PROTEIN – PROTEct your INformation
.SYNOPSIS
+ PROTEIN captures the action of creation new files, analyzing them and determining whether they are valid or not for the corporation.
+ PROTEIN Identifies known files (whitelist), potential threats (blacklist) likewise unknown files for further processing.
+ PROTEIN logs every creation action on files on your server.
+ Possibility to email alerts to an administrator when a new ransomware is detected.
+ PROTEIN alerts, via messagebox on the user’s computer, when a new ransomware is detected.
+ PROTEIN disables domain’s user affected by the ransomware, preventing the access to the repository by the ransomware or other critical system objects.
+ PROTEIN disables the NIC on the user’s computer affected by the ransomware, to block the access to the network.
Powershell Anti-Ransomware
.REQUIREMENTS
– Run this script as an administrator to control computers and domain users remotely.
Parameter:
.PARAMETER --install
Set the path to folder to monitor, path and filename for storage logs and email of the adminsitrator to alert of a risk.
IMPORTANT!!! Anti_malware_config folder MUST BE in c:\ on your File Server
.PARAMETER --monitor
Start monitoring the Folders... Start the Game!!!
.PARAMETER --configure
Re-configure path of folders to monitor and storage the logs, email address..
.PARAMETER --path
Echo by console the configuration files for checking purposing.
.PARAMETER --logs
Echo by console the log file.Download: Protein.zip
Source: https://github.com/c0p3rnic0