gateguard
asked on
How to detect ransomware-locked file systems
I regularly back up a lot of computers and what I'm looking for is a way to avoid running the backup (or more importantly, the synchronization program) on computers that have been hit with any of the ransomware variants.
Is there a way to detect that a large number of files on a given computer are encrypted?
Thanks
Is there a way to detect that a large number of files on a given computer are encrypted?
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I wrote a program to detect missing and changed files caused by ransomware.
http://www.questiondriven.com/2016/02/18/beta-testing-for-ransomware-detection-in-file-share/
You can monitor any UNC path or local folder.
http://www.questiondriven.com/2016/02/18/beta-testing-for-ransomware-detection-in-file-share/
You can monitor any UNC path or local folder.
ASKER