This free Management Pack for System Center Operations Manager allows you to detect CryptoLocker virus from all Windows Server with File Server role enabled into share folders. The project is open and everyone can improve the MP. For more information you send a feedback from our web page: www.insidetechnologies.eu.
Read More...
How Works
If your File Server has a file with a potential risk extension, the automatic recovery task will stop three important services of File Server to avoid the total loss of data.
Server: this service manages File & Printing Sharing role. This service will be stopped to block files encryption.
DFS: this service manages DFS Namespace. This service will be stopped to because there’s dependencies with Server service.
DFSR: this service manage replica between servers. This service will be stopped to avoid the replica of bad files.
What Kind of Extension?
The extension under monitor are: .cryptolocker, .encrypted, .ecc, .ezz, .exx, .zzz, .xyz, .aaa, .abc, .ccc, .vvv, .xxx, .ttt, .micro, .locked, .crypto,_crypt, .crinf, .r5a, .xrnt, .xtbl, .crypt, .r16m01d05, .pzdc, .good, .lol!, .omg! .rdm, .rrk, .encryptedrsa, .crjoker, .enciphered, .lechiffre, .keybtc@inbox_com, .0x0, .bleep, .1999, .vault, .ha3, .toxcrypt, .magic, .supercrypt, .ctbl, .ctb2.
These are the most important format. For your information there are many others type of virus that use random extension, this means that is not possible detect all the critical extensions.
Home