We help IT Professionals succeed at work.
Get Started

Possible Virus?

511 Views
Last Modified: 2014-05-05
I have a standalone Windows 7 computer that had RDP open.  The source IP was supposed to be restricted, but by mistake it wasn't.  

Anyway, I noticed that an unauthorized user was able to crack the password and log in.  I found an entry in the APP log with the following line.  Is anyone familiar with Pangolin.CracKed.By.Hmily[LCG][DST].exe?  

Fault bucket 3368295517, type 1
Event Name: APPCRASH
Response: Not available
Cab Id: 0

Problem signature:
P1: Pangolin.CracKed.By.Hmily[LCG][DST].exe
P2: 3.2.4.1132
P3: 4d01d91e
P4: kernel32.dll
P5: 6.1.7601.18015
P6: 50b83c89
P7: c0000005
P8: 0001139d
P9:
P10:

Attached files:
C:\Users\Support\AppData\Local\Temp\WER7EFE.tmp.WERInternalMetadata.xml

These files may be available here:
C:\Users\Support\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_Pangolin.CracKed_397a32942c35fcd9426651e7926415a44be5d3_ba49900e

Analysis symbol:
Rechecking for solution: 0
Report Id: 878f7343-bbb2-11e3-8fce-534e57000000
Report Status: 0
Comment
Watch Question
Cloud Architect
Commented:
This problem has been solved!
Unlock 1 Answer and 3 Comments.
See Answer
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE