This Afternoon Is: Administrative
Posted by James Wesson
Much in the way of answering emails and answering questions and prepping a laptop order to go out.
There is also a request for setting up someone to login to a workstation. Very rudimentary tasks this afternoon.
This morning's network adapter workstation was returned to its client's office, reconnected to the network port and seemed to be working. I checked in after a couple of hours and found that it was still online, so it may have simply been a one off corrupted driver issue. If it turns out to be a hardware issue at a later date then it can be reported and resolved at that time. In most places, ticketing systems would be tied to asset management and client relations software, but our current setup does not tie in asset management to service desk ticking or customer relations. This causes a bit of disconnect about what work was done on the hardware, unfortunately, since the only place the work is tracked is in the service desk ticket and it is not related to the device itself in any way. That is on track for being change in the near future, however, which is good news.
At least an hour of my day has been spent composing email replies to clients explaining that clients reporting a virus attached to their newsletter they email out may simply be reporting the results from antivirus software set to the highest level of scrutiny and that instead of a virus that what is being reported by the software is the potentialfor something malicious. The only information provided to me directly from antivirus software straight up indicates that to be the case:
"Trend Micro AntiVirus has detected an email that may contain malicious contents and attached it to this new mail as a text file. If you need to read the original mail message, we recommend you open it as a text file. To prevent infection, do not save the original mail as a mail file."
This is clear to me as a technician that the email is being filtered by TrendMicro based on its criteria for potential problems and not that the email actually contained a virus. The few sample communications I have received provide no specific information as to a specific virus. While it is best to be charitable about what people are reporting, it must be weighed against finding out exactly what is really going on. After more than ten years of supporting desktop support clients of varying levels of knowledge, it is important to take knowledge level into account when reviewing communications. Reports of viruses from recipients of an HTML newsletter unfortunately are going to face the highest level of scrutiny from me on the information they are reporting to me being accurate. The best I can do is methodically explain to the senders what the likely problems are on the recipients end that are causing the recipients to react with alarm and dismay. In most cases it is not anything genuinely threatening but their antivirus software simply letting them know that something has the potential to be a problem. But antivirus software suffers from the problem of reporting nearly all things in an identical manner so that potential problems of low risk are reported in a similarly alarming manner to genuine problems that are high risk. If you are the client and you see your antivirus software pop up something to you it is unlikely that you are going to read through the entire message. Instead you will notice the notification, scan it for keywords, pick out the ones that matter, and then you will focus on the most important ones: "malicious" and "virus" not "may" and "potentially".