Service Request Ticket - # 33065

Service Request Information

CONTACT Name Thomas, Daryl   View open tasks   View tasks from last 30 days   Schedule Change Contact Date Jul 23, 2009 11:56 AM
Department Health & Exercise Science Phone 88915
Location Email thomasda@wou.edu Request for more information Send 'Keeping in touch' email Send 'I'm thinking of you' email
SR INFO Type WOU #
Priority Equipment Type
Status Flagged
Description
Computer Edit WOU # 20040569[Edit Inv] (opens in a new window) Bldg/Room OFF
Service Tag Description OptiPlex GX280 SFF, Pentium 4 Processor 540
Serial No. f17sk61 Location PDR

CPU Pentium 4-3.2GHz


OS Unknown Software MS Office Pro 2003 from P0050950

Wired NIC 00:11:43:B1:3E:DC

TECHS Submitted by Octavio Cervantes Contact ocervantes06@wou.edu 88925
Primary Technician Contact jcolton08@wou.edu 88925

Tracking

Entered by Date Memo
Jordan Colton
Email

Public
Entered by Date Memo
Jordan Colton Jul 23, 2009 01:50 PM 
Task reassigned to Jordan Colton.
 Add Attachment
Jordan Colton Jul 23, 2009 01:50 PM 
Status changed from (1) Pending to (5) Completed
 Add Attachment
Jordan Colton Jul 23, 2009 01:50 PM 
I ran malwarebytes and cleaned out 26 objects. I
also ran hijack this and cleaned out some entries
and ran ccleaner and cleaned up her startup
programs. I installed firefox and imported all of
her settings from ie to it. Computer is clean now.
 Add Attachment
Brian Berkley Jul 23, 2009 01:43 PM 
ld12.exe was a new threat and is now detected as
Mal/Encpk-JB. The cleanup routine has been updated.

The IDE to detect this new threat will be released
in the next hourly IDE update.

The following threats were already detected with
the latest version of Sophos Anti-Virus and the
latest IDE definitions:

pp10.exe - W32/Koobfa-Gen
wisdstr.exe - Mal/EncPk-IV
braviax.exe - Mal/EncPk-IV
 Add Attachment
Brian Berkley Jul 23, 2009 12:05 PM 
6 a/v emails, and I uploaded samples to Sophos
 Add Attachment
Octavio Cervantes Jul 23, 2009 11:56 AM 
She was online, she said she was going through
unusual websites, when a message poped up saying
that her computer is infected with a virus, also,
her sophos shield turned her computer off, but was
able to log back in and everything working fine
for now. Also, sophos message read " exhibiting
suspicious activity"
 Add Attachment