# encoding: ascii
# api: powershell
# title: Monitor folders
# description: Compare files in multiple folders against a reference set to provide an early detection of Cryptolocker
# version: 0.1
# author: dfsdiag
# license: CC0
# x-poshcode-id: 4590
# x-archived: 2015-07-05T09:12:31
# x-published: 2015-11-07T20:44:00
#
#
$cleanDirectory = "C:\CLEAN"
$dirtyDirectory = "C:\DIRTY"
$monitoredFolders = "A", "B", "C"
foreach ($folder in $monitoredFolders) {
foreach ($file in (gci $dirtyDirectory\$folder)) {
if (Compare-Object $(gc $dirtyDirectory\$folder\$file) $(gc $cleanDirectory\$folder\$file)) {
Write-Host "CONTENTS OF $dirtyDirectory\$folder\$file DO NOT MATCH $cleanDirectory\$folder\$file" -ForegroundColor RED
}
}
}