PoshTip #52 – Mitigate Possible Risk of Petya Ransomware

PowerShell can help you to protect against Petya Ransomware by creating the perfc file automatically.




Please perform the same steps for perfc.dll and perfc.dat:

Check if “perfc” file has been created:


You also can use this full script to patch your computers.


Microsoft recommends to customers that have not yet installed security update MS17-010 to do so as soon as possible. Until you can apply the patch, they also recommend two possible workarounds to reduce the attack surface:


Thanks for reading! You can follow me on Twitter @PrigentNico

About Nicolas 270 Articles
I work as an IT Production Manager, based in Paris (France) with a primary focus on Microsoft technologies. I have 10 years experience in administering Windows Servers. . I am a Microsoft MVP for Cloud & Datacenter Management. I also received the PowerShell Hero 2016 award by PowerShell.0rg. And finally, I am "MCSE: Cloud Platform and Infrastructure", "MCSA: Windows Servers", "Administering & Deploying SCCM", and CheckPoint CCSA certified.