Posted on 2014-10-18
Help.... logged in to our SBS2011 server today. We have an application that uses a SQL DB. It couldn't open the DB. When looking in the folder that holds the DB files, it looks like we've been hit by CryptoWall. The text file matches all the other one found that contain instructions how to "pay" to get the key to decrypt the files. We run SEP 12 RU1 on the server, so I'm really surprised this made it thru. Anyway, I'm running MalwareBytes now, and we're up to 77 detected objects. Where do we go from here ?