PoshTip #52 – Mitigate Possible Risk of Petya Ransomware

PowerShell can help you to protect against Petya Ransomware by creating the perfc file automatically.

Output:

Please perform the same steps for perfc.dll and perfc.dat:

Check if « perfc » file has been created:

Output:

You also can use this full script to patch your computers.

Recommendations

Microsoft recommends to customers that have not yet installed security update MS17-010 to do so as soon as possible. Until you can apply the patch, they also recommend two possible workarounds to reduce the attack surface:

 

Thanks for reading! You can follow me on Twitter @PrigentNico

About Nicolas 192 Articles
I work as a System Engineer, based in Switzerland with a primary focus on Microsoft technologies. I have 7 years experience in administering Windows Servers. . I am a Microsoft MVP for Cloud & Datacenter Management. I also received the PowerShell Hero 2016 award by PowerShell.0rg. And finally, I am "MCSA: Windows Server 2012" and "Administering & Deploying SCCM" certified.