Tuesday, July 4, 2017

Stopping Petya Ransomware


I am a kiasu guy.
So ..no this ransomware will be a kick in my butt.

So here is a tip I learn from ZDNET (Credit to them)

Create a file called PERFC 
No Extensions etc... notepad etc won't allow you to write to windows..so bypass it

So Run CMD in Admin mode

Then do an old school file write
By Default, you will be in C:\WINDOWS\SYSTEM32
VERY DANGEROUS

So you are now in DOS.
up directory.
If you forget .. it's cd ..

Then create a file called PERFC
There is no case needed.
The whole example is there.
enter 3 times...
CTRL-Z to save
Like the example above.
Simple..

Now is the tricky part.

Go find that file again.. change to read only

File Explorer - > Properties -> READONLY
You need to give admin rights.



After you are done.. go back to the dos to verify.
Enter ATTRIB PERFC

it will show
 

C:\Windows>attrib perfc
A    R             C:\Windows\perfc

C:\Windows>




That's it!

Other than that.. run a full backup... and upload the darn file into google cloud.
use either Azure or Google to store in your image..

Pray hard for the PETYA not to whip your butt.

Like it? Follow me and also visit the sponsors!





2 comments:

  1. Thank you so much! This was honestly a really really helpful post. I will definitely be visiting your blogs if ever I need help again. Keep up the good work.

    ReplyDelete
  2. Thank you for this guide with detailed pictures. I like such materials that have visual content that is easier to remember for me. Usually I just ask someone please write the code for me/ but this time I will try to do it myself. If I will succeed you will know that this is your merit.

    ReplyDelete

Do Follow me on Facebook & like us!