Categories
Information Technology

Cryptolocker FSRM Template Scripts

Nothing fancy… but I decided to whip together some scripts to make my FSRM file screen templates easier to install.

Server 2012 and Up:

New-FsrmFileGroup -Name "Cryptolocker 20160314" –IncludePattern @("_Locky_recover_instructions.txt","DECRYPT_INSTRUCTIONS.TXT","DECRYPT_INSTRUCTIONS.HTML","DECRYPT_INSTRUCTION.TXT","DECRYPT_INSTRUCTION.HTML","HELP_DECRYPT.TXT","HELP_DECRYPT.HTML","DecryptAllFiles.txt","enc_files.txt","HowDecrypt.txt","How_Decrypt.txt","How_Decrypt.html","HELP_TO_DECRYPT_YOUR_FILES.txt","HELP_RESTORE_FILES.txt","HELP_TO_SAVE_FILES.txt","restore_files*.txt","restore_files.txt","RECOVERY_KEY.TXT","how to decrypt aes files.lnk","HELP_DECRYPT.PNG","HELP_DECRYPT.lnk","DecryptAllFiles*.txt","Decrypt.exe","ATTENTION!!!.txt","AllFilesAreLocked*.bmp","MESSAGE.txt","*.locky","*.ezz","*.ecc","*.exx","*.7z.encrypted","*.ctbl","*.encrypted","*.aaa","*.xtbl","*.abc","*.JUST","*.EnCiPhErEd","*.cryptolocker","*.micro","*.cryptotorlocker*","*.frtrss","*.vault","*want your files back.*","confirmation.key","cryptolocker.*","*decrypt_instruct*","*help_decrypt*","help_restore*.*","how to decrypt*.*","how_to_decrypt*","how_to_recover*","howtodecrypt*","install_tor*.*","last_chance.txt","recovery_file.txt","vault.hta","vault.key","vault.txt","HOW_TO_RECOVER_FILES.*","HELP_YOUR_FILES*","*.zzz","*.xyz","*.ccc","*.vvv","*.xxx","*.ttt","*.locked","*.crypto","_crypt","*.crinf","*.r5a","*.XRNT","*.crypt","*.R16M01D05","*.pzdc","*.good","*.LOL!","*.OMG!","*.RDM","*.RRK","*.encryptedRSA","*.crjoker","*.LeChiffre","*.keybtc@inbox_com","*.0x0","*.bleep","*.1999","*.HA3","*.toxcrypt","*.magic","*.SUPERCRYPT","*.CTB2","HELPDECRYPT.TXT","HELP_YOUR_FILES.TXT","HELP_RECOVER_FILES.txt","INSTRUCCIONES_DESCIFRADO.TXT","How_To_Recover_Files.txt","YOUR_FILES.HTML","YOUR_FILES.url","encryptor_raas_readme_liesmich.txt","HOW_TO_DECRYPT_FILES.TXT","ReadDecryptFilesHere.txt","Coin.Locker.txt","_secret_code.txt","About_Files.txt","Read.txt","ReadMe.txt","DECRYPT_ReadMe.TXT","FILESAREGONE.TXT","IAMREADYTOPAY.TXT","HELLOTHERE.TXT","READTHISNOW!!!.TXT","SECRETIDHERE.KEY","IHAVEYOURSECRET.KEY","SECRET.KEY","HELPDECYPRT_YOUR_FILES.HTML","help_decrypt_your_files.html","RECOVERY_FILES.txt","RECOVERY_FILE*.txt","HowtoRESTORE_FILES.txt","howto_recover_file.txt","restorefiles.txt","howrecover+*.txt","_how_recover.txt","recoveryfile*.txt","recoverfile*.txt","Howto_Restore_FILES.TXT","help_recover_instructions+*.txt")

Server 2008 and 2008 R2:

filescrn filegroup add /filegroup"CRYPTO2016" /members"_Locky_recover_instructions.txt|DECRYPT_INSTRUCTIONS.TXT|DECRYPT_INSTRUCTIONS.HTML|DECRYPT_INSTRUCTION.TXT|DECRYPT_INSTRUCTION.HTML|HELP_DECRYPT.TXT|HELP_DECRYPT.HTML|DecryptAllFiles.txt|enc_files.txt|HowDecrypt.txt|How_Decrypt.txt|How_Decrypt.html|HELP_TO_DECRYPT_YOUR_FILES.txt|HELP_RESTORE_FILES.txt|HELP_TO_SAVE_FILES.txt|restore_files*.txt|restore_files.txt|RECOVERY_KEY.TXT|how to decrypt aes files.lnk|HELP_DECRYPT.PNG|HELP_DECRYPT.lnk|DecryptAllFiles*.txt|Decrypt.exe|ATTENTION!!!.txt|AllFilesAreLocked*.bmp|MESSAGE.txt|*.locky|*.ezz|*.ecc|*.exx|*.7z.encrypted|*.ctbl|*.encrypted|*.aaa|*.xtbl|*.abc|*.JUST|*.EnCiPhErEd|*.cryptolocker|*.micro|*.cryptotorlocker*|*.frtrss|*.vault|*want your files back.*|confirmation.key|cryptolocker.*|*decrypt_instruct*|*help_decrypt*|help_restore*.*|how to decrypt*.*|how_to_decrypt*|how_to_recover*|howtodecrypt*|install_tor*.*|last_chance.txt|recovery_file.txt|vault.hta|vault.key|vault.txt|HOW_TO_RECOVER_FILES.*|HELP_YOUR_FILES*|*.zzz|*.xyz|*.ccc|*.vvv|*.xxx|*.ttt|*.locked|*.crypto|_crypt|*.crinf|*.r5a|*.XRNT|*.crypt|*.R16M01D05|*.pzdc|*.good|*.LOL!|*.OMG!|*.RDM|*.RRK|*.encryptedRSA|*.crjoker|*.LeChiffre|*.keybtc@inbox_com|*.0x0|*.bleep|*.1999|*.HA3|*.toxcrypt|*.magic|*.SUPERCRYPT|*.CTB2|HELPDECRYPT.TXT|HELP_YOUR_FILES.TXT|HELP_RECOVER_FILES.txt|INSTRUCCIONES_DESCIFRADO.TXT|How_To_Recover_Files.txt|YOUR_FILES.HTML|YOUR_FILES.url|encryptor_raas_readme_liesmich.txt|HOW_TO_DECRYPT_FILES.TXT|ReadDecryptFilesHere.txt|Coin.Locker.txt|_secret_code.txt|About_Files.txt|Read.txt|ReadMe.txt|DECRYPT_ReadMe.TXT|FILESAREGONE.TXT|IAMREADYTOPAY.TXT|HELLOTHERE.TXT|READTHISNOW!!!.TXT|SECRETIDHERE.KEY|IHAVEYOURSECRET.KEY|SECRET.KEY|HELPDECYPRT_YOUR_FILES.HTML|help_decrypt_your_files.html|RECOVERY_FILES.txt|RECOVERY_FILE*.txt|HowtoRESTORE_FILES.txt|howto_recover_file.txt|restorefiles.txt|howrecover+*.txt|_how_recover.txt|recoveryfile*.txt|recoverfile*.txt|Howto_Restore_FILES.TXT|help_recover_instructions+*.txt"

By Ernie Costa

Virtualization, SDDC, HCI, Bourbon, and some Kubernetes

Leave a Reply

Your email address will not be published. Required fields are marked *