Just a tip: I have a file scan setup to scan user profile directories for .crypt files. I then have a dynamic collection that will populate with any computer that has these files. Then I have a daily auto report that alerts me of any computers show up in this this collection.
Today, PDQ just discovered one laptop with ransomware that Forefront didn't detect.
Please sign in to leave a comment.