>also leave the drives unmounted when not in use. Ransomware >is only dangerous where they can find a drive letter. Actually that's not true. There are some that can attack any share, whether mapped on a drive letter or not. e.g. http://www.securityweek.com/locky-ransomware-encrypts-unmapped-network-shares bye Fabi