Nice article about What To Do If Your Computer Locks Up

[Thorin]

I came in to work this morning to find my manager stuck with a laptop that is locking up and not booting three out of four tries.  Fun.  So now I'm running hardware tests and will be running virus scans if the hardware is fin.  Remember my thread about what antivirus to recommend at work?  Yeah, they "haven't decided yet".  I'm biting my tongue, trying not to say, "I told you so", until I actually find a virus.

Anyway, looking online for possible troubleshooting guides for the problems this laptop is experiencing, I came across this rather well-written checklist: http://ask-leo.com/my_computer_locks_up_and_wont_boot_what_do_i_do.html.

The cool part is the guy wrote it backwards, starting at a successfully booting Windows and working backwards to a completely dead machine.  It reminded me how quick most IT guys are to dive into checking the hardware, before checking just how far the computer is getting.

[Tom]

I came in to work this morning to find my manager stuck with a laptop that is locking up and not booting three out of four tries.  Fun.  So now I'm running hardware tests and will be running virus scans if the hardware is fin.  Remember my thread about what antivirus to recommend at work?  Yeah, they "haven't decided yet".  I'm biting my tongue, trying not to say, "I told you so", until I actually find a virus.

Anyway, looking online for possible troubleshooting guides for the problems this laptop is experiencing, I came across this rather well-written checklist: http://ask-leo.com/my_computer_locks_up_and_wont_boot_what_do_i_do.html.

The cool part is the guy wrote it backwards, starting at a successfully booting Windows and working backwards to a completely dead machine.  It reminded me how quick most IT guys are to dive into checking the hardware, before checking just how far the computer is getting.

I'm probably guilty of that sometimes.. But most times I only start looking into hardware first off if its not even making it into the OS, or if it is, and locks up with obvious HW errors (IRQ_NOT_LESS_OR_EQUAL or what have you, and memory errors). In fact I've had to scold myself several times for not even thinking to look at the hardware, and spending too much time trying to figure out what is wrong with a perfectly good OS and software install.

[Thorin]

So I told my manager, "Told you so".  He's got 39 reported infections so far, although a bunch of them are copies of a handful of trojans.

Yeah, so I started off thinking the hardware was bad, when it turns out it's really just a simple THEY DON'T USE ANTIVIRUS PROGRAMS.

The particular trojan that sticks out as probably having started it is Katusha, found mostly in his internet temp folder.  So it was a drive-by.  They've already spent more on my hours today for trying to fix this than a three-year subscription to AVIRA would've cost.

Ever hear the expression, "Penny-wise, but pound-foolish"?

[Lazybones]

FYI I noticed that the Kasparsky sold retail in futureshop has a licence for 3 PCs, not just one....

Any one of the previous recommended AV solutions would be a good idea.... Do you guys take software to clients ? Wouldn't that be great to show up with infected media!

[Mr. Analog]

That's nuts Thorin, makes me wonder what they're using that laptop for as well

[Tom]

That's nuts Thorin, makes me wonder what they're using that laptop for as well

If the patches aren't kept up on, its likely the computer was automatically infected the moment it connected to the lan, and or the internet.

I once accidentally started up a XP SP3 install (sans firewall) and WHAMO, instant infection. And by instant, I mean within seconds, to maybe a couple minutes (close enough to instant to qualify for me).

[Mr. Analog]

Oh yeah, direct connection to the net will get an XP machine hit within minutes (if not seconds) though for the variety of uglies it sounds like were on this PC I'd wager there was more than a bit of crapola downloadin' from less than trustworthy sites.

[Thorin]

Dunno about the patching, I'm still trying to remove the rootkit and the trojans and the worms and the spyware and the exploit code that was found on it.

Yeah, Lazy, that particular laptop is a manager's laptop so it doesn't normally see software for clients.  But still...

Wanna know the latest?  My ESET firewall has been recording ARP Cache Poisoning Attacks emanating from one of the workstations.  Basically, that means that someone has gotten through to our LAN and is now able to record all network traffic, plus they'll be able to remotely control the machine at will!  Woohoo! Maybe it's just a false positive.

I feel like just disconnecting the network cable from my workstation and buying a Rogers mobile internet stick...

Oh, and I'm a developer not the network admin.  Why am I the one discovering all this?!

[Lazybones]

Oh, and I'm a developer not the network admin.  Why am I the one discovering all this?!

Can you count the staff in your office using your fingers and toes? Thats why... I worked for two employers in were there were only a hand full of staff.. I started out as a developer and migrated over into the being a jack of all trades.. I eventually migrated all the way over to network support.

[Mr. Analog]

Ick, the story just keeps getting better doesn't it?

Hopefully you're happy doing this (it sounds like you are to me heh).

[Thorin]

No, I'm not particularly happy doing this work.  In my office I can count the employees on my hands, but the company has one- and two-person offices spread around North America.  One of those offices is a couple of networky-types that build custom ruggedized touchscreen devices for us.  It's supposed to be their job, but they're clearly not interested in checking our LAN.

[Mr. Analog]

If it isn't your job and you hate doing it...

I think you secretly like doing it

[Thorin]

Knowing that something needs to be done because no one else is doing it and actually liking doing it are two different things.

For instance, I absolutely despise digging rotten food out of the sink, but if I don't dig it out, that food'll just stay there and stink up the house.  I didn't put it there, and I'm constantly telling people not to put their dirty dishes in the sink, but they don't listen and it ends up there.  So I have a choice - live with the stink of rotten food permeating the house, or clean up other people's mess.

No, it's not my job, but the people who should be cleaning up the network are not doing their job.  And I don't want the delivery of infected software stinking up my reputation as a developer.

[Mr. Analog]

You've talked to them I take it?? Does Martin know what's going down? Does it get in the way of your actual tasks?

It just seems stupid and unfair actually.

[Thorin]

You've talked to them I take it?? Does Martin know what's going down? Does it get in the way of your actual tasks?

You know me, I'm good at making noise.  Yes, I've been telling them since I started that they need to run proper, licensed, paid-for antivirus software.  Ever since the other guy quit (the developer who preferred to work on hardware), I've been making sure to say I'm not going to be the new hardware guy (especially what with me sitting in his old desk).

Martin and Jason both know (Martin being my project manager, Jason being the director of software development) what's going on.

Yes, it's gotten in the way of my actual tasks.

An' yeah, as much as I don't want to do this, I know it needs to be done at the moment, and I really really don't like the idea of us delivering software that could have various infections pre-loaded in it.  Thats the kind of thing I would leave a company for.