How to install Detect-Crypto.
-
Copy all files to C:\Detect-Crypto
-
Run Powershell as Administrator
-
cd to C:\Detect-Crypto and run the script with command: .\Detect-Crypto.ps1
-
Menu is shown. Choose the appropriate option number based on your deepest desires.
-
Follow prompts until main menu is shown again. Capital Q to exit.
-
Help file is in c:\Detect-Crypto, which explains each option displayed in the main menu
filegroup.xml - file group template import file
filescreen.xml - file screen template import file
psshutdown.exe - called by the .bat script to shutdown the host if file screen is triggered
Detect-Crypto.ps1 - main script for deploying and updating FSRM and file screens
Detect-Crypto.bat - script FSRM executes when the file screen is triggered
ransomware_identifiers.txt - List of known ransomware extensions and file names. Add new identifiers to this list.