Office Depot And OfficeMax Find Malware That Isn’t There

Sometimes we are rebuilding a RAID array or replacing a BIOS chip and we wonder how ordinary people keep their computes running. Then we realize that most of them come to someone like us for help. But what if you don’t have a family member or friend who is computer savvy? No problem! Plenty of stores — including big box office stores such as Office Depot and OfficeMax — will be glad to help you. Why most of them will be willing to test your computer for free. Sounds nice until you find out that at least in some cases these tests were showing problems that didn’t need fixing so users would pay for services they didn’t need. The Federal Trade Commission (FTC) has fined Office Depot (who owns OfficeMax) $25 million and plans to use the funds to issue refunds. In addition, a vendor, Support.com, will pay $10 million to support the refunds.

The free check used software to detect problems on a PC. However, during the scan the user is asked if their computer has any of the following symptoms. For example, if their PC has become slow or frequently reboots. If you said yes to any of these questions, the software would produce a report claiming to have found evidence of malware and offering fixes that could cost significant amounts of money even if there was no other evidence.

You might think this was just bad software provided by the vendor and that the office store employees didn’t know. According to the FTC, this isn’t the case. From their report:

The FTC alleges that both Office Depot and Support.com have been aware of concerns and complaints about the PC Health Check program since at least 2012. For example, one OfficeMax employee complained to corporate management in 2012, saying “I cannot justify lying to a customer or being TRICKED into lying to them for our store to make a few extra dollars.” Despite this and other internal warnings, Office Depot continued until late 2016 to advertise and use the PC Health Check program and pushed its store managers and employees to generate sales from the program, according to the complaint.

This sort of thing concerns us for several reasons. If a cyber hacker (black-hat, not our kind of hacker) perpetrates a scam, it is deplorable. Why shouldn’t it be just as deplorable for a big company to take advantage of people’s ignorance about their computers? In addition, things like this are eventually going to lead to increased regulation over working with technology.

Think it can’t happen? It wasn’t that long ago that all you had to do to be a medical doctor was to claim to be one. We can imagine that back then a “doctor” could say, “Do you have back pain? You do? Clearly, then, you require expensive electric shock therapy to repair your herniated disc.” The government would eventually license doctors and medical devices to protect the public.

Granted, it could be worse. It doesn’t appear that the software made malicious changes which then required fixing — the equivalent of a shady mechanic cutting your brake lines while checking your oil. But it still disingenuous to offer to clean a virus you can’t find just based on someone’s say so — especially someone who need to go to a big box store for computer help.

71 thoughts on “Office Depot And OfficeMax Find Malware That Isn’t There

    1. Well, I’ve done it both ways. With the right tools, you can remove a chip off a motherboard and replace it. I don’t know about this year, but my high-end 990FX motherboard has a removable PTH BIOS chip along with other features for “us” — a reset button on the board and a POST code display on the board, for example.

      Actually saved me. I did a BIOS update that, for whatever reason, failed. This is my main PC so I was a bit annoyed. I pulled the chip, and have a programmer, but they don’t provide the actual BIOS image. However, I was able to figure out how to extract it from one of the update packages and brought the PC back up. I then programmed another to have as a spare.

      Granted, my mobo is a few years old, but there are still plenty out there with sockets. Here’s a newer Gigabyte board that says it is socketed: https://www.newegg.com/Product/Product.aspx?Item=N82E16813145089

      Of course, I could also point out that it really didn’t have anything to do with the article.

      1. “Of course, I could also point out that it really didn’t have anything to do with the article.”

        Then the author shouldn’t have mentioned it in the first sentence.

    2. Seriously asking this on a place where people link projects much more complicated than replacing a simple SMD Flash chip?
      I replaced one on my last laptop as skipping one BIOS* version bricked it which the manufacturer at the time didn’t mention. Much faster than waiting for repair service.
      (* UEFI)

  1. ” replacing a BIOS chip” Um motherboards have had permanent BIOS chips for a long time now. I do remember back in the day having ones that could be replaced but that’s long gone.

    1. Many high-end main-boards have socket-able “BIOS” flash-ROMs and so do many E-POS devices (Like the Wincor/Diebold Nixdorf Beetle i1 Q67 systems that I saw way too often at work).

      Many of the “sockets” in these cases are actually SOIC chip caddies with clip-shut doors on them (Like on the “2nd BIOS” socket on my mid-tier Sapphire gaming board.) or sometimes DIP sockets like that on the Beetle i1 E-POS system as above.

      However, for most consumer stuff like Atom/Core-m based cheap SFF PCs, almost all laptops, etc… have a soldered on flash-ROM (usually i2c and usually 32Mbit non Intel ME or 64/128Mbit with Intel ME… at least as far as 5th Gen Core i systems, not sure what Flash-ROM sizes are common on 6th gen and on-wards Core i systems)

        1. Yup a programmer helps get many boards up and running, or in my case…
          Just flipping the BIOS-select switch to ROM 2 and then hot switching back to ROM 1 for flashing a known working BIOS helps fine. Also I can swap out ROM 2 from the 2nd BIOS socket and put in another ROM to take the “upgrade”…. failing that, I can just pop the original ROM back in the socket or go back to using the soldered down ROM 1.

          I wonder if I could flash any old data to the ROM 2 socket or does the firmware require signed images?
          Never thought of testing that and I don’t want to mess with that just yet.

    2. Enthusiast grade boards (as in those pricey ones where the RGB seizure lightshow thingymajiggy is a afterthought instead of primary feature IF they even have RGB) usually have socketed bios chip, some even have redundant bios chip.

  2. Actually it sounds JUST like going to the car dealer to get your car serviced.
    yep the basic service costs $300 and while you wait the service manager comes out to say did you noticed how your brakes squeal a bit when you stop, you should get a brake service thats only an extra $150, thankyou but no my brakes DONT squeal when i come to a stop.

    yes BIG car company that start with V im talking about you…..

    1. Yeah, but then you end up on reddit.com/r/justrolledintotheshop and see through all the posts where customers said “Don’t you try to scam me with my car needing new tires, just balance the wheels!” with a photo showing a wheel that’s screwed up to a level where balancing becomes impossible.

      Or people complaining about brake noise and a photo showing that their brake disks were worn down so badly that the ring separated from the hub. Or the pads worn down to not having any brake pad material left, so it’s metal rubbing on metal.

      My point is: It’s alright to have doubts. But before saying “No, you’re trying to scam me”, let them show you the issue.

      1. “My point is: It’s alright to have doubts. But before saying “No, you’re trying to scam me”, let them show you the issue.”

        Agree! Education is the only answer, when it comes to cars there are people who treat them like appliances which causes problems because cars require much more regular maintenance than appliances. The combination of several systems that are required for proper function of a car means that there are a ton of parts that wear out and need to be inspected regularly. If you are going to purchase a car then you should be able to visually discern when a part is worn out or on the way out. I have several friends who know nothing about cars but they atleast have the brain capacity to ask a whole bunch of questions from multiple sources before they come to any conclusions. This has helped weed out several shops from getting any of our or our friends/relatives business due to shady business practices.

    2. Well, it’s $150 for the brake job, but that’s just the basic shoe replacement. We also noticed that your rotors are scored and your calipers are rusted. We can’t turn the rotors, they’re scored too deeply, so it’s going to be $600 for four new rotors, and $1200 for new calipers and another $1200 for labor. OK?

      1. Oh, and by the way sir, remember that mechanic of ours that you cursed at and offended, along with his family last time you were here ? Well, your car is already dismantled, and he is the only one that knows how to work in that model .. Just saying ….

  3. I used to work for support.com, I hated that stupid scanner, I can’t think of a single front line employee that felt differently. I know I wasn’t the only person that noticed this with the scanner. We were expected to write reports for every system we worked on, how do you, in good conscience, write a report for finding nothing on a computer for a service that costs 100+ dollars? You don’t, you learn to hate your job and find a new one.

    1. I also worked at support.com around 2011-2013, but for their Xfinity Signature Support tenant- so I never ran across this scam. I can honestly say I never sold a service that wasn’t needed, but then again I wasn’t in sales. My wife worked in their sales team for XSS and never sold anything that wasn’t needed, either. We’re both honest folks with a conscience. We even sent people back to Comcast if their problem wasn’t something we could/should fix, and refunded their money.

      Given my experience, I almost had a hard time believing that Support.com was the bad guy here- but then I recalled that they’re the ones who wrote that scanning software! I’m glad I’m no longer associated with them. I don’t think I could take another “My wifi isn’t working. How far from the router am I? I’m driving down the interstate 2 states away from home!” call.

      1. Yeah… I am going to say Comcast (Xfinity) is just as bad:

        Me: I am only getting 100kbps down, and 10kbps up on my 50Mbps plan.
        Xfinity Support: What program did you use to test the speed?
        Me: speedtest.net
        Xfinity Support: You have to use OUR speed test site.
        *Xfinity speed test says EXACTLY 50Mbps down, 10Mbps up*

        1. I’ve heard this a lot with xfinity, but i’ve used their speedtest alongside ookla (speedtest.net) and speakeasy and all 3 have always been within a few mbps. They also seem to match closely to my router’s built in speed test. I can’t believe its just that our distribution is that much better, some of my properties still have RG59 as their incoming lines. We do have far less customers than say Denver, far far less. Maybe they spoof their readings in the more densely populated areas to attempt to cut down on service calls? I’ve heard enough random people say they’ve seen it to believe it at this point.

  4. I worked at Office Depot. I discovered this scam while working there, and thought it was deplorable. They charged $200 for a complete virus removal, but that often came down to the remote technicians doing simple things like running Malwarebytes. But we local employees were threatened by regional management that if we offered to run Malwarebytes on anyone’s computer it would result in immediate termination.

    1. “For example, one OfficeMax employee complained to corporate management in 2012, saying “I cannot justify lying to a customer or being TRICKED into lying to them for our store to make a few extra dollars.” ”

      Bet they wished that E-mail was burned. Certainly internal communications will be ran through the dontcatchme AI filter before going anywhere.

    2. Well, using malwarebytes in that instance wouldn’t be kosher because the stores didn’t have the proper license, that’s why they stopped using it. Support.com had those licenses. As for the scan, anyone who knew anything marked all the questions no and let it run. It was competent at detecting legitimate infections.

  5. I’m going to have to respectfully disagree with the premise of this article.

    Ok. To be fair it’s getting close to 15 years since I have worked in tech support. I guess the “norms” could have changed since then. <Almost passes out from laughing too hard>

    It is my professional experience that the fact that the user has a pulse, or at least has had one at some point since the computer was hooked up for the first time is all the evidence that you really need that it is infected with some form of malware or another. If any of those boxes were checked though.. that is evidence of a LOT of malware.

    Anyway, if I wasn’t on-site to work on the PC myself and all I had to go on was a user’s answers to those questions I would definitely recommend some sort of anti-malware program. Ok, that would be my third preference behind switching to <GAG> Macintosh </GAG> or if they have a friend to help then Linux. Since these Office box stores are mostly Mickeysoft shops and probably cannot make those recommendations I think recommending an anti-malware suite or two or three is totally acceptable.

    I wouldn’t recommend an expensive one though. I’d recommend a free one. But anyway, the user being a person who would run Office* box store’s diagnostic program, that’s all the evidence I need. The fact that they checked those boxes is icing on the cake!

    1. Well, to be fair, I agree that if you are taking your computer into OD, you probably have infections just ’cause. But I think the FTC issue is twofold. First, if you imply or say you detected something when all you did was say “Computer is slow? Must be a virus!” is misleading. Car won’t start? Must be the transmission. Well… maybe, but could just need gas, right? On top of that, if you didn’t find an actual infection, what was the service going to do to fix it? Wipe your drive and reinstall fresh? You aren’t going to like that so I’m guessing it just ran malwarebytes (as someone else in comments stated).

    2. I thought that the premise of the article was that the Scan didn’t actually do any scanning. I mean regardless of whether you could logically hypothesize that a user had malware on their computer just from the act of bringing their computer into a big box store and answered yes to any of those questions and never mind that you would probably be right 99% of the time, there was really no scan that was done and reports were generated falsely.

      I am sure that those companies would have not been having any of these issues if their diagnostic program actually scanned the computer and produced a report listing the malware on the system. the point is that their diagnostic program is fraudulent and that is what they are getting penalized for, even in your response you state that you would recommend some sort of malware program (which would give further diagnostics) but that isn’t what these companies were doing. Instead they were duping the customer into expensive repairs without actually providing proof that they need it. There is a huge difference between making a recommendation to someone where you wont make any money off of it and using a convincing ruse to confuse less knowledgeable consumers into costly repairs and in the end it still doesn’t matter if there were virii on the computer or not as their diagnostics were fraudulent.

      1. The scan worked, it was legitimate. It would detect and log any infections it found. It’s been a long time, but if I recall correctly it recommended a premium tuneup if you checked any of the boxes. If you checked the pop-up or virus box specifically it recommended a virus removal. I and the other lead techs in the district had a policy of not checking any boxes for the scan and as far I know we never got any pushback. I can see unscrupulous or desperate techs using it to pump their sales numbers, but that’s ultimately on upper management who lived and died by that sort of thing.

  6. Back in college (during the aughts), a classmate was riding on the bus and got into a conversation with another passenger.
    She found out he was in Computer Science and told him about the problems she was having with her laptop.
    She ended up asking him (someone she’d just met) to take her laptop (home) and check it over.
    He said when he got home and ran a virus checker on it, 27 virii were detected, before he shut it off.
    He told us he was going to get back to her and tell her it needed a complete software re-install.

      1. The other problem is that people don’t want to learn anything about PCs, they just want them to work like refrigerators. “There was some kind of box that popped up but it was in Klingon so I just shut it off”.

        1. Just like with cars nowadays, they’ve become nothing more than but appliances for people who’d stuff their ass into the washing machine and set it to spin cycle if it could drive them to work or the grocery store.

          1. Well that’s fine. My car is an appliance for getting me from A to B, I’m not interested in super fast cars, or getting my hands dirty beneath the bonnet. My computers are a different story, they’re customised in various ways, both in software and in hardware. I’m really glad that tablet computers exist now, so that I don’t have to be tech support for so many people.

          2. in reply to Shannon:

            “My car is an appliance for getting me from A to B, I’m not interested in super fast cars, or getting my hands dirty beneath the bonnet.”

            And that is understandable, but dont you think it prudent that you understand not only how to properly use your car but also that you have atleast a basic conceptual understanding of how your car works so that you dont get screwed over when you need a repair? The analogy transfers over computers very well as most people dont actually know how to use their computers (or even tablets for that matter) let alone how they conceptually work.

            In the modern day computer to car analogy, tablets are more like today’s modern day consumer cars where PC’s are closer to industrial or farm equipment.

          3. In reply to Mike:
            I have a basic conceptual understanding of how a car works, and I’m sure that’s prudent. It might protect me from the scam artist selling me more “blinker fluid”, but if he tells me that my brakes need to be replaced, or my flat tyre is too damaged to use, I don’t know enough to contradict him and without being fully invested in the subject I never will.
            To bring that analogy back to computers, the car mechanic who knows how to use a computer probably won’t fall for the Indian “Microsoft representative” who “detected a virus on your computer”. However he wouldn’t know enough to go into the specifics of why his computer doesn’t run as he needs it to. Especially as he’s brought it to a “trusted third party”.

  7. “Why shouldn’t it be just as deplorable for a big company to take advantage of people’s ignorance”

    Woah there.
    You appear to be attacking the corner stone of big business. You must be a commie

      1. For the love of money is the root of all evil: which while some coveted after, they have erred from the faith, and pierced themselves through with many sorrows. –1 Timothy 6:10

        1. “But woe to you who are rich, for you have already received your comfort.” Luke 6:24

          “It is easier for a camel to go through the eye of a needle than for a rich person to enter the kingdom of God.” Mark 10:25

  8. I don’t take my computer to a store, I get phone calls directly from Windows to help me out! And it’s pretty much the same deal as the local computer “experts”.

    Of course, after a half hour of dicking with them I finally have to admit that their remote software won’t run on my Linux machines. I’ve learned a few Hindi swear words that way.

    1. One of these “technicians” called somebody from the german “Chaos Computer Club” someday. He asked for credit card details, the called guy (hacker) send him a “text” file which contained a ransomware. Bad day…
      (as read on Twitter somewhere)

      1. How does one automate a phone interview?
        As I’m imagining it:

        Robot: Why do you want this job? Press ONE if you LOVE TECHNOLOGY. Press TWO if you HAVE NO OTHER OPTIONS. Press THREE if you WERE FIRED FROM WALMART.

    1. Or the Apple Genius Bar… Ever heard of Louis Rossmann?
      Well, after watching a bunch of his videos, that should be enough to put many people off of Apple…

      Then Look at the Linus Tech Tips video where Apple couldn’t support a brand new “PRO” grade all-in-one.

      If you (the reader) can’t find the videos, drop a request and I’ll post links if I’ve not forgotten about this post.

      1. Apple has made a lot of electrical design blunders in their products. They’ve even taken some things that were done right and changed them to be wrong in a new model. One of Rossmann’s videos shows where on series of Macbook has the HV line to the backlight right next to a data line that leads back to the chip that switches between CPU and GPU graphics – or directly to the CPU in the cheaper models without a separate GPU.

        What tends to happen over time is dust and grunge accumulates and if there’s moisture in the air that can soak it up, become just conductive enough and ZAP. The switching chip can be easy to replace if it doesn’t explode and cause PCB damage. On the cheaper models, toss it. Cost more to replace the CPU and other fried parts than the laptop is worth.

        What makes that design defect especially bad is the display connector on the previous model line was properly designed with ground ‘guard’ connections between the HV lines and the data lines so if there was any shorts it’d dump to ground instead of into the chips.

        Why did Apple deliberately introduce a defect? Or was is simply stupidity? Or was someone ordered to change something to make the new model line’s displays incompatible with the previous ones, and some numbskull figured the easy way would be to re-arrange the display connector pinout?

        Rossmann also points out and repairs design defects of undersized capacitors that cause intermittent problems that eventually lead to failures of other components. If caught before damage is done the improper capacitor can be replaced with a slightly higher capacity one and at least that sub-circuit will be bulletproof. One he points out was the same circuit used for several years with no changes, no fixing to eliminate the problem. The proper capacitor is just a very small higher cost in the bulk quantities Apple would buy.

        Another of his videos shows what happens on one Machbook model when there’s a short circuit in a Thunderbolt device. The chip explodes because Apple’s bad engineers neglected to include any sort of short circuit or overcurrent protection. Depending on how bad it explodes it may be repairable with component replacement, but in the video he did all he could do was remove the remains, dig out the carbonized PCB material, and remove some other components for that port so the Macbook would still work but without Thunderbolt ports.

        Rossmann’s pulling back the curtain on Apple’s design defects pissed them off so much they lied to US Customs to get a shipment of genuine Apple batteries he’d bought from Apple’s supplier confiscated as “counterfeit”.

        1. That’s easy, cost. Doing things right takes money. Remove the ground guard-reduce the cost. Use cheaper capacitor that work “well enought”-reduce the cost. Short circuit and over current protection have component and design costs. Remove enough components/replace them with cheaper alternatives and you “make” a bunch of money (at least at volume).
          It’s disheartening to know that Apple is following Walmarts example for making money on electronics.

  9. Microcenter runs a similar operation, though not quite as scammy – just lazy and profit-driven.

    Driver conflict? PC running weird for any reason, no matter how easily fixed? Oh, you need a re-imaging at $100 a pop, plus $100 minimum for data backup/transfer (IIRC it was like $100 for the first 4.7GB, then maybe $10 for each additional DVD backup).

    10 minutes of work could fix the issue, but instead it’s a $200 minimum because it’s more profitable to do zero diagnostics and just re-image any machine that doesn’t have an obvious hardware problem.

  10. I used to work in the PC “repair” department of Office Depot several years ago. Now being a legitimate IT Support tech at an actual company that supports hundreds of users I can say I didn’t know what I was doing back then and neither did the other OD “techs”. It is also true that the techs will do just about anything to sell you an unnecessary PC service. It is how they make their commission and it’s how the company makes money. It’s a huge rip off for bs work.

  11. Going to you instead of the “Professionals” is a solution for your friends and relatives, but not so good for you.

    My answer to that is “I don’t do Windows”, and either they don’t bother me again or I install Linux on their machines and … they don’t bother me again.

  12. “the software would produce a report claiming to have found evidence of malware ”

    Amusing story. I used to be a PC tech. Had a customer bring in their PC. It was quite a powerful PC – think uber gaming rig. They spent top dollar for the best. But all they did was email, word processing and maybe mine sweeper.

    The issue? It had a virus. They had the printout from Norton describing it. But they couldn’t clean it. Clever virus kept shutting the PC off whenever they tried running a scan.

    Any other problems? Nope. Just the virus.

    Ok. I put the PC on our bench and as per our protocol, open it up to pull the HD and put it on out PC for virus scanning.

    Except, I couldn’t get to the drive, because the heat sink & fan was dandling in the way. You know, vs being attached to the CPU.

    Reattached the heatsink / fan. Powered up. Ran a scan. Clean. Ran some other diagnostics. Clean.

    Seems the only thing they did that remotely warmed up the CPU was a period virus scan. Which caused it to shut down when it got too hot.

  13. What I think is deceptive is the way that computers are sold today. The standards over ten years ago was looking at the speed of the CPU. More often the speed of the CPU and amount of memory can speed-up or slow down a computer system. Sellers of computers need to emphasize the CPU speed and the importance of better memory! While virus’ can slow down a computer, the previously mentioned is extremely important. I have never trusted ANY virus protection software.

  14. Figured this out some years back when a relly had a system under warranty from them which had swollen and seeping caps and was crashing, took it back, got charged virus cleaning and told it was fine, still doing it, personally did a low level wipe and reinstall, took it back, pointed out the blindingly obvious hardware issue, 3 days later, charged for virus removal and told it was fixed,,, nope… by now there was only a week of warranty left, took it back yet again, assholes insisted it had a virus again and charged for wipe, reinstall and virus clean and delayed returning until day after warranty done.. Relly wimped out on blasting them with large caliber lawyers on full auto, and i ended up replacing the motherboard for them, whereupon surprise surprise, it ran stable for the first time in 6 months.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.