a guest Mar 29th, 2016 408 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
- $service = "LanManServer"
- $thisHost = $env:computername
- Stop-Service -Name $service -Force
- Send-MailMessage -SmtpServer YOURSMTPSERVER.YOURDOMAIN.COM -From alerts@YOURDOMAIN.com -To SYSADMIN@YOURDOMAIN.COM -Subject "Sharing has STOPPED on $thisHost due to CRYPTOLOCKER detection" -Body "$service has been halted due to the suspected presence of CryptoLocker. See FSRM for more information." -Priority High
- Write-EventLog -LogName System -Source "EventLog" -EventID 65535 -EntryType Error -Message "CryptoLocker has been detected. Filesharing via LANMANSERVER service halted and administrator notified."
RAW Paste Data