I have a small problem: on november 19 a lot of files became encrypted and renamed with the following text: id123456789_emaIl1_key@firstname.lastname@example.org
The filename stays the same but the last section referring to the e-mail addresses is added and the type of file is changed to exe format.
So far unable to find the pc which is causing the problem, I used 4 AV's so far: Mcafee, Symatec, Kaspersky and Antimalwarebytes.
At this very moment I was only able to find something about this on a german and danish website but no solution.
Does anyone have a clue what this is?
The files are encrypted and changed to an EXE.
What I did:
Scan the registry for any changes on a certain date: nothing;
Scanning the files which computer/user changed a large amount of data on the network drive: nothing;
Checking all the pcs: nothing to be found, it appears this one only has a go on network drives;
November 20: no files were encrypted that day, I scanned the entire network share for changes that day 3 times!
So I am at the end of my search, help...