RansomwareDetectionService2.0.4.3

Rating: No reviews yet
Downloads: 20
Change Set: 5c646f0e6e09
Released: Apr 22, 2016
Updated: Apr 25, 2016 by pcooper
Dev status: Beta Help Icon

Recommended Download

Application RansomwareDetectionService2.0.4.3.zip
application, 2784K, uploaded Apr 22, 2016 - 20 downloads

Release Notes

Added Command options to Compare (Detect Ransomware). This adds the ability to execute a script if ransomware activity is detected. Changed code to handle reading an open file in read only mode. Updated documentation.

Added an example powershell script StopRansomwareInfectedUserPublic.ps1 to disable a user when run as a command on a home directory.

Added an example powershell script StopRansomwareInfectedComputerPublic.ps1 to disable a computer AD account and shutdown any computers linked to the user when run as a command on a home directory.

Added an example windows batch command StartAllWindowsFileServersAfterRansomwareActivityDetected.cmd to stop all Windows file servers from sharing files after ransomware activity is detected. This script must be modified with all of the File Server Names from your network. This can be used for any detected activity via the Compare tab. This is an extreme action and should be carefully though through before implementating. The main issue is if a single user gets a ransomware then everyone is kicked off of the file servers. The secondary issue is that false positives occur when a user deletes any SourcePath files.

Added tray code to validate the new command fields. Updated documentation in the powershell script.

Fixed Stop File Sharing to stop Dfs service and Computer Browser service if they are running and start them back up based on their startup type when File Sharing is turned back on.

Fixed some public and private naming issues.

Reviews for this release

No reviews yet for this release.