computer and it worked fine.
I sent the program to her with instruction on how to go into safe mode and told her to run this and then update her virus and run and the spybot still while in safe mode.
Well she emailed back saying she was wanting Mcafee back and could not install it because AVG would not uninstall right. Well thats an easy fix so I send her the same installer I used on her computer to install it and told her to reinstall it then uninstall because what she did was go delete files for the program but not use add/remove programs or its uninstaller so the install.log was foobar and so was the registry.
So she also mentioned to me that she contacted AVG tech support when she could not get it uninstalled and the tech would not help her because they could not find a license number for the product(the free version has tech support but they need the license number to do it) The thing is she deleted the files so the tech could not get her to open the program to retrieve the license form the about tab(yadaydayday) Well this tech also told her that the AVG Free edition only scans for virus's and will not clean,heal or get rid of them...
Oh man what is this guy on? I have used AVG for years and it has always healed my problems. Cept those nasty ones you have to do manually but even other scanner wont get rid of them
So this was really odd for me. I told her that the tech is smoking crack, well not in those words but anyways she felt I left her computer open from attacks because I used AVG.
Well I was thinking and realized that her recovery cd's were made 2 years after she got the computer and they are probably infected and the virus was on them dormant until I used them to recover the OS.
Anyways just a weird experience that I don't want to have again.
My lesson learned is this- If a customer needs to create the restore cd's make sure they update there virus scanner and do a full system deep scan prior to creating them. I know this sounds common sense but its something I just overlooked and I think a lot might just over look it too.
On the phone before the job I asked her about the OS which is XP. She had a compaq so I asked her if she had any type of recovery reinstall cd from them for XP and she said that she didnt. So I told her about going into the start menu and finding the option to create the cd's which she found and burned 6 recovery cd's (the computer is 2 years old)
So I get to the job and I get the new hdd in and the recovery install just fine, She had the free McAfee from her comcast account before so I asked her if she would like to try AVG Free instead and she agreed. So I install SP2 all the updates, install AVG update it. and everything is going good, I install her printer software and driver etc etc.
Well I sent her an email 2 days later asking how things are going with the computer and she replied back saying everything is fine.
About an hour later after that she sent me another email with screenshots of her desktop which had been hijacked.
She ran the AVG which found 4 threats, then spybot which found 8 or so threats but the problem would stay there. She also could not get out on the net as IE would shut down as soon as she opened it. She lives 45 miles away so I tried to help her over the phone and email, she never called. I also asked if she would want me to come check it out and I would not charge her for it because I felt a little bad to be honest.
Well I noticed one of the screenshots has a threat called smitfraud. so I research it and find out that it seems to be the whole problem and that it needs to be manually removed. So you know the deal reboot to safe mode, find the files and delete them. find the registry keys and get rid of them etc etc.
I really did not want to explain her how to do this and I actually stumbled upon a program specificall made to get rid of this smitfraud and all its variants. I tested the program on my computer and it worked fine.
I sent the program to her with instruction on how to go into safe mode and told her to run this and then update her virus and run and the spybot still while in safe mode.
Well she emailed back saying she was wanting Mcafee back and could not install it because AVG would not uninstall right. Well thats an easy fix so I send her the same installer I used on her computer to install it and told her to reinstall it then uninstall because what she did was go delete files for the program but not use add/remove programs or its uninstaller so the install.log was foobar and so was the registry.
So she also mentioned to me that she contacted AVG tech support when she could not get it uninstalled and the tech would not help her because they could not find a license number for the product(the free version has tech support but they need the license number to do it) The thing is she deleted the files so the tech could not get her to open the program to retrieve the license form the about tab(yadaydayday) Well this tech also told her that the AVG Free edition only scans for virus's and will not clean,heal or get rid of them...
Oh man what is this guy on? I have used AVG for years and it has always healed my problems. Cept those nasty ones you have to do manually but even other scanner wont get rid of them
So this was really odd for me. I told her that the tech is smoking crack, well not in those words but anyways she felt I left her computer open from attacks because I used AVG.
Well I was thinking and realized that her recovery cd's were made 2 years after she got the computer and they are probably infected and the virus was on them dormant until I used them to recover the OS.
Anyways just a weird experience that I don't want to have again.
My lesson learned is this- If a customer needs to create the restore cd's make sure they update there virus scanner and do a full system deep scan prior to creating them. I know this sounds common sense but its something I just overlooked and I think a lot might just over look it too.
Last edited:
