My C Drive AppData\Local\Temp folder suddenly started filling up with 'crypto' extension files like this:
These are copies of some of the largest files in my D drive pictures folder, in this case MVI_6420.MOV
20GB worth of such files were created before I noticed because my system became unstable (it was the last 20GB on my C drive).
In ignorance I used Wise Disk Cleaner in the first instance and it junked the files. But it happened quickly again.
The weird thing is the originals of crypto files are still accessible and there is no ransom note that I can find (.txt or .html - tho maybe was junked). However I only have a record of a minority of which files were duplicated as .crypto that I can check (otherwise I have 17000 pictures and images that I can only do spot checks on, with no idea about what might be missing).
I have Malwarebytes and Eset antivirus enabled, neither of which noticed anything and neither of which show anything in a scan. The smallest example .crypto file I have is too large for ID Ransomware. No new programmes were running that would do this.
What the heck is it?!
I have a Samsung laptop running up to date Windows 7.