Help with BATCH script.

Discussion in 'Scripting' started by quetzalin, Dec 28, 2015.

  1. quetzalin

    quetzalin MDL Junior Member

    May 25, 2011
    82
    11
    0
    Hello!,

    I need to automate a process creating a .bat script. I must say my knowledge about BATCH scripting and programming in general is very very basic.

    I got an .exe with the next command line:

    And i need to run it to decrypt thousands of files with different extensions.

    My idea is to run the script on c:\ and recursively let it decrypt all the files.
    Also, if the file has an extension .lol i need to rename the file removing only that extension, for example; file.pdf.lol to file.pdf

    I got ALL the extensions write on a .txt file, so if the script can read the extensions from that file would be great.

    So far this is what i got

    It works yes, but i have to manually edit it for every extension and run it several times...

    Any help would be really appreciated!

    Thanks!
     
  2. Compo

    Compo MDL Member

    Mar 29, 2011
    137
    104
    10
  3. quetzalin

    quetzalin MDL Junior Member

    May 25, 2011
    82
    11
    0
  4. Compo

    Compo MDL Member

    Mar 29, 2011
    137
    104
    10
    Thanks for your answer but I still don't understand why you need a list of extensions!

    What you actually need is a list of encrypted files, the original CryptoLocker ransomware stored this list in the registry: see here

    I would strongly suggest you ensure that there is no further help coming from the original malware forum before you attempt anything with ill thought out scripting solutions.
     
  5. quetzalin

    quetzalin MDL Junior Member

    May 25, 2011
    82
    11
    0
    The problem is, i don't have a list of files. Dont know if it is because the virus i got didn't generate a list on my registry or because the list got removed by the antivirus i used to deinfect the computer.
     
  6. Compo

    Compo MDL Member

    Mar 29, 2011
    137
    104
    10
    #6 Compo, Dec 28, 2015
    Last edited by a moderator: Apr 20, 2017
    You still don't need a list of extensions, you need to list all the encrypted files.

    Based on your responses in the various locations, you should however be able to begin to compile a list of files using a batch script.

    below is an example just to show you what I mean.
    Code:
    @Echo Off
    SetLocal EnableExtensions DisableDelayedExpansion
    
    Set "KnownAt=FILESAREGONE.TXT"
    Set "NewExtn=bleep"
    REM ALL CODE REMOVED
    Pause
    as you can see from the log file no listing of extensions was needed.

    Code removed due to updates on other forums...
     
  7. KNARZ

    KNARZ MDL Addicted

    Oct 9, 2012
    876
    457
    30
    #7 KNARZ, Jan 6, 2016
    Last edited by a moderator: Apr 20, 2017
    Haven't read the background but as for you initial question:
    Code:
    FOR /f %%f IN (extensions.txt) DO decrypt.exe -k "decrypt.key" -f "%%f" -e "%%~xf"
    
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...