New Member

I am sorry if I have posted in the wrong forum...

I have stumbled upon a problem. I have not found a source executable but have alot of encrypted files. The encrypted files has an email appended to the filename. I have found the source user because his user folder has encrypted files. But I can't find any ransom instructions!

Files encrypted has the following file extensions txt, xls, pdf, sql, jpg, mp3, wmv, doc, ppt, gho, xlsm, zip, spf, avi, rar, sldprt, mdb, iso, xml, pdb, rtf (probably more).

What kind of malware could this be?
  • Like
Reactions: Spawn


Level 61
@Palanca : Any malware that can be related to Cryptolocker or others cause the number one main attack landscape is by encrypted the common file extensions.
  • Like
Reactions: LabZero


Hello, presumably it could be a ransomware.
Maybe you don't find the .exe file because it may have been removed by the antivirus but it is only a hypothesis, not knowing the facts.
Unfortunately there is no guarantee that you will be able to recover the files.
The only prevention is the backup plan.
  • Like
Reactions: frogboy