Restore scenario for encryption trojan?

Recommended Posts


i have several Friends and Famility where i use BTSync to have a backup of their files without requiring them to do anything.

Now if i imagine one of them catches an encryption trojan like Locky...how would i go about restoring them?

i have them all set up with a RO copy with activated Archive.

so i'd expect all files to show up in .sync\Archive\...
but some might have different versions already so i would have to identify the last archived version for each -> the one with the highest *.<Number>.<Extension> or maybe all from a certain Date and Time Range?

i guess sooner or later a BTSync user will be hit and it might be nice if there were some guidance or FAQ for that issue.



Share this post

Link to post
Share on other sites
On 4/29/2016 at 4:57 PM, Ragnar said:

the one with the highest *.<Number>.

yes. each newly added file version (if a file is edited several times on the remote peer) adds a X index. the latest file has the highest index: filename.txt, then filename1.txt, then filename2. txt and so on. Besides you can also check the creation time of the files in Archive - they get the current timestamp. 

Note that Archive keeps files only for 30 days (can be changed), so in 30 days files will start being deleted by first in - first out rule. And files bigger than 1000MB also do not go to archive and this also can be changed. 

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.