Petya Fix

[et_pb_section bb_built=”1″ admin_label=”section” background_image=”https://www.mdsny.com/wp-content/uploads/2017/06/petpet.jpg” custom_padding=”0px|0px|0px|0px” custom_css_before=”content:%22%22;||display: block;||height: 100%;||position: absolute;||top: 0;||left: 0;||width: 100%;||background-color: rgba(58, 60, 69, .6);”][et_pb_row admin_label=”row” custom_padding=”0px|0px|124px|0px” parallax_method_1=”off” parallax_method_2=”off” background_position=”top_left” background_repeat=”repeat” background_size=”initial”][et_pb_column type=”1_3″][/et_pb_column][et_pb_column type=”2_3″][et_pb_divider height=”200″ /][et_pb_text max_width=”720px” text_font=”PT Sans||||” text_font_size=”72″ text_font_size_tablet=”52″ text_font_size_last_edited=”on|tablet” text_text_color=”#ffffff” text_line_height=”1.1em” custom_margin=”0px||0px|” background_position=”top_left” background_repeat=”repeat” background_size=”initial”]

Petya Vaccine Found:
Video + Walkthrough

[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section][et_pb_section bb_built=”1″ custom_padding=”65px|0px|54px|0px”][et_pb_row admin_label=”row” custom_padding=”0px||0px|” column_padding_mobile=”on” parallax_method_1=”off” parallax_method_2=”off” background_position=”top_left” background_repeat=”repeat” background_size=”initial”][et_pb_column type=”1_3″][et_pb_divider color=”#000000″ show_divider=”on” /][et_pb_video src=”https://www.youtube.com/watch?v=ANFT-cgpZ94″ disabled_on=”on|off|off” /][et_pb_divider color=”#000000″ show_divider=”on” /][et_pb_contact_form captcha=”off” email=”maureendatasystems@gmail.com” title=”Subscibe to All Security Updates” custom_message=”not working” input_border_radius=”7px” disabled_on=”on|off|off” module_id=”et_pb_contact_form_0″ title_font=”|on|||” title_font_size=”19px” form_field_font=”||||” use_border_color=”on” border_color=”#000000″ custom_button=”on” button_text_size=”20px” button_text_color=”#ffffff” button_bg_color=”#0c71c3″ button_border_radius=”11px” button_icon=”%%36%%”] [et_pb_contact_field field_id=”Name” field_title=”Name” fullwidth_field=”on”][/et_pb_contact_field][et_pb_contact_field field_id=”Phone” field_title=”Phone” fullwidth_field=”on”][/et_pb_contact_field][et_pb_contact_field field_id=”Email” field_title=”Email” field_type=”email” fullwidth_field=”on”][/et_pb_contact_field][et_pb_contact_field field_id=”Company” field_title=”Company” fullwidth_field=”on”][/et_pb_contact_field] [/et_pb_contact_form][et_pb_divider color=”#000000″ show_divider=”on” /][/et_pb_column][et_pb_column type=”2_3″][et_pb_text max_width=”620px” text_font=”PT Serif||||” text_font_size=”24″ text_font_size_last_edited=”on|tablet” text_text_color=”#363636″ text_line_height=”1.4em” custom_margin=”NaNpx||0px|” background_position=”top_left” background_repeat=”repeat” background_size=”initial”]

Written by Marc Lande, MDS

Cyber security researcher Amit Serper has found a way to prevent the Petya ransomware from infecting computers.

[/et_pb_text][et_pb_text max_width=”620px” text_font=”PT Serif||||” text_font_size=”20″ text_font_size_last_edited=”on|tablet” text_text_color=”#363636″ text_line_height=”1.5em” custom_margin=”30px||0px|” background_position=”top_left” background_repeat=”repeat” background_size=”initial”]

WannaCry all over again.

Similar to the WannaCry disaster that took over the globe a few months ago, Petya operates by asking victims to pay $300 ransom to unlock their files. The ransomware has been wreaking havoc across the globe since Tuesday, locking hard drive MFT and MBR sections and preventing computers from booting.

Amit Serper’s Discovery:

Serper was the first to discover that this new strain of Petya would search for a local file and would exit its encryption routine if that file already existed on disk. His findings were also confirmed by other security researchers: PT Security, TrustedSec, and Emsifot.

How This Helps You:

Those vulnerable now have the ability to create that local file on their PCs, set it to “read-only” and effectively block the ransomware from infecting their computers.

[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row custom_padding=”0px||14px|” custom_padding_tablet=”17px|||” column_padding_mobile=”on” parallax_method_1=”off” custom_padding_last_edited=”on|tablet” background_position=”top_left” background_repeat=”repeat” background_size=”initial”][et_pb_column type=”4_4″][et_pb_text text_font=”PT Serif||on||” text_font_size=”12″ text_text_color=”#363636″ text_line_height=”1.2em” custom_margin=”6px|||” background_position=”top_left” background_repeat=”repeat” background_size=”initial” /][et_pb_video src=”https://www.youtube.com/watch?v=KcHKZ2jhvNI” /][/et_pb_column][/et_pb_row][et_pb_row admin_label=”row” custom_padding=”0px|||” column_padding_mobile=”on” parallax_method_1=”off” parallax_method_2=”off” background_position=”top_left” background_repeat=”repeat” background_size=”initial”][et_pb_column type=”1_3″][et_pb_contact_form captcha=”off” email=”maureendatasystems@gmail.com” title=”Download The Vaccine Batch File” use_redirect=”on” redirect_url=”https://download.bleepingcomputer.com/bats/nopetyavac.bat” input_border_radius=”7px” module_id=”et_pb_contact_form_0″ title_font=”|on|||” title_font_size=”19px” form_field_font=”||||” use_border_color=”on” border_color=”#000000″ custom_button=”on” button_text_size=”20px” button_text_color=”#ffffff” button_bg_color=”#0c71c3″ button_border_radius=”11px” button_icon=”%%36%%”] [et_pb_contact_field field_id=”Name” field_title=”Name” fullwidth_field=”on”][/et_pb_contact_field][et_pb_contact_field field_id=”Phone” field_title=”Phone” fullwidth_field=”on”][/et_pb_contact_field][et_pb_contact_field field_id=”Email” field_title=”Email” field_type=”email” fullwidth_field=”on”][/et_pb_contact_field] [/et_pb_contact_form][/et_pb_column][et_pb_column type=”2_3″][et_pb_text max_width=”620px” text_font=”PT Serif||||” text_font_size=”20″ text_font_size_last_edited=”on|tablet” text_text_color=”#363636″ text_line_height=”1.5em” custom_margin=”0px||0px|” custom_padding=”|||” background_position=”top_left” background_repeat=”repeat” background_size=”initial”]

How to Enable the Vaccine:

To vaccinate your computer so that you are unable to get infected with the current strain, create a file called perfc in the C:\Windows folder and make it read only. For those who want a quick and easy way to perform this task, Lawrence Abrams from Bleeping Computer has created a batch file that performs this step for you, which you can download by filling out the correlating form.

[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row admin_label=”row” background_position=”top_left” background_repeat=”repeat” background_size=”initial”][et_pb_column type=”4_4″][et_pb_text background_position=”top_left” background_repeat=”repeat” background_size=”initial”]

Step One: Configure Windows to show file extensions and make sure the Folder Options setting “hide extensions” for known file types is unchecked like below.

[/et_pb_text][et_pb_image src=”https://www.mdsny.com/wp-content/uploads/2017/06/file-ext.jpg” align=”center” /][et_pb_text background_position=”top_left” background_repeat=”repeat” background_size=”initial”]

Step Two: After you have enabled the viewing of extensions (which should always be enabled) open up the C:\Windows folder. Once the folder is open, scroll down till you see the notepad.exe program.

[/et_pb_text][et_pb_text background_position=”top_left” background_repeat=”repeat” background_size=”initial” /][et_pb_image src=”https://www.mdsny.com/wp-content/uploads/2017/06/windows-folder.jpg” align=”center” /][et_pb_text background_position=”top_left” background_repeat=”repeat” background_size=”initial”]

Step Three: Once you see the notepad.exe program, left-click on it once so it is highlighted. Then press Ctrl+C to copy and then Ctrl+V to paste it. When you paste it, you will receive a prompt asking you to grant permission to copy the file.

[/et_pb_text][et_pb_image src=”https://www.mdsny.com/wp-content/uploads/2017/06/adminprivs-prompt.jpg” align=”center” /][et_pb_text background_position=”top_left” background_repeat=”repeat” background_size=”initial”]

Step Four: Press the Continue button and the file will be created as notepad – Copy.exe. Left click on this file and press the F2 key on your keyboard and now erase the notepad – Copy.exe file name and type perfc as shown below.

[/et_pb_text][et_pb_image src=”https://www.mdsny.com/wp-content/uploads/2017/06/rename.jpg” align=”center” /][et_pb_text background_position=”top_left” background_repeat=”repeat” background_size=”initial”]

Step Five: Once the filename has been changed to perfc, press Enter on your keyboard. You will now receive a prompt asking if you are sure you wish to rename it.

[/et_pb_text][et_pb_image src=”https://www.mdsny.com/wp-content/uploads/2017/06/box.jpg” align=”center” /][et_pb_text background_position=”top_left” background_repeat=”repeat” background_size=”initial”]

Click on the Yes button. Windows will once again ask for permission to rename a file in that folder. Click on the Continue button.

Now that the perfc file has been created, make it read only. To do that, right-click on the file and select Properties as shown below.

[/et_pb_text][et_pb_image src=”https://www.mdsny.com/wp-content/uploads/2017/06/file-properties.jpg” align=”center” /][et_pb_text background_position=”top_left” background_repeat=”repeat” background_size=”initial”]

The properties menu for this file will now open. At the bottom will be a checkbox labeled Read-only. Put a check-mark in it as shown in the image below.

[/et_pb_text][et_pb_image src=”https://www.mdsny.com/wp-content/uploads/2017/06/perf.jpg” align=”center” /][et_pb_text background_position=”top_left” background_repeat=”repeat” background_size=”initial”]

Step Six: Click the Apply button and then click OK. The properties Window should now close. To be thorough as possible, it is recommended that you create C:\Windows\perfc.dat and C:\Windows\perfc.dll h. You can redo these steps for those vaccination files as well.

Your computer should now be vaccinated against the NotPetya/SortaPetya/Petya Ransomware.

This information was received from a post in Bleeing Computer by Lawrence Abrams and Catalin Cimpanu.

[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section][et_pb_section bb_built=”1″ admin_label=”Text” background_color=”#222222″ custom_padding=”0px||0px|” make_fullwidth=”on” use_custom_gutter=”on” gutter_width=”2″ parallax_method_1=”off” parallax_method_2=”off” parallax_method_3=”off” global_module=”119343″][et_pb_row global_parent=”119343″ make_fullwidth=”on” use_custom_gutter=”on” gutter_width=”2″ custom_padding=”35px||0px|” column_padding_mobile=”on” parallax_method_1=”off” parallax_method_2=”off” parallax_method_3=”off” _builder_version=”3.0.47″ background_size=”initial” background_position=”top_left” background_repeat=”repeat”][et_pb_column type=”1_3″][et_pb_image global_parent=”119343″ src=”https://www.mdsny.com/wp-content/uploads/2017/07/dreamstime_xxl_95232515.jpg” url=”https://www.eventbrite.com/e/new-dfs-cyber-security-compliance-what-it-means-for-you-tickets-35511587113https://www.eventbrite.com/e/learn-how-to-securely-access-office-365-anytime-anywhere-in-immersion-workshop-tickets-36653046248″ animation=”fade_in” align=”center” force_fullwidth=”on” _builder_version=”3.0.65″ /][et_pb_text global_parent=”119343″ text_orientation=”center” _builder_version=”3.0.47″ text_font=”PT Sans|on|||” text_font_size=”12″ text_text_color=”#888888″ text_letter_spacing=”2px” text_line_height=”1.2em” background_size=”initial” background_position=”top_left” background_repeat=”repeat” custom_margin=”30px|||”]

TRENDING IT NEWS

[/et_pb_text][et_pb_text global_parent=”119343″ text_orientation=”center” _builder_version=”3.0.65″ background_size=”initial” background_position=”top_left” background_repeat=”repeat” inline_fonts=”PT Sans,Droid Sans” background_layout=”dark” text_font_size=”15px”]

Nobody is Safe

How a Senior Threat Intelligence Analyst Fell Victim to Hackers

[/et_pb_text][/et_pb_column][et_pb_column type=”1_3″][et_pb_image global_parent=”119343″ src=”https://www.mdsny.com/wp-content/uploads/2017/08/dreamstime_xxl_69434098.jpg” url=”https://www.eventbrite.com/e/new-dfs-cyber-security-compliance-what-it-means-for-you-tickets-35511587113https://www.eventbrite.com/e/learn-how-to-securely-access-office-365-anytime-anywhere-in-immersion-workshop-tickets-36653046248″ animation=”fade_in” align=”center” force_fullwidth=”on” _builder_version=”3.0.65″ /][et_pb_text global_parent=”119343″ text_orientation=”center” _builder_version=”3.0.47″ text_font=”Droid Sans|on|||” text_font_size=”12″ text_text_color=”#888888″ text_letter_spacing=”2px” text_line_height=”1.2em” header_font=”Droid Sans||||” background_size=”initial” background_position=”top_left” background_repeat=”repeat” custom_margin=”30px|||”]

FREE MDS WORKSHOP

[/et_pb_text][et_pb_text global_parent=”119343″ text_orientation=”center” _builder_version=”3.0.47″ text_font=”PT Sans||||” text_font_size=”24″ text_text_color=”#ffffff” text_line_height=”1.2em” background_size=”initial” background_position=”top_left” background_repeat=”repeat”]

August 22-23rd, 2017

“Securely Access Office 365 Applications Anytime, Anywhere! Learn How in Immersion Workshop! “

[/et_pb_text][/et_pb_column][et_pb_column type=”1_3″][et_pb_image global_parent=”119343″ src=”https://www.mdsny.com/wp-content/uploads/2017/07/dreamstime_xxl_95499490.jpg” title_text=”Office 365″ url=”https://www.mdsny.com/gdpr-dont-tread-on-my-data/” animation=”fade_in” align=”center” force_fullwidth=”on” _builder_version=”3.0.65″ /][et_pb_text global_parent=”119343″ text_orientation=”center” _builder_version=”3.0.47″ text_font=”PT Sans|on|||” text_font_size=”12″ text_text_color=”#888888″ text_letter_spacing=”2px” text_line_height=”1.2em” background_size=”initial” background_position=”top_left” background_repeat=”repeat” custom_margin=”30px|||”]

MDS COMPLIANCE

GDPR: Don’t Tread on My Data

[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section][et_pb_section bb_built=”1″ admin_label=”Blurb” background_color=”#2d3743″ inner_shadow=”on” custom_padding=”49px|0px|0px|0px” make_fullwidth=”on” _builder_version=”3.0.65″ global_module=”118956″][et_pb_row admin_label=”row” global_parent=”118956″ make_fullwidth=”on” custom_padding=”0px|0px|44px|0px” background_position_1=”top_left” background_position_2=”top_left” background_position_3=”top_left” background_repeat_1=”no-repeat” background_repeat_2=”no-repeat” background_repeat_3=”no-repeat” _builder_version=”3.0.63″ background_image=”http://www.mdsny.com/wp-content/uploads/2017/05/datacenter.jpg” background_size=”initial” background_position=”top_left” background_repeat=”repeat”][et_pb_column type=”1_2″][et_pb_blurb global_parent=”118956″ background_layout=”dark” _builder_version=”3.0.63″ header_font=”Droid Sans||||” header_font_size=”26px” header_text_color=”#d1d1d1″ body_font=”Droid Sans||||” body_font_size=”16px” body_text_color=”#dfdfdf” background_size=”initial” background_position=”top_left” background_repeat=”repeat” inline_fonts=”Droid Sans”]

Our Pledge:

Building out and maintaining your IT ecosystem doesn’t have to be a do-it-yourself project. MDS can help identify network issues, configure devices, and optimize your infrastructure to maximize efficiency and performance. Our consultants are highly trained technology specialists that understand the complexities of multi-vendor environments and have the knowledge and skills to help your business become more agile, customer-focused and operationally efficient.

[/et_pb_blurb][/et_pb_column][et_pb_column type=”1_4″][et_pb_blurb global_parent=”118956″ background_layout=”dark” _builder_version=”3.0.65″ header_font_size=”26px” header_text_color=”#d1d1d1″ body_font=”Droid Sans||||” body_font_size=”16px” body_text_color=”#dbdbdb” background_size=”initial” background_position=”top_left” background_repeat=”repeat”]

Upcoming Events:

August 22: MSFT Customer Immersion Experience Workshop

August 23: MSFT Customer Immersion Experience Workshop

August 24: Cyber Security Networking Event

September 21: GDPR – How to Comply Before the Deadline (Live Event)

[/et_pb_blurb][/et_pb_column][et_pb_column type=”1_4″][et_pb_blurb global_parent=”118956″ background_layout=”dark” _builder_version=”3.0.63″ header_font_size=”26px” header_text_color=”#d1d1d1″ body_font=”Droid Sans||||” body_font_size=”16px” body_text_color=”#dfdfdf” background_size=”initial” background_position=”top_left” background_repeat=”repeat”]

Contacts:

NYC Headquarters:
307 West 38th Street, Suite 1801
New York, NY 10018
Tel: 646-744-1000

Miami Office:
Tel: 786-899-2980
San Juan Office:
Tel: 646-460-6229

Email: contactus@mdsny.com

[/et_pb_blurb][/et_pb_column][/et_pb_row][/et_pb_section]

Quick Links

Contact Us