Never mind. Just read that it's the way that RansomFree catches ransomware. I found the information I was looking for here:
Installed cybereason RansomFree a few months ago after roommates computer was corrupted & repaired.
Going thru my computer a couple of days ago, I found 2 unknown file folders in Documents named Bfound142 & Hlogs181. There were 6 files inside with different file types.
I checked properties and found they were created that day, a couple hours earlier when I was working out in the yard, so I deleted them.
30 Seconds later, they were back, with different names; Bimages117 & Hscans163. I tried to delete them, but nothing happened. So I used Unlocker to delete them & it did.
Just after that, RansomFree warning window opened warning that Windows Explorer might be trying to encrypt files and process was suspended. It was asking to stop or allow.
I clicked the stop button and RansomFree confirmation window opened stating it had stopped the threat.
30 Seconds later, they were back again, with different names; Bdocuments215 & Hlogs193.
Notice the 1st folder starts with "B" and the 2nd folder starts with "H" and they also end numerically. It happens every time the files are deleted.
RansomFree opens every time the files are deleted, keeping some of the files in their own directory on the desktop.
Here are some of the file names:
client begun aboard commerce.docx
doc matrix senior.pem
So I know ransomware is on my computer somewhere.
Hopefully somebody can help me out with this latest problem.
Thank You in advance for any thoughts or suggestions...ed
Edited by halfdeaded, 20 October 2017 - 01:17 AM.