Tuesday, July 4, 2017

Stopping Petya Ransomware


I am a kiasu guy.
So ..no this ransomware will be a kick in my butt.

So here is a tip I learn from ZDNET (Credit to them)

Create a file called PERFC 
No Extensions etc... notepad etc won't allow you to write to windows..so bypass it

So Run CMD in Admin mode

Then do an old school file write
By Default, you will be in C:\WINDOWS\SYSTEM32
VERY DANGEROUS

So you are now in DOS.
up directory.
If you forget .. it's cd ..

Then create a file called PERFC
There is no case needed.
The whole example is there.
enter 3 times...
CTRL-Z to save
Like the example above.
Simple..

Now is the tricky part.

Go find that file again.. change to read only

File Explorer - > Properties -> READONLY
You need to give admin rights.



After you are done.. go back to the dos to verify.
Enter ATTRIB PERFC

it will show
 

C:\Windows>attrib perfc
A    R             C:\Windows\perfc

C:\Windows>




That's it!

Other than that.. run a full backup... and upload the darn file into google cloud.
use either Azure or Google to store in your image..

Pray hard for the PETYA not to whip your butt.

Like it? Follow me and also visit the sponsors!