Petya is a particularly dangerous type of Ransomware infection that will essentially brick your computer and stop it from starting up.
The problem with this particular strain is that once infected the only way to remediate the situation is to restore a backup. You cannot pay the ransom with this strain and get your files back.
How to vaccinate your computer: Step-by-Step instructions
INFO: Businesses who have Uptake Digital's device management solution in place do not need to do this. We have already done it on your behalf.
A trusted internet computer information company called Bleeping computers has created the following instructions,which we have tested works correctly. The original guide can be found here
First, configure Windows to show file extensions. For those who do not know how to do this, you can use this guide. Just make sure the Folder Options setting for Hide extensions for known file types is unchecked like below.
Once you have enabled the viewing of extensions, which you should always have enabled, open up the C:\Windows folder. Once the folder is open, scroll down till you see the notepad.exe program.
Once you see the notepad.exe program, left-click on it once so it is highlighted. Then press the Ctrl+C( ) to copy and then Ctrl+V ( ) to paste it. When you paste it, you will receive a prompt asking you to grant permission to copy the file.
Press the Continue button and the file will be created as notepad – Copy.exe. Left click on this file and press the F2 key on your keyboard and now erase the notepad – Copy.exe file name and type perfcas shown below.
Once the filename has been changed to perfc, press Enter on your keyboard. You will now receive a prompt asking if you are sure you wish to rename it.
Click on the Yes button. Windows will once again ask for permission to rename a file in that folder. Click on the Continuebutton.
Now that the perfc file has been created, we now need to make it read only. To do that, right-click on the file and select Properties.
The properties menu for this file will now open. At the bottom will be a checkbox labeled Read-only. Put a checkmark in it as shown in the image below.
Now click on the Apply button and then the OK button. The properties Window should now close. While in my tests, the C:\windows\perfc file is all I needed to vaccinate my computer, it has also been suggested that you create C:\Windows\perfc.dat and C:\Windows\perfc.dll to be thorough. You can redo these steps for those vaccination files as well.
Your computer should now be vaccinated against the NotPetya/SortaPetya/Petya Ransomware.
Instructions source: https://www.onsitehelper.com/blog/researchers-found-vaccine-petyanotpetya-ransomware/
Comments
0 comments
Please sign in to leave a comment.