Service Request Ticket - # 36282

Service Request Information

CONTACT Name Lambert, Paul   View open tasks   View tasks from last 30 days   Schedule Change Contact Date Feb 09, 2010 08:38 AM
Department University Computing Solutions Phone 88003
Location Email lambertp@wou.edu Request for more information Send 'Keeping in touch' email Send 'I'm thinking of you' email
SR INFO Type WOU #
Priority Equipment Type
Status Flagged
Description
Computer Edit WOU # 20070527[Edit Inv] (opens in a new window) Bldg/Room OFF
Service Tag Description Dell OptiPlex 745 2.13GHz, 2M, 1066FSB
Serial No. F19L5F1 Location PDR

CPU Intel Core 2 Duo E6400(2.13GHz, 2M, 1066MHz FSB)


OS Unknown Software MS Win Xp Pro installed, MS Office Pro 2007 from P00 installed as Office Pro 2003

Wired NIC 00:1A:A0:75:97:B9

TECHS Submitted by Paul Lambert Contact lambertp@wou.edu 88003
Primary Technician Contact jcolton08@wou.edu 88925

Tracking

Entered by Date Memo
Jordan Colton
Email

Public
Entered by Date Memo
Jordan Colton Feb 22, 2010 04:21 PM 
Status changed from (1) Pending to (5) Completed
 Add Attachment
Jordan Colton Feb 22, 2010 04:21 PM 
I tested the memory (everything checked out 100%
ok), and installed spybot and set it to
automatically update and auto immunize. I think
the problem is when she puts the Desktop into
standby, sometimes it causes an issue with a
driver file. It bluescreens sometimes with the
0x0000000a error, which is a driver file
incorrectly addressed in memory. When i left it
wasnt having any problems at all.
 Add Attachment
Jordan Colton Feb 18, 2010 10:12 AM 
****This is an email****
I am not at my desk all day today and in and out
with meetings tomorrow. If you don't need me to be
there, then anytime is fine. Otherwise Monday
would work. Thanks!
Hilary
 Add Attachment
Jordan Colton Feb 18, 2010 08:32 AM 
****This is an email****
Hey this is Jordan with the UCS. I was just
wondering when a good time for someone to come and
take a look at your computer would be?

-- 
Thank you,
   ~Jordan
 Add Attachment
Casey Sonflieth Feb 11, 2010 08:43 AM 
She called back saying that someone came over
there and helped her out with it, but it is still
freezing up and doing the same things.
i re-opened the task.
 Add Attachment
Casey Sonflieth Feb 11, 2010 08:42 AM 
Status changed from (5) Completed to (1) Pending
 Add Attachment
Jordan Colton Feb 09, 2010 04:41 PM 
Status changed from (1) Pending to (5) Completed
 Add Attachment
Jordan Colton Feb 09, 2010 03:08 PM 
Task reassigned to Jordan Colton.
 Add Attachment
Jordan Colton Feb 09, 2010 03:08 PM 
I ran superantispyware and Malwarebytes and they
both picked up a few things. The Sophos messages
are not showing up anymore and the computer seems
to be running good.
 Add Attachment
Brian Berkley Feb 09, 2010 02:22 PM 
OHSU School of Nursing, Hilary Holman-Kidd is the
end user.
 Add Attachment
Brian Berkley Feb 09, 2010 11:14 AM 
MNB70527HOLMANK
 Add Attachment
Paul Lambert Feb 09, 2010 08:38 AM 
****This is an email****
What follows is the NERO Daily Abuse Report. 
Timestamps are GMT.  Please investigate the
host(s) mentioned below and follow up to
abuse@nero.net.

NERO Network Abuse
abuse@nero.net
541.346.6376


=======================
Start of report: "BOTS"

A 'bot' is a hostile program, running in the
background, that allows an attacker to control the
infected host.
There are a number of different types of bots,
including, but not limited to, Korgo, Spybot, and
Optix.  The information in this report is based on
the logs of proxy detectors within several IRC
networks.  When available, the TCP source port
used by the malware to connect to the IRC server
is provided.

------------------------------------------------------------------------------------------------
       IP Address |        Time last seen |      
     Type | Add. info
------------------------------------------------------------------------------------------------
   140.211.78.172 |  2010-Feb-08 15:34:56 |      
     BOTS |  srcport 63189 mwtype Torpig
   140.211.78.172 |  2010-Feb-08 17:25:50 |      
     BOTS |  srcport 28517 mwtype Torpig
   140.211.78.172 |  2010-Feb-08 18:21:19 |      
     BOTS |  srcport 58148 mwtype Torpig
   140.211.78.172 |  2010-Feb-08 18:51:37 |      
     BOTS |  srcport 20196 mwtype Torpig
   140.211.78.172 |  2010-Feb-08 19:58:54 |      
     BOTS |  srcport 23076 mwtype Torpig
   140.211.78.172 |  2010-Feb-08 22:15:38 |      
     BOTS |  srcport 29044 mwtype Torpig
------------------------------------------------------------------------------------------------
 Add Attachment