Service Request Ticket - # 76581

Service Request Information

CONTACT Name Morse, Scot   View open tasks   View tasks from last 30 days   Schedule Change Contact Date Nov 02, 2020 10:49 AM
Department Computer Science Division Phone 88921
Location Email morses@wou.edu Request for more information Send 'Keeping in touch' email Send 'I'm thinking of you' email
SR INFO Type WOU #
Priority Equipment Type
Status Flagged
Description
Laptop Edit WOU # 20171236[Edit Inv] (opens in a new window) Bldg/Room ITC 310C
Service Tag Description Apple MacBook Pro 15in 2.8GHzQuad i7, SpcGry #MPTR
Serial No. C02WT06XHTD5 Location Scot Morse, Professor, MIS Program Coordinator

CPU Intel Core i7(2.8GHz quad, 6MB L3 cache)


OS MAC OS X 10.13 (High Sierra) Software MSDesktopEdOffice201*MAC XXXX2017006552;

Wireless NIC 88:E9:FE:72:AC:17


Bluetooth NIC 88:E9:FE:6C:EC:C4

TECHS Submitted by Stephanie Magee Contact smagee15@wou.edu 88925
Primary Technician Contact ellism@wou.edu 88629

Tracking

Entered by Date Memo
Michael Ellis
Email

Public
Entered by Date Memo
Michael Ellis Nov 04, 2020 09:17 AM 
Status changed from (1) Pending to (5) Completed
 Add Attachment
Michael Ellis Nov 04, 2020 09:17 AM 
Emailed user.  Closing call.
 Add Attachment
Megan Thibeault Nov 04, 2020 08:59 AM 
Task reassigned to Michael Ellis.
 Add Attachment
Megan Thibeault Nov 04, 2020 08:59 AM 
This isn't on the machine it's on an external device 
on a backup. He would have to wipe his external 
device and backup.
Add Attachment
Stephanie Magee Nov 02, 2020 10:49 AM 
****This is an email****
Sophos Central Event Details for Western Oregon 
University

What happened: We could not clean up a threat.

Where it happened: W20171236

Path: 
/Volumes/BACKUP_MORS/Backups.backupdb/morses 
MacBook Pro/2017-10-19-160514/Macintosh 
HD/Users/morses/Library/Mail/V4/4B34677D-5D19-
476A-BA02-36B2A1B39AE7/[Gmail].mbox/All 
Mail.mbox/3D295B3C-9AF8-473F-8A7C-
F285C62CD291/Data/4/5/1/Attachments/154218/2/00
00420693.zip

What was detected: Mal/DrodZp-A

User associated with device: W20171236\morses

How severe it is: High

What Sophos has done so far: We attempted to 
clean up (unless the threat is on a Linux 
computer).

What you need to do: In the Sophos Central 
Admin console, go to the Alerts page and find 
the threat alert. Click on the threat name to 
see details and cleanup advice on the Sophos 
website. Then go to the affected computer and 
clean up the threat manually.
 Add Attachment