Oops?!? What do you mean 'Oops'!?!
Nothing good comes after 'Oops'! On the DC Server. On Fri, Jun 12, 2015 at 1:31 PM, David McSpadden <[email protected]> wrote: > Was the popup on your laptop of the DC. > > CRYPTO attacked each mapped drive on the infected device. > > If it was the DC. That is not good. > > If it was the laptop, still not good but just wipe and restore. > > > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *D R > *Sent:* Friday, June 12, 2015 2:26 PM > *To:* ntsysadm > *Subject:* [NTSysADM] OT(perhaps) But need direction > > > > I am currently onsite working with the IT Admin about a new online > ticketing system. > > > > Around 12:45pm, I was logged in to the Primary DC via a remote desktop > connection from a company provided laptop, wasn't doing a thing, > (seriously, I didn't have anything open, had just logged into the server, > and I see a window pop-up that looked like a CMD/DOS window, and on the > title of that window, in capital letters, it read CRYPTOWALL HAS TAKEN > OVER, and then it looks like File Manager screens start popping up and the > server starts running to a crawl. > > > > I have dealt with this Cryptowall Virus before And the only resolution was > to reinstall Windows Server and restore from backup. > > > > Is this still the 'fix' for this issue? Or is there something else that > can be done. > > > > Not in the position to try anything. Just need to know where to go from > here so we can help them with this issue. > > > > -- > > Daniel Rodriguez > [email protected] > > This e-mail and any files transmitted with it are property of Indiana > Members Credit Union, are confidential, and are intended solely for the use > of the individual or entity to whom this e-mail is addressed. If you are > not one of the named recipient(s) or otherwise have reason to believe that > you have received this message in error, please notify the sender and > delete this message immediately from your computer. Any other use, > retention, dissemination, forwarding, printing, or copying of this email is > strictly prohibited. > > Please consider the environment before printing this email. > -- Daniel Rodriguez [email protected]
