Is this the work of a virus or a rogue IT guy?

[Officebird]

Hi guys,

I have a client who has just got a new PC from a shop down the road. The guy came and set it up for her but when she asked him to download AVG he told her he wouldn't as some internet Anti Virus programmes can put viruses on your system. So he left her with no anti virus.

She has another computer which recently had a virus, and as she had no virus detection on there we have had trouble getting rid of it. Basically when I try to download any anti virus program from the web I am unable to get onto the websites. I can go on any other website but not an anti virus one.

She is convinced she hasn't put any memory sticks etc in the new PC but it seems to have the same problem. Does this sound like a virus is stopping us download anti virus software, or has the IT gut done something to the machine so we have to buy anti-virus from him?

Is there a way to do a full scan of the computer without access to anti virus sites?

This is well beyond me and the client is convinced the IT guy has done something to her machine, although tbh I can't see why he would.

ANy ideas appreciated

 

I have a client who has just got a new PC from a shop down the road. The guy came and set it up for her but when she asked him to download AVG he told her he wouldn't as some internet Anti Virus programmes can put viruses on your system. So he left her with no anti virus.

That one statement is totall Bull.:|

Certainly not AVG

Earl

 

[Officebird]

That one statement is totall Bull.:|

Certainly not AVG

Earl

Glad you said that Earl as it's exactly what I thought. It's well known and was surprised she was told that.

So is it looking like an unscrupulous IT shop then? After my clients hard earned money for their special anti virus software

 

[BITS]

Poor show on the part of the IT guy, could be the new machine has got a virus already.

 

Glad you said that Earl as it's exactly what I thought. It's well known and was surprised she was told that.

So is it looking like an unscrupulous IT shop then? After my clients hard earned money for their special anti virus software

Or maybe he could not be bothered to spend the time doing it.?:|

Earl

 

[colin_mckellar]

Does your client have pop ups appearing on her screen saying that her system is infected? If that is happening then it is infected by malware.

If the system had no memory "sticks" then it would not run at all.

Some trojans and viruses do disable legitimate anti virus programs.

AVG free edition will not install on computers that are linked to a domain as it is meant for personal and not business use only. To use it in a business is against AVG's terms and conditions

 

[paul britton]

This is the sort of issue we've had on some of our machines.
we're running AVAST. Do you think we can configure to eliminate such pop-ups and the like?

 

[Officebird]

Does your client have pop ups appearing on her screen saying that her system is infected? If that is happening then it is infected by malware.

It's not coming up with pop ups but there is no anti virus installed so it wouldn't know it had malware would it?

If the system had no memory "sticks" then it would not run at all.

lol! By memory sticks I mean USB mem sticks that she has data on. she doesn't think she put an infected stick into the machine.

Some trojans and viruses do disable legitimate anti virus programs.

Sneeky wotsits!

AVG free edition will not install on computers that are linked to a domain as it is meant for personal and not business use only. To use it in a business is against AVG's terms and conditions

My client isn't a business. I've even tried to download pay for programmes and stuff from the PC Advisor disks I have, but when they try to update the anti virus it can't get onto the site to do so.

 

[Mystro]

Had maware on one of my sites the other day

Run a free malware software Like windows defender, then run a program called combofix,

Combofix will delete any hidden trojans disgised as a system file.

Make sure you fully scan the pc first to get rid any outstanding Malware

And if you have usernames and passwords change them

Paul

 

[colin_mckellar]

Officebird, by popups I was referring to malware such as Antivirus Pro 2010 which infects a computer and sends popup messages saying that a virus had been found when it is its own trojan/virus.

I used Malwarebytes to clean a machine that was infected.

 

[Officebird]

lol, you can tell I'm not a techy can't you?!

No she doesn't have pop ups.

Just been to the IT shop with her, who are saying that they have set it up correctly and she will need to bring it back in but they will charge her!

Spoke to an IT friend who asked me to check the windows updaets have been done and I've found out that I can't get on the microsoft site at all. The machine is running IE 6, it has XP installed and is on SP2 not 3. Surely with a brand new PC this should be the latest stuff? Plus she hasn't been given a Windows disk.

 

[MartCactus]

There are many ways malware can get on your machine.

Make sure you are running the latest versions of Adobe reader and flash plugin for browsers. Older versions had a security flaw that enables your machine to be attacked if you visit a website that is exploiting this flaw.

That is more likely than you'd think, because the bad guys have hacked hundreds of thousands of legitimate websites to spread their infection to innocent visitors.

Having hacked your PC one of the things the malware does is look for FTP activity (the standard way of updating files on a website). If it sees this it steals the required usernames and passwords - which they then use to infect yet another website with their malware, to attack a whole new load of visitors to it.

So its critical to make sure you have anti virus software, firewall, latest versions of plugins for the browser, and if your browser or other software tells you there is an update, download and install it immediately.

 

[Dawg]

Run Malwarebytes asap. Let it sort out any sh1te, and then load AVG free. (Ignore that red polka dot herring about company domains being blocked..) Run AVG. Let it kill any more sh1te it might find.
Now install XP Service Pack 3. Turn on Automatic Updates, (Start>Control Panel>Security Center>Automatic Updates).Now install Firefox, and use this instead of Internet Explorer 6.
Now, to be belt and braces, run Malwarebytes and AVG again.
If there are any glitches get the IT punks to do a complete reformat and reinstall at their own cost.

 

[colin_mckellar]

lol, you can tell I'm not a techy can't you?!

No she doesn't have pop ups.

Just been to the IT shop with her, who are saying that they have set it up correctly and she will need to bring it back in but they will charge her!

Spoke to an IT friend who asked me to check the windows updaets have been done and I've found out that I can't get on the microsoft site at all. The machine is running IE 6, it has XP installed and is on SP2 not 3. Surely with a brand new PC this should be the latest stuff? Plus she hasn't been given a Windows disk.

Is there a genuine Windows sticker giving a serial number attached to the PC? If there isn't then it could be a pirated version of Windows which is illegal and that might be why she cannot do updates as Microsoft checks the serial number when you update.

If it is a pirated version then take the whole lot back to the retailer and get your money back under the threat of reporting them for software theft.

I'm also surprised that a new PC has XP installed unless it is a notebook. Normally it would be Vista.

 

[Esk247]

sounds totally dodgy to me...then again, some IT shops are totally shocking at the moment, they're ripping people off left right and centre.

are you sure its new??? sounds like a second hand one to me thats already fluffed up and they got it cheap or it was a returned one!

they've seen your friend coming and they sound like total cowboys, can't believe they get away with it.

 

A few things sprang to mind here tbh:

1) the 'IT' guy was being a lazy sod, and we have a rule here that we don't let a PC go out without some form of protection on it (Domestic clients have AVG installed and business clients will get an AV option, discussed at the outset).

2) AVG Free is licensed ONLY for domestic use, and it is piracy to be downloading it for use on a business PC.... that said, nobody would have a problem if you were downloading it to clear something that you think was there (as per Dawg's earlier post).

3) Do not, definitely do not, run a PC which is connected to the internet, particularly for business-critical applications, and expect you won't catch something.... you'll get it almost immediately.

 

[Officebird]

Run Malwarebytes asap. Let it sort out any sh1te, and then load AVG free. (Ignore that red polka dot herring about company domains being blocked..) Run AVG. Let it kill any more sh1te it might find.
Now install XP Service Pack 3. Turn on Automatic Updates, (Start>Control Panel>Security Center>Automatic Updates).Now install Firefox, and use this instead of Internet Explorer 6.
Now, to be belt and braces, run Malwarebytes and AVG again.
If there are any glitches get the IT punks to do a complete reformat and reinstall at their own cost.

I'm going to give this a go Dawg, although I suspect I won't be able to access the Malwarebytes webpage I will be going to my clients this afternoon so hopefully this will sort it all out!

Colin - no windows sticker on the PC. There is one on the back of the office 2007 disk with a number I tried to check on www.howtotell.com but I can't open that website either!! Microsoft don't get chance to verify the software as something is stopping me open the Microsoft website.

Comspec - thanks, this is not a business client but a domestic one and so AVG would be fine. As for running the computer this is what makes no sense to me. The computer was installed on Sat and she didn't touch it because it had no anti-virus on it. so the only thing we have done with the machine is try and download some kind of anti-virus. Arghh!!

I have my IT guy coming over later to have a look and he will come to the shop with me to get the windows disk. He will then happily reformat it and reinstall but will obviously charge her, although not much. It's just no fair as this lady has paid for a machine and set up and is now forced to use another IT guy to sort it out. She wants nothing more to do with the shop.

 

I'm going to give this a go Dawg, although I suspect I won't be able to access the Malwarebytes webpage I will be going to my clients this afternoon so hopefully this will sort it all out!

Colin - no windows sticker on the PC. There is one on the back of the office 2007 disk with a number I tried to check on www.howtotell.com but I can't open that website either!! Microsoft don't get chance to verify the software as something is stopping me open the Microsoft website.

Comspec - thanks, this is not a business client but a domestic one and so AVG would be fine. As for running the computer this is what makes no sense to me. The computer was installed on Sat and she didn't touch it because it had no anti-virus on it. so the only thing we have done with the machine is try and download some kind of anti-virus. Arghh!!

I have my IT guy coming over later to have a look and he will come to the shop with me to get the windows disk. He will then happily reformat it and reinstall but will obviously charge her, although not much. It's just no fair as this lady has paid for a machine and set up and is now forced to use another IT guy to sort it out. She wants nothing more to do with the shop.

Domestic client is fine then, and tbh I would reckon that that malware you have has been picked up before delivery, if she only tried to download an AV program (it tends not to be that quick lol).

I would not be overly impressed by the IT guy you had out, and would refer the PC back to the shop for full system scans etc.... I would feel they have an obligation to provide a better service than they have, and it might just be a poor effort at an employee (and the rest of the firm might be ok).

If you are struggling to get something loaded, try booting the PC up in 'safe mode' and seeif that helps (press F8 during bootup).

Also try a few other scanners, one of them might be able to load (Spybot, Malwarebytes, etc).

If you could give a breakdown of what exactly happens, and at what stage your system scans fail, then maybe I could give more specific advice.... though probably trying a few others might be your best bet initially.

 

[colin_mckellar]

I think that if there isn't a Windows sticker on the box and they have loaded on XP then i would suspect that the shop has installed a pirate version of windows and that is illegal. One way of checking is to ask for the sticker with the serial number and a copy of the disk.

If the shop cannot supply either, especially the sticker, then a visit to your local trading standards is required as the shop is dealing in pirated software and every copy that they install will eventually stop working

 

[astutiumRob]

when she asked him to download AVG he told her he wouldn't as some internet Anti Virus programmes can put viruses on your system

Which is your choice of
* plain stupiity
* an attempt to sell a boxd AV program
* a misunderstanding of the request
* desperation to get you to come back 30 minute later when you've been hacked

Basically when I try to download any anti virus program from the web I am unable to get onto the websites. I can go on any other website but not an anti virus one.

Quite normal, and *after* you're infected is the wrong time to get an AV - now its onto "format and reinstall"

She is convinced she hasn't put any memory sticks etc in the new PC but it seems to have the same problem.

Has se connected to lan/wan/internet - if she has 1 local machine with a virus, its likely the other machine lasted sub 60seconds after connecting up before being infected ...

Is there a way to do a full scan of the computer without access to anti virus sites?

Boot from a known good AV CD possibly

But the only real "fix" is start again ...

 

[skyhi2]

Try to go on the Trend Micro site.

If it allows you,run housecall online scan.

If that fails,advise client to take it back and shove.....................

I agree with Sirearl,the shop/guy is a complete ******.

Skyhi2.

 

[Primoweb]

If you are still having problems with ridding your computer because you cannot open Internet Explorer to download the anti virus software this is what to do:

Start your PC in SAFE MODE
when booting up the computer press and hold F8 key (if that doesnt work repeatedly press the F8 key as it is booting up) this will bring up the advanced start up menu

You want to select SAFE MODE with NETWORKING

Once the computer has booted you should be able to access the internet through Internet explorer.

You need to go to the AVG FREE website and download the application and MALAWAREBYTES and do the same

You can now reboot the computer in normal mode and without opening internet explorer run the two programs mentioned. Hopefully they will detect and remove whatever is cuasing the problem

As someone else has said it is a good idea to use a more secure browser such as FIREFOX or GOOGLE CHROME. One of the advantages of these browsers is they usually allow you access to the internet even if the virus is attacking IE

Hope this helps sort out your problem

 

[Officebird]

Hi guys,

Thanks so much for all your help. I couldn't get onto any of the AV type sites. We've been to the shop and the brother was there today, completely different story. We asked for the windows disk and sticker and explained to him the issues we were having. He very kindly offered to come round at lunchtime.

He's just been and has taken the PC away with him as he was having the same problems as we were. He has also offered to put MacAfee on for free for my client as it was his mistake to leave it without AV.

All in all it looks as though it's going to get sorted out, which I'm pleased about as I'm the one that recommended she use them in the first place. He still hasn't given us the Windows disk or sticker but has said he will so time will tell and I have no reason to think he won't.

Again, thanks sooooooo much for your help. I've learnt a lot through this thread and know it will come in handy in the future.

I'll let you know how it pans out.

 

Glad to hear that your local IT shop is sorting this out.... it really is basic good practice which has not been followed in this case.

Certainly sounds as if the initial guy was a lazy git, and the other fellah is probably the one who keeps the business running.

Hopefully he is true to his word, as it is ra elatively simple task (we would normally charge £30-£40 for taking a virus like this off and cleaning up the PC).

Demand your Windows sticker, as if you have to reinstall it at some stage, you will need it (and most machines will be reinstalled at some stage in their lifespan). You are entitled to it, and it should have been on the PC initially.

 

[black_elk]

This IT guy is either completed incompetent or just dodgy. As others said as well demand your windows sticker. He will put MacAfee for free? Will it be a full (paid) licence of just a trial?
Why did he install windows XP? I am not fan of Vista but all new PC's have pre-installed windows Vista, unless is BTO (Build To Order). The following question might sounds stupid, but how new the PC is? I wouldn't be surprised if this is old unsold stock. Also, have you been given a warranty? Do you have the driver's CDs from the components?

In any case i wouldn't use this person ever again.

 

[Seal-tech]

Hi,

I concur with black_elk - make sure you have the windows sticker, and a copy of the eula (license agreement) I'm sorry to say but a reasonable number of small computer companies are using illegal s/w and charging the customers for the cost of the license (including office etc). Just cos it's running XP doesnt mean it is legal !!:redface:

The service you have received is terrible and I wouldnt let them near my PC again if they did it to me.

If you have any problems then please feel free to pm me and I'm always happy to help.

Thanks
Allan.