Detect Crypto-X (Ransomware)
Checks various registry entries for indicators of a Crypto infection. Also, generates a “honeypot” document, If the document becomes encrypted the script will alarm as well.. Able to report with $CryptoAudit$, $CryptoYES$.
Acknowledgments: Many thanks to MarcR, MattK from Kaseya Community for inspiration as posted on http://community.kaseya.com/resources/m/knowexch/86518.aspx#pi5230=2
This script is provided “AS-IS”. Please make sure that you test this script in a controlled environment before deploying to a production environment. Please let us know if you run into any problems.
This script is considered derivative work and is free to download.