Service Request Ticket - # 42437

Service Request Ticket - # 42437

Jump to:

Preferences

Directory Lookup

Service Request Information

CONTACT	Name	Perfect, Scott	Date	Apr 20, 2011 03:16 PM
	Department	Student Health & Counseling Center	Phone	88313
	Location		Email	perfecs@wou.edu

SR INFO	Type		WOU #
	Priority		Equipment Type
	Status		Flagged
	Description	characters left

Computer	Edit WOU #	20080887 (opens in a new window)	Bldg/Room	ITC 013
	Service Tag	50ZTLJ1	Description	Dell OptiPlex 755 3.0GHz, 6M, VT, 1333MHz FSB
	Serial No.	50ZTLJ1	Location	ITC Hallway (was Scott Perfect, HC)
	CPU	Intel Core 2 Duo E8400(3.0GHz, 6M, VT,1333MHz FSB)
	OS	Unknown	Software	Windows Vista Business downgraded to WIN XP PRO, Microsoft Office Pro Plus 2007 from P0069819 downgrade to Office Pro 2003
	Wired NIC	00:21:70:59:71:61

TECHS	Submitted by	Jackie Digmann	Contact	jdigmann07@wou.edu	88925
	Primary Technician		Contact	bberkley@wou.edu	88955

Tracking

Entered by	Date	Memo
Brian Berkley			Email Public
Entered by	Date	Memo
Brian Berkley	Apr 22, 2011 01:18 PM	Task reassigned to Brian Berkley.	Add Attachment
Brian Berkley	Apr 22, 2011 01:18 PM	Status changed from (1) Pending to (5) Completed	Add Attachment
Brian Berkley	Apr 22, 2011 01:18 PM	system is clean	Add Attachment
Brian Berkley	Apr 21, 2011 11:52 AM	Priority changed from (3) Priority to (1) Highest Priority.	Add Attachment
Brian Berkley	Apr 21, 2011 11:52 AM	User: NT AUTHORITY\SYSTEM Scan: 9PM Scan Machine: HC80887PERFECS Process "C:\Documents and Settings\perfecs\Local Settings\Application Data\hag.exe:pid:000018d4:file" belongs to virus/spyware 'Troj/FakeAV-DJJ'. File "C:\Documents and Settings\perfecs\Local Settings\Application Data\hag.exe" belongs to virus/spyware 'Troj/FakeAV-DJJ'. Virus/spyware 'Troj/FakeAV-DJJ' has been removed. File "C:\WINDOWS\system32\lo5na.dll" belongs to virus/spyware 'Troj/FakeAV-DJI'. Registry key "HKCR\*\shellex\ContextMenuHandlers\Offline Files" belongs to virus/spyware 'Troj/FakeAV-DJI'. Registry value "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{750fdf0e-2a26-11d1-a3ea-080036587f03}" belongs to virus/spyware 'Troj/FakeAV-DJI'. Registry key "HKCR\CLSID\{750fdf0e-2a26-11d1-a3ea-080036587f03}" belongs to virus/spyware 'Troj/FakeAV-DJI'. Registry key "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Offline Files" belongs to virus/spyware 'Troj/FakeAV-DJI'. File "C:\Documents and Settings\perfecs\Application Data\Sun\Java\Deployment\cache\6.0\10\5ffb718a-28640e58" belongs to virus/spyware 'Troj/FakeAV-DJJ'. Virus/spyware 'Troj/FakeAV-DJJ' has been removed. Virus/spyware 'Troj/FakeAV-DJI' has been removed.	Add Attachment
Jackie Digmann	Apr 20, 2011 03:18 PM	Contact at 88396, that is the number for the counseling center and they can xfer him. This started happening about 30 minutes ago. He tried closing all of his web browsers when this happened and reopened them and it all popped up again. He ran an IE security scanner and it said it doing viruses.	Add Attachment
Jackie Digmann	Apr 20, 2011 03:16 PM	He called to say there is a virus on his computer. The computer number is 20080887. It is telling him there is a system security alert, and sophos is telling him there is a malware detection found.	Add Attachment