If you can find the malicious executable that you suspect was involved in causing the infection, it can be submitted here
with a link to this topic...it's best to zip (compress) all files before sharing. There is a "Link to topic where this file was requested
" box under the Browse button. Doing that will be helpful with analyzing and investigating by our crypto malware experts.
These are some common folder variable
locations malicious executables
- %SystemDrive%\ (C:\)
- %SystemRoot%\ (C:\Windows, %WinDir%\)
Note: Some folders like %AppData% are hidden by the operating system so you may need to configure Windows to show hidden files & folders
Also check the history logs and quarantine folders for your anti-virus and other security scanning tools to see if they found and removed any malware possibly related to the ransomware.