Solved

Malware Virus?

Posted on 2014-10-23
9
136 Views
Last Modified: 2014-11-04
Has anyone seen this before. As soon as we logged on to the domain this popped up we immediately unplugged it from the networkCan someone let me know if they have seen this before?
0
Comment
Question by:medx
  • 3
  • 3
  • 2
  • +1
9 Comments
 
LVL 13

Accepted Solution

by:
Rizzle earned 333 total points
ID: 40400330
I've not seen that particular message before, but download and run Malwarebytes ASAP to see if the machine is infact infected.

Also can you logon to the machine as local admin and see what programs have been installed?
0
 
LVL 25

Assisted Solution

by:Fred Marshall
Fred Marshall earned 167 total points
ID: 40400369
You could run ProcMon and use the dragged sensor placed over this dialog to see which program is running it.  And, go from there.
0
 
LVL 13

Assisted Solution

by:Rizzle
Rizzle earned 333 total points
ID: 40400417
Also check the processes in Task Manager to see if there is a process using a high amount of resource, also look for a process which is named weirdly.

Also check MSCONFIG to see if there are any weird apps set to start up with Windows.
0
The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

 
LVL 9

Expert Comment

by:Lieven Embrechts
ID: 40400442
tsinghua is a chinese university.
log in with the local admin  and continue from there:
- have a look what was last installed
- run mbam (transferred by usb stick)
0
 

Assisted Solution

by:medx
medx earned 0 total points
ID: 40400474
Looks like this could be crypto wall? We have redirected my documents. When we logged in to the domain under this user is when this popped up. It must be in his profile. Hopefully we caught this in time. We are going to delete his profile and recreate. Any ideas were not seeing any encrypted files yet. I had a doctor from China cypher this for usIMG-1625.PNG
0
 
LVL 13

Expert Comment

by:Rizzle
ID: 40400480
Run Malwarebytes as it could be a virus (poorly written), as a precaution you could re-install Windows on the machine.
0
 

Author Comment

by:medx
ID: 40406399
Just to let everyone know I sent off the Chinese JPG to Viper Support. The concluded it was reminisce of the unencrypting  tool we purchased from it looks like the Chinese. Thanks for everyone's help.
0
 
LVL 9

Expert Comment

by:Lieven Embrechts
ID: 40406588
thanks for turning us into chinese translators ;-)
0
 

Author Closing Comment

by:medx
ID: 40421155
Because it was none of the above. It was left over from the encryption software
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Updating clients Trend Micro (OfficeScan) Console 5 91
Magic Software info 18 132
Event log and black screen 22 44
I suddenly cannot write to C drive 20 74
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
Healthcare organizations in the United States must adhere to the guidance of both the HIPAA (Health Insurance Portability and Accountability Act) and HITECH (Health Information Technology for Economic and Clinical Health Act) for securing and protec…
Viewers will learn how to use the Hootsuite Dashboard.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question