For some time, we´ve been penetrated by Crypto Trojans. Locky or WannaCry have proved the world that simple antivirus cant protect you from all. Most companies quickly notice a large infestation of file services. You will notice encrypted files in nested folders is rarely used to make matters worse less quickly.
Which Admin clicks through the entire file hierarchy and searching for encrypted files? So it may be that after an infestation is still encrypted files slumber. NetApp FAS customers or AFF customers running a CIFS file server have now the possibility of running a free Ransomware check through their systems.
ProLion (Yes this are the ones who made also the Clusterlion of the MetroCluster) offers from now its software “DataAnalyzer” Ligth version to download for free. 
The software is super easy to use: simply download the software, register after installing the desired NetApp FAS system, and run the check. Thus, you have a free Ransomware check of all data in the NetApp FAS system against more than 1,000 cryptic file names, file extensions and Ransomware information files! (Assuming that there are SnapShots on the volumes, because the software is based on SnapShots.)
There’s the ProLion DataAnalyzer light here to download: http://www.prolion.at/de/dataanalyzer#light have fun hunting on encrypted files!