Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Testdrive Client from runaware.com

Posted on 2009-05-17
3
5,774 Views
Last Modified: 2013-11-08
Has anyone got information on the items mentioned in the title to this question? I have a client that came in town with a laptop that was infected w/spyware and I couldn't get it cleaned to my satisfaction so I got a new hard drive, added memory and reloaded the machine from system recovery disks. I didn't think a new drive was necessary, but because of some of the symptoms the machine displayed and the situation (the client came in from Bahama's and was returning quickly and needed his laptop) I didn't want the possibility of the drive having a problem to cause a problem.
Four days after he returned I got a call and he said the machine is not working. When he broght it back it had no desktop icons or start bar so I booted to safe mode. It started fine so I went to system recovery and saw that something was installed on the day he had the problem. It was called TestDrive client. I restored to that day and the machine booted fine. I'm trying to figure what this program installs and where it puts it, also if anyone else has had a problem with this program. The client and his wife have no idea how the program got installed and also have mentioned not wanting to pay me for my services since the machine failed shortly after they began using it again. I'm also unsure if this program is what messed up the machine. All I know is I put in a lot of time sensitive work and made decisions based on his pressing schedule and am now in the hot seat with the possibliltiy of non payment because of all this.
0
Comment
Question by:bwierzbicki
3 Comments
 
LVL 12

Accepted Solution

by:
jahboite earned 500 total points
ID: 24407642
If you still have a copy of the TestDrive client executable you could submit the file to a variety of online services that can:

tell you whether any of a selection of anti-virus products detect any part of it as malicious:
https://www.virustotal.com/

give you an idea of what the executable does which might help you to decide whether the reported actions might have caused the issue you write about:
http://anubis.iseclab.org/index.php
http://www.cwsandbox.org/?page=submit
(cwsandbox is down for maintenace as of 14 May 2009, but should be back-up soon - you might try the cwsandbox link on this page instead:
http://www.sunbeltsecurity.com/      )

Bear in mind that even if there are no hits at virustotal it doesn't necessarily follow that the file isn't malicious and if you're suspicious save the url of the results from virustotal and then periodically check back to see if there are any detections.

Let us know if that helped or not.
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 24410756
http://www.runaware.com/ looks clean enough - as far as I can tell, it is a generic service to allow your customers to trial software in a virtual environment (similar to how citrix delivers applications) without having access to the installer or being able to process real data in it (short of typing it in manually and then screenshotting the output) - however, if he was installing *one* trial program, maybe he installed others and one of the others installed at the same time caused the issue. however, unless you took a snapshot of the drive before performing the rollback, I suspect the evidence is now gone to determine the cause either way.

However, I would suggest that, if their system was working when delivered, and is now working again after a restore, you could make a case that their machine *at the current time point* is as was delivered to them, and that they have already a past history of making bad download/install decisions. How you go about getting your cash is another matter, but usually if you start having to get the courts involved you will sour your relationship with the customers no matter what happens. You *do* have one other option though, assuming you retained their old hard drive, of reinstalling that, giving back the machine in its original, spyware ridden state, and writing off the time you spent as unrecoverable. They will then be in the position of either having to pay you for your work, or pay some other repair center to re-do your work (and probably pay the same or more anyhow)
0
 

Author Closing Comment

by:bwierzbicki
ID: 31582401
thanks for your comment
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
md5 password 3 74
Open Encryption Software Advice needed 4 68
rajdeep0081@hotmail.com 3 71
Your Connection is Not Private When Accessing Gmail 4 39
Most MSPs worth their salt are already offering cybersecurity to their customers. But cybersecurity as a service is wide encompassing and can mean many things.  So where are MSPs falling in this spectrum?
Many businesses neglect disaster recovery and treat it as an after-thought. I can tell you first hand that data will be lost, hard drives die, servers will be hacked, and careless (or malicious) employees can ruin your data.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question