Hello!, I need to automate a process creating a .bat script. I must say my knowledge about BATCH scripting and programming in general is very very basic. I got an .exe with the next command line: And i need to run it to decrypt thousands of files with different extensions. My idea is to run the script on c:\ and recursively let it decrypt all the files. Also, if the file has an extension .lol i need to rename the file removing only that extension, for example; file.pdf.lol to file.pdf I got ALL the extensions write on a .txt file, so if the script can read the extensions from that file would be great. So far this is what i got It works yes, but i have to manually edit it for every extension and run it several times... Any help would be really appreciated! Thanks!
I'm just going with the list listed here on the trojan description: http://www.virusradar.com/en/Win32_Filecoder.FD/description
Thanks for your answer but I still don't understand why you need a list of extensions! What you actually need is a list of encrypted files, the original CryptoLocker ransomware stored this list in the registry: see here I would strongly suggest you ensure that there is no further help coming from the original malware forum before you attempt anything with ill thought out scripting solutions.
The problem is, i don't have a list of files. Dont know if it is because the virus i got didn't generate a list on my registry or because the list got removed by the antivirus i used to deinfect the computer.
You still don't need a list of extensions, you need to list all the encrypted files. Based on your responses in the various locations, you should however be able to begin to compile a list of files using a batch script. below is an example just to show you what I mean. Code: @Echo Off SetLocal EnableExtensions DisableDelayedExpansion Set "KnownAt=FILESAREGONE.TXT" Set "NewExtn=bleep" REM ALL CODE REMOVED Pause as you can see from the log file no listing of extensions was needed. Code removed due to updates on other forums...
Haven't read the background but as for you initial question: Code: FOR /f %%f IN (extensions.txt) DO decrypt.exe -k "decrypt.key" -f "%%f" -e "%%~xf"