Bitdefender Ransomware Recognition Tool

显示全部楼层 · 发表于 2017-9-27 04:45:38

Bitdefender Ransomware Recognition Tool is a new program for Windows by security company Bitdefender to identify ransomware.

One of the things that can be quite difficult when a system has been hit with a successful ransomware attack is the identification of the ransomware itself.

Identifying the ransomware is the first step in finding out more about it. It may tell you if there is a way to decrypt the data that the ransomware encrypted for free for instance.

Bitdefender's newest tool for Windows may identify ransomware for you. It is a simple program that does not need to be installed. All it takes is to run the program, accept the license, and use it to identify the ransomware.

Note: Bitdefender makes no mention of compatibility. The program ran fine on a Windows 10 Pro device. The program requires an active Internet connection according to Bitdefender.

This works by either adding the path to the ransom note, or a path to a folder that has encrypted files in it. It is necessary to add a path to one field in the program interface to continue to the next step.

You may hit the scan button after you have added a path to the program. If you have just filled out a path to encrypted files, you will receive a notification that doing so may decrease the detection accuracy.

The content of the ransom note is submitted to Bitdefender's cloud; files on the other hand are not submitted, as Bitdefender Ransomware Recognition Tool analyzes names and extensions only.

The application displays its findings afterwards. If it cannot identify the ransomware, it will tell you so. It may happen that it found multiple hits. If that is the case, it will display all hits sorted by relevancy.

The program links to decryptor programs if they are available for the ransomware in question.

Another interesting feature of Bitdefender Ransomware Recognition Tool is that admins can run it on multiple computers from the command line.

The following two parameters are available:
-note:RANSOM_NOTE_LOCATION;
-test:ENCRYPTED_FILES_LOCATION;

The program accepts absolute paths only, and requires that you add the ";" char in the end.
via ghacks.net

https://labs.bitdefender.com/2017/09/bitdefender-ransomware-recognition-tool/

显示全部楼层 · 发表于 2017-9-27 08:39:30

新玩具

显示全部楼层 · 发表于 2017-9-27 09:26:09

勒索软件识别工具

[资讯] Bitdefender Ransomware Recognition Tool