cryptoblocker fsrm update

[Indr3k]

Hi, is there there a separate script for creating a task scheduler and adding it to update the list ?

[SparkyzCodez]

I'm working on a script like that right now (https://github.com/SparkyzCodez/FSRM-Anti-ransomware) but I don't have anything concrete yet. Permissions are sort of a pain with scheduler tasks that need pretty low level access. I am working on two scheduler tasks. One will download new definitions from Experiant (only if needed) and the other runs a refresh on the file screens every day. The refresh makes sure that all desired shares and drives (and also honey pots for my script) are covered every day with the latest definitions. That way you don't have to worry about changes to your network being missed.

The biggest "gotcha" is knowing when to use double quotes, single quotes, and no quotes with powershell command. If there's any question about whether or not you can use a space in a path name you should probably find and use the 8.3 (old DOS style) file names.

In the meantime, I'll attach a task scheduler XML export that should help you work through all the tricks. You'll just need to tweak the script names to make it work with whatever script you're using. (You could always use my FSRM Anti-ransomware scripts too.) NOTE!: I had to rename the file from .xml to .txt. Just change it back. Antiransomware Screen Refresh Daily.txt

[Indr3k]

Hi, thanks, will check it out. Old DOS commands sometimes still good enough :)

[kfear27]

@Indr3k can you test my variant in a scheduled task? It will rebuild the screens to make sure they are compliant. https://github.com/kfear27/CryptoScreen