Hello fellow Spiceheads. I’d just like to relate a little story to you in case it may help you out in the future.
We’ve just been hit with the Cryptowall virus/malware/nasty bug/whatever. This nasty is similar to Cryptolock in that it systematically goes through the folders and files on all drives of a PC including mapped drives and encrypts the user files so they can no longer be read. Opened yes, but due to the encryption, the associated application thinks the file is corrupt.
Luckily an astute colleague noticed its actions whilst it was busy encrypting our Z: drive (the file server). I immediately disconnected all PCs from the network by pulling the NW cables out, not knowing which machine was the culprit. This halted the encryption process on the server. Looking on the file server I noticed 3 files in each folder named...