On Wednesday, March 25, 2015 at 3:43:38 PM UTC-4, Gregg Dotoli wrote: > This basic script will help to find > evidence of CryptoWall on a slave drive. Although it is > just a string, more complex regex patterns can be > replaced with the string. It is incredible how fast Python is and > how easy it has helped in quickly assessing a pool of slave drives. > I'm improving it as we speak. > > > Thanks for your help and patience. I'm new with Python. > > > import os > import re > # From the Root > topdir = "." > > # Regex Pattern > pattern="DECRYPT_I" > regexp=re.compile(pattern) > for dirpath,dirnames, files in os.walk(topdir): > for name in files: > result=regexp.search(name) > print(os.path.join(dirpath,name)) > print (result) > > > > > > Gregg Dotoli
I posted this because I thought it may be of help to others. This does grep through all the files and is very fast because the regex is compiled in Python , rather than sitting in some directory as an external command. That is where the optimization comes in. Let's close this thread. Gregg -- https://mail.python.org/mailman/listinfo/python-list