Somedays IT is fun…
I come into work, and my boss is on me immediately: “I can’t log in, I get an error message that the system time and the domain time is not synchronized”. But I push him off, because somehow someone inside the LAN has contracte the Mydoom virus and is sending out emails out the wazoo.
Then I get an email from an off-site employee who is here for the week asking me if the Mydoom emails are “really” from us IT guys. Also, she happens to ask if we have anti-virus software BECAUSE SHE HAS NONE ON HER LAPTOP! Clue #1 on where to look for the virus. Sure enough, her unprotected laptop has been have relations with a nasty part of the internet…
So I go and remove the virus from her computer, install the corporate Symantec AV, check the registry and other startup spots, and run ad-aware just to be sure. (Mydoom did a nasty because the virus executable ‘services.exe’ shares a name with an actual Windows system service, so if you try to kill it, Windows won’t let you. If you try to delete the startup entry in the registry, the executable puts in right back in. So you have to start up in Safe Mode, THEN delete the registry entry. Tricky…)
She’s good now, so I turn to my boss’s time problems. I ask him if the time is correct and he says yes. I try to log in as admin and I get the error message. I log into the computer domain and check the time. Looks good, time zone’s correct, but wait! It’s 10:12 on his computer, as it’s 10:12 on the server. But it’s daylight, so the 10:12 PM!!!! on his computer MIGHT be a little off. I set it back to ante-meridian, and all is well.
Then I get a call from another manager who got one of the mydoom emails telling me Symantec AV won’t let him open the attachment. Somehow, I manage to politely tell him we IT guys didn’t send the email, but that it’s a virus (mind you, we’ve sent 80 million emails out warning the masses).
I know we need to strip out attachments from our email and scan them before they get to the users, but the sendmail guru here is overworked, so I get to deal with the, uhm, “computer ignorant” sometimes, and I just have to shake my head…
My $.02 vent Weed
That sounds so familiar
That sounds so familiar. I remember one executive complained that his computer kept rebooting; it turns out he’d connected his laptop directly to the Internet at home, and contracted a worm over his modem. We cautioned him to not plug it into our network, since we were planning on patching that night. We were lucky; one laptop cleansing is much easier than 400+ desktops…
—
Matthew P. Barnson
My favorite IT disaster story
So we’d implemented a new policy where I worked:
This was supposed to lead to significant power cost savings (eventually, it did), and helped us with our roll process to make sure that patches were rolled out to people on time.
Well, the morning after the policy went into effect, I was the lucky duck who drew the early-morning help desk shift. The conversation went something like this:
Help desk, this is Matthew.
Hi. My computer won’t turn on.
OK, so what happens when you try to turn it on?
Nothing, it just sits there. My screen doesn’t light up.
At this point, I remember who I’m talking to, realize she’s the village idiot of computers, and decided to head down to her cube rather than continue to attempt to talk her through troubleshooting it.
I arrived at her cube.
Her computer is in disarray. Power cords pulled out, mouse and keyboard in the wrong ports (a common mistake among novitiates to computers, I admit, but these days they are color-coded. The purple plug was in the green socket, and the green plug in the purple socket), and the CPU tower was facing backwards.
So, what happened?
Well, I couldn’t get it to turn on, so I tried to fix it.
I sighed heavily, reconnected everything the way it was supposed to be, and turned the CPU tower right-side-forward again.
That’s the way it was when I came in, she stated confidently.
I pressed the large power button marked “POWER” on the front of the case. The lights turned on. The fans hummed. The monitor made the classic “Dooouuunnngggg” of the start-up degauss.
So that’s how you do it, she murmered quietly behind me.
—
Matthew P. Barnson