Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


Testdrive Client from runaware.com

Posted on 2009-05-17
Medium Priority
Last Modified: 2013-11-08
Has anyone got information on the items mentioned in the title to this question? I have a client that came in town with a laptop that was infected w/spyware and I couldn't get it cleaned to my satisfaction so I got a new hard drive, added memory and reloaded the machine from system recovery disks. I didn't think a new drive was necessary, but because of some of the symptoms the machine displayed and the situation (the client came in from Bahama's and was returning quickly and needed his laptop) I didn't want the possibility of the drive having a problem to cause a problem.
Four days after he returned I got a call and he said the machine is not working. When he broght it back it had no desktop icons or start bar so I booted to safe mode. It started fine so I went to system recovery and saw that something was installed on the day he had the problem. It was called TestDrive client. I restored to that day and the machine booted fine. I'm trying to figure what this program installs and where it puts it, also if anyone else has had a problem with this program. The client and his wife have no idea how the program got installed and also have mentioned not wanting to pay me for my services since the machine failed shortly after they began using it again. I'm also unsure if this program is what messed up the machine. All I know is I put in a lot of time sensitive work and made decisions based on his pressing schedule and am now in the hot seat with the possibliltiy of non payment because of all this.
Question by:bwierzbicki
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 12

Accepted Solution

jahboite earned 2000 total points
ID: 24407642
If you still have a copy of the TestDrive client executable you could submit the file to a variety of online services that can:

tell you whether any of a selection of anti-virus products detect any part of it as malicious:

give you an idea of what the executable does which might help you to decide whether the reported actions might have caused the issue you write about:
(cwsandbox is down for maintenace as of 14 May 2009, but should be back-up soon - you might try the cwsandbox link on this page instead:
http://www.sunbeltsecurity.com/      )

Bear in mind that even if there are no hits at virustotal it doesn't necessarily follow that the file isn't malicious and if you're suspicious save the url of the results from virustotal and then periodically check back to see if there are any detections.

Let us know if that helped or not.
LVL 33

Expert Comment

by:Dave Howe
ID: 24410756
http://www.runaware.com/ looks clean enough - as far as I can tell, it is a generic service to allow your customers to trial software in a virtual environment (similar to how citrix delivers applications) without having access to the installer or being able to process real data in it (short of typing it in manually and then screenshotting the output) - however, if he was installing *one* trial program, maybe he installed others and one of the others installed at the same time caused the issue. however, unless you took a snapshot of the drive before performing the rollback, I suspect the evidence is now gone to determine the cause either way.

However, I would suggest that, if their system was working when delivered, and is now working again after a restore, you could make a case that their machine *at the current time point* is as was delivered to them, and that they have already a past history of making bad download/install decisions. How you go about getting your cash is another matter, but usually if you start having to get the courts involved you will sour your relationship with the customers no matter what happens. You *do* have one other option though, assuming you retained their old hard drive, of reinstalling that, giving back the machine in its original, spyware ridden state, and writing off the time you spent as unrecoverable. They will then be in the position of either having to pay you for your work, or pay some other repair center to re-do your work (and probably pay the same or more anyhow)

Author Closing Comment

ID: 31582401
thanks for your comment

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hey fellow admins! This time, I have a little fairy tale for you. As many tales do, it starts boring and then gets pretty gory. I hope you like it. TL;DR: It is about an important security matter, you should read it if you run or administer Windows …
What monsters are hiding in your child's room? In this article I will share with you a tech horror story that could happen to anyone, along with some tips on how you can prevent it from happening to you.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question