Wednesday, November 10, 2004

The Recovery Console in XP is different than using a "Recovery CD"......


Just this week I am sitting at my desk and the receptionist sends me this call. It goes something like this. "Ring Ring" Hello, this is James, how may I help you? Yes sir, my computer says it has a Trojan Horse. Yes Maam, apparently your anti virus software has detected a virus on your system. Ok, what is a Trojan Horse Virus and why do I have it on my computer? This question was followed with several other questions along the lines of "this is a new computer that I just bought and is under warranty and now it is broken because of this stupid virus that I had NOTHING to do with happening." line of thought.

I allowed the customer to ramble for a few more moments and then I interjected with the following ideas. You can get rid of the virus on your computer by updating your virus definitions on Norton Anti Virus and then allow the program to rid your computer of this pesky virus. I made the mistake of using the term "auto update" for Norton Anti Virus and got lost for another 5 minutes trying to explain to the customer how she could use this feature manually to update her virus definition files. My efforts were quite futile and I finally just gave up on that train of thought. My irate and frustrated customer still had it stuck in her mind that her computer was under warranty so therefore the computer manufacturer was at fault and she wanted ME to come to her home and fix it for her for FREE. When I explained to her that the computer manufacturer would not warranty the Operating System (XP) nor any other software on her hard drive she commenced to ask me what an operating system was and what is software. At this point my attempts to help were going no where. In hopes that this customer would just go away I tried to use the "scare" tactic and told her that if I came out to her house (schedule permitting this week) that I would have to charge her an additional 35.00 trip charge vs if she brought the machine to me. When I told her that I could not drop everything I was doing to give her immediate assistance she was put out and told me she would go elsewhere. Picture me having a deep sigh of relief at this point. Ok , I am sorry maam, good luck with your virus problem, I hope you get it resolved. Click, the line goes dead and I dont give it another thought.

One day goes by and after a service call I come back to the shop to find ..... You guessed it, my pet trojan horse was waiting on me. We get a LOT of boogered up computers in our shop that have spyware, spybots, adware, malware, trojans, viruses of all types. All of these programs do one of two things. They always eat up all your system resources. That means that they start up when the operating system starts and they populate the area in your system tray with cute little icons. Some of them are so clever that they dont even put an icon in your system tray and you dont even know they are there unless you go looking for them. The other thing that these programs love to do is to track your activities online and send information back to webservers who are logging this information for their owners. Another thing that these programs do is to use your smtp server of choice to e-mail copies of themselves to all of your friends and family in your Windows address book. If you are lucky you will have a virus program that will have its very own smtp server built in and it will start mailing itself out automatically without even using your e-mail client.
Then there are those pesky boot sector viruses that destroys your boot sector and the next time you log on your computer comes up with the dreaded "Invalid system disk " Insert disk and hit enter error. I will get back to how this happens later in the story...

Two hours later I have installed Spybot Search and Destroy and discovered and deleted over 110 nasties on her computer. Norton Anti Virus is so messed up all it can do is pop up errors saying that the subscription is expired and that it can not find specific executable files and therefore it can not run anyway. Two clicks of the mouse and Norton is fast asleep not to bother anyone again. I install AVG anti virus which is free and find over 202 viruses on the hard drive including our friendly trojan horse virus. The ugly thing about programmers is that they write most of their nasties with Windows Operating Systems in mind. Do you ever wonder why support people say "you gotta love Mickeysoft software". LOL.... One of the things that you have to do when you get rid of trojans is that you have to turn off "system restore" on all your hard drives, then logon as administrator and delete all of the files in the \\system information volume\_restore directory to get rid of all the A000876c112ax*.exe files which automagically run themselves every time you start your computer OR have to use a system restore point from the past. To say the least doing these last steps can be kind of tricky at best.

Remember that this computer came in to have the "trojan horse virus" removed. That is all that was requested and even though I did remove the trojan horse virus I also did several other things in an effort to further protect the client such as installing a free anti virus application and installing numerous Windows Updates from Microsoft for the Operating System. I call the customer and tell her that even though I worked on her computer for longer than 1.5 hours that is all I was going to charge her for. When I told her how much that would be she launched back off into the thoughts of her computer being under warranty. You get the picture. I am sorry but HP does not warranty the software on your hard drive maam.

Yesterday afternoon here comes my customer with her teenager daughter in tow. (Sorry this story is so long... LOL) I happened to be standing by the receptionist when the customer came to pick up the computer and the customer made sure to have me tell her daughter what NOT to do to KEEP this from happening ever again. The poor dear was embarrased out of her socks. I gave the daughter the basic run down of how to traverse the Internet safely and to be sure to stay away from P2P networks like Kazaa etc. I told her to be very careful of trading files via IM programs like ICQ, Yahoo IM, AOL IM etc. I told her to stay away from IRC channels and the like if at all possible. Run auto update regularly and schedule regular virus scans and backups of your data. The whole time the mom is "are you getting all of this", " are you getting all of this". LOL. Yes MOM I get it ok....

At this point the bill is paid and they are off to cyberspace with their newly cleaned machine. Mind you, I only did those things mentioned above. I did NOT fix every software glitch that was on this machine. The expectation from the customer however was clearly different as I wound up on the phone with her again this afternoon. Ring ring, call coming from the receptionist. I answer it and say , "hello this is James, how may I help you". Hello this is your customer (name not mentioned to protect the not so innocent) calling you back. My trojan is still on my computer. Why do I have a trojan on my computer after I paid you to remove it. The customer launches into her new found information after calling HP. I called HP and they told me that I did not need to bring the computer to you after all because all I would have had to do is to reboot the system and fully recover the computer from there. I do not need a recovery cd to do this. All I have to do is hit the F10 Key. I said, Maam , did you try that? Customer says, no , I did not try it because HP told me I need to make sure I have an anti virus software installed before I do because if I do not then I could be back in the same boat within hours. At this point I am thinking, no really ?? LOL....

I tried to explain to the customer that there is a difference between the "recovery console" in XP which you get to when you hit the F10 key upon OS boot up vs the "recovery CD" that the hardware manufacturer gives you to "fully restore" your computer to factory default configuration when you first buy it. I tried to explain this to the customer but she had the thought pattern of "I should have never brought my computer to you because I still have all these problems that you did not fix and you did not tell me that I could do a full system restore by simply hitting the F10 key so therefore you really ripped me off and need to give me a full refund". The customer tried to get me to make an assertion or affirmation that her perception was correct but I firmly but gently told her that her computer did not have a trojan horse or virus of any type when it left the shop. I also told her that AVG was a free anti virus software and that while it was FREE it certainly was not the BEST software product out there and that we could have sold her Trend Micro Anti Virus for 49.95 which would have been a more costly solution. I also advised her that just because you have Anti Virus software running on your computer does not mean that your computer will NEVER EVER be bothered again by a virus infection. What it does mean is that the software is in place to stop a MAJORITY of KNOWN virus infections in their tracks. Again, this was an totally unacceptable concept to this customer.

At this point, when the customer was unable to convince me that her computer problems were still my fault she advises me that she just wanted to call me and tell me what HP just told her so I would be "in the know" for future reference. Yes maam, thank you for the phone call, good luck with your "full recovery" of your system. Have a nice day. Click. The line goes dead and away goes our clueless customer thinking that hitting the F10 key will get rid of the viruses on her hard drive and RESTORE the computer back to its default factory configuration. Can you imagine what the phone call will be like tomorrow when she calls HP Tech Support to find out that she misunderstood what they were trying to tell her about the "System Recovery Console" vs the Recovery CD that I told her to order. LOL....

I think that tomorrow I am going to forward my phone extension at work to Microsoft Tech Support just for the fun of it. LOL

No comments: