dEEpEst Posted July 11, 2017 Share Posted July 11, 2017 A killswitch to stop petya from encrypting your disk Security Researchers (PT Security, TrustedSec, ...etc) seem to have identified a kill-switch that prevents petya ransomware from proceeding through its encryption process 1. Simply, all that is needed are 3 files (perfc, perfc.dll, and perfc.dat) to already exist on the Windows machine, under C:\Windows, with READONLY permissions. Usage Launch cmd.exe as ADMIN. Execute petya-killswitch: This is the hidden content, please Sign In or Sign Up Done. [spoiler=Scanning VirusTotal] This is the hidden content, please Sign In or Sign Up Download: [HIDE-THANKS] This is the hidden content, please Sign In or Sign Up [/HIDE-THANKS] Password: level23hacktools.com Link to comment Share on other sites More sharing options...
Recommended Posts