I am currently onsite working with the IT Admin about a new online ticketing system.
Around 12:45pm, I was logged in to the Primary DC via a remote desktop connection from a company provided laptop, wasn't doing a thing, (seriously, I didn't have anything open, had just logged into the server, and I see a window pop-up that looked like a CMD/DOS window, and on the title of that window, in capital letters, it read CRYPTOWALL HAS TAKEN OVER, and then it looks like File Manager screens start popping up and the server starts running to a crawl. I have dealt with this Cryptowall Virus before And the only resolution was to reinstall Windows Server and restore from backup. Is this still the 'fix' for this issue? Or is there something else that can be done. Not in the position to try anything. Just need to know where to go from here so we can help them with this issue. -- Daniel Rodriguez [email protected]
