PoshTip #52 – Mitigate Possible Risk of Petya Ransomware

PowerShell can help you to protect against Petya Ransomware by creating the perfc file automatically.




Please perform the same steps for perfc.dll and perfc.dat:

Check if “perfc” file has been created:


You also can use this full script to patch your computers.


Microsoft recommends to customers that have not yet installed security update MS17-010 to do so as soon as possible. Until you can apply the patch, they also recommend two possible workarounds to reduce the attack surface:


Thanks for reading! You can follow me on Twitter @PrigentNico

About Nicolas 248 Articles
I work as a System Engineer, based in Switzerland with a primary focus on Microsoft technologies. I have 8 years experience in administering Windows Servers. . I am a Microsoft MVP for Cloud & Datacenter Management. I also received the PowerShell Hero 2016 award by PowerShell.0rg. And finally, I am "MCSE: Cloud Platform and Infrastructure", "MCSA: Windows Servers", "Administering & Deploying SCCM", and CheckPoint CCSA certified.