Solved

Malware Virus?

Posted on 2014-10-23
9
141 Views
Last Modified: 2014-11-04
Has anyone seen this before. As soon as we logged on to the domain this popped up we immediately unplugged it from the networkCan someone let me know if they have seen this before?
0
Comment
Question by:medx
  • 3
  • 3
  • 2
  • +1
9 Comments
 
LVL 13

Accepted Solution

by:
Rizzle earned 333 total points
ID: 40400330
I've not seen that particular message before, but download and run Malwarebytes ASAP to see if the machine is infact infected.

Also can you logon to the machine as local admin and see what programs have been installed?
0
 
LVL 26

Assisted Solution

by:Fred Marshall
Fred Marshall earned 167 total points
ID: 40400369
You could run ProcMon and use the dragged sensor placed over this dialog to see which program is running it.  And, go from there.
0
 
LVL 13

Assisted Solution

by:Rizzle
Rizzle earned 333 total points
ID: 40400417
Also check the processes in Task Manager to see if there is a process using a high amount of resource, also look for a process which is named weirdly.

Also check MSCONFIG to see if there are any weird apps set to start up with Windows.
0
Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.

 
LVL 9

Expert Comment

by:Lieven Embrechts
ID: 40400442
tsinghua is a chinese university.
log in with the local admin  and continue from there:
- have a look what was last installed
- run mbam (transferred by usb stick)
0
 

Assisted Solution

by:medx
medx earned 0 total points
ID: 40400474
Looks like this could be crypto wall? We have redirected my documents. When we logged in to the domain under this user is when this popped up. It must be in his profile. Hopefully we caught this in time. We are going to delete his profile and recreate. Any ideas were not seeing any encrypted files yet. I had a doctor from China cypher this for usIMG-1625.PNG
0
 
LVL 13

Expert Comment

by:Rizzle
ID: 40400480
Run Malwarebytes as it could be a virus (poorly written), as a precaution you could re-install Windows on the machine.
0
 

Author Comment

by:medx
ID: 40406399
Just to let everyone know I sent off the Chinese JPG to Viper Support. The concluded it was reminisce of the unencrypting  tool we purchased from it looks like the Chinese. Thanks for everyone's help.
0
 
LVL 9

Expert Comment

by:Lieven Embrechts
ID: 40406588
thanks for turning us into chinese translators ;-)
0
 

Author Closing Comment

by:medx
ID: 40421155
Because it was none of the above. It was left over from the encryption software
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Workplace bullying has increased with the use of email and social media. Retain evidence of this with email archiving to protect your employees.
Skype is a P2P (Peer to Peer) instant messaging and VOIP (Voice over IP) service – as well as a whole lot more.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question