?
Solved

Malware Virus?

Posted on 2014-10-23
9
Medium Priority
?
165 Views
Last Modified: 2014-11-04
Has anyone seen this before. As soon as we logged on to the domain this popped up we immediately unplugged it from the networkCan someone let me know if they have seen this before?
0
Comment
Question by:medx
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +1
9 Comments
 
LVL 13

Accepted Solution

by:
Rizzle earned 1332 total points
ID: 40400330
I've not seen that particular message before, but download and run Malwarebytes ASAP to see if the machine is infact infected.

Also can you logon to the machine as local admin and see what programs have been installed?
0
 
LVL 26

Assisted Solution

by:Fred Marshall
Fred Marshall earned 668 total points
ID: 40400369
You could run ProcMon and use the dragged sensor placed over this dialog to see which program is running it.  And, go from there.
0
 
LVL 13

Assisted Solution

by:Rizzle
Rizzle earned 1332 total points
ID: 40400417
Also check the processes in Task Manager to see if there is a process using a high amount of resource, also look for a process which is named weirdly.

Also check MSCONFIG to see if there are any weird apps set to start up with Windows.
0
Does Your Cloud Backup Use Blockchain Technology?

Blockchain technology has already revolutionized finance thanks to Bitcoin. Now it's disrupting other areas, including the realm of data protection. Learn how blockchain is now being used to authenticate backup files and keep them safe from hackers.

 
LVL 9

Expert Comment

by:Lieven Embrechts
ID: 40400442
tsinghua is a chinese university.
log in with the local admin  and continue from there:
- have a look what was last installed
- run mbam (transferred by usb stick)
0
 

Assisted Solution

by:medx
medx earned 0 total points
ID: 40400474
Looks like this could be crypto wall? We have redirected my documents. When we logged in to the domain under this user is when this popped up. It must be in his profile. Hopefully we caught this in time. We are going to delete his profile and recreate. Any ideas were not seeing any encrypted files yet. I had a doctor from China cypher this for usIMG-1625.PNG
0
 
LVL 13

Expert Comment

by:Rizzle
ID: 40400480
Run Malwarebytes as it could be a virus (poorly written), as a precaution you could re-install Windows on the machine.
0
 

Author Comment

by:medx
ID: 40406399
Just to let everyone know I sent off the Chinese JPG to Viper Support. The concluded it was reminisce of the unencrypting  tool we purchased from it looks like the Chinese. Thanks for everyone's help.
0
 
LVL 9

Expert Comment

by:Lieven Embrechts
ID: 40406588
thanks for turning us into chinese translators ;-)
0
 

Author Closing Comment

by:medx
ID: 40421155
Because it was none of the above. It was left over from the encryption software
0

Featured Post

How Blockchain Is Impacting Every Industry

Blockchain expert Alex Tapscott talks to Acronis VP Frank Jablonski about this revolutionary technology and how it's making inroads into other industries and facets of everyday life.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, you will read about the trends across the human resources departments for the upcoming year. Some of them include improving employee experience, adopting new technologies, using HR software to its full extent, and integrating artifi…
Ever wonder what it's like to get hit by ransomware? "Tom" gives you all the dirty details first-hand – and conveys the hard lessons his company learned in the aftermath.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question