Task reassigned to Dyllan Coons.

Picked up IMac (20130431) from CTL. Will get 
debanded then PDRed.

Priority changed from (3) Priority to (5) Low Priority.

escape room is ended now that seyed has left. thats 
why I said it is going to ctl 

Task reassigned to UCS Tech.

Status changed from (7) Waiting for Contact to (4) On Hold

Task reassigned to UCS Tech.

need to update OS to suppport sophos

**** Email from Seyed to me ****
Sounds good,  Adam! I'll see Tony, then! Thank 
you!

Have a great weekend!

Best,
Seyed

****This is an email****
Hi Seyed, I will be out of the office at noon, 
however I have spoken with my colleague Tony, and 
he has agreed to meet with you at the front 
enterance of Maaske at 1 pm. Does that work for 
you?

**** Email from me to Seyed Shahrokni ****

Hello Seyed,

I hope this message finds you well. We are in the 
process of reviewing open service requests and 
noticed that the case for computer 20130431, last 
located in the escape room at Maaske Hall, is 
still active. It was reported that this computer 
might have bundleware and that Sophos could be 
deactivated.

We are committed to ensuring the security of our 
network and maintaining an accurate inventory. 
Therefore, we would like to investigate this issue 
and take any necessary steps to resolve it.

If the computer is still in the escape room at 
Maaske Hall, could you kindly arrange a convenient 
time for us to access it? Alternatively, you are 
welcome to bring the computer to our service desk 
at University Computing Solutions, located in ITC 
Room 009A.

Your assistance in this matter is greatly 
appreciated as we work towards a swift resolution.

Best regards,
--
Adam Logan

Task reassigned to UCS Tech.

Please contact Academic Inovation and see if this 
computer is still there.  If it is, and Sue Kunda is 
still not using it and it's alright to do so, let's 
go ahead and delete her profile folder like was 
planned. 

INSTRUCTIONS:
Open Finder, click Go on the top menu bar and 
choose Go to Folder. Type /Users in the search bar, 
and delete the kundas folder (which 
stores all their data, and is where the quarantined 
malware is stored). You probably need 
to be logged into the Mac as an admin user in order 
to do this.

Let's also check and see if Sophos is installed, 
because Sopohos is NOT seeing the device anymore. 
It's possible the computer has been turned off for a 
while and maybe is not connected to Ethernet, so it 
hasn't communicated with Sophos and that's why it's 
not showing up.  Make sure the computer is connected 
to the internet and let Jenna know, and she'll try 
looking for it in Sophos again.

Task reassigned to Laurie McCoy.

changing status to pending so this doesn't get lost in the waiting for contact section

Status changed from (1) Pending to (7) Waiting for Contact

Task reassigned to Lauryn Aronson.

It didn't finish because there was so many files.

Since it looks like the user doesn't use it anymore. 
We can delete the user profile

went to check this out. still has an alert but 
couldn't find where it was having issues. tried 
updating. left it scanning. john said to delete 

/Users/kundas/Downloads/Unconfirmed 
481059.crdownload

but it said we didn't have access to it. left it 
scanning. will need to go back and figure this out 
sometime.

****email****

Hi Lauryn,
Good morning! Yes, this iMac is in our office and 
operated by me (Seyed Shahrokni)! Is there 
anything we/I can do? Thanks! 🙂
Best,
Seyed

****email****

Hi, Lauryn.

I'm assuming you're talking about the IMac I had 
from Academic Innovation (I no longer have it so I 
can't check on the number). I returned it to 
Academic Innovation approximately a month ago.

Best,
Sue

****This is an outgoing email****
Hi Sue,

I need some additional information regarding service 
request #77060

Description:  [MEDIUM] Alert for Sophos Central 
[Western Oregon University]: We detected a 
potentially unwanted application

Do you know the location of an iMac with WOU number 
20130431?

Thank you,

Lauryn Aronson
UCS Tech.

Status changed from (1) Pending to (7) Waiting for Contact

This computer is currently at the home of one of the 
Center for Academic Innovation faculty.

****This is an email****
Sophos Central Event Details for Western Oregon 
University

What happened: We detected a potentially 
unwanted application (PUA) on a computer. PUAs 
are not malicious but are often considered 
unsuitable for corporate networks.

Where it happened: w20130431

Path: /Users/kundas/Downloads/Unconfirmed 
481059.crdownload

What was detected: Bundlore

User associated with device: w20130431\kundas

How severe it is: Medium

What Sophos has done so far: We blocked access 
to the PUA.

What you need to do: In the Sophos Central 
Admin console, go to the Alerts page. Select 
the PUA alert. To remove the PUA, click Clean 
up PUA(s). If you want to let it run, click 
Authorize PUA(s). Authorize PUAs will apply to 
all your computers, not just the one in this 
alert.