PSA: Petya Ransomware – How to protect your PC (Solved)

In this simple post I will share a solution as described by security experts worldwide. These a are simple steps you must take to protect your PC from Petya Ransomware or its clones NotPetya, Petya, Petna, SortaPetya.

Protecting yourself from Petya Ransomware

Just follow these steps and you will be fine. Info. For extra protection you may want to disconnect your critical system and do this tutorial offline.

First step

First you have to run this batch file nopetyavac.bat from security experts from BleepingComputer. Download here.

This batch must be run as administrator. It will create these files/folders and make them read only:

C:\Windows\perfc
C:\Windows\perfc.dll
C:\Windows\perfc.dat

Second step

Here we must block port 445. You can block it using Windows Firewall.

Whats does port 445 and Port 139 do?

Port 445 and port 139 are Windows ports. Port 139 is used for Network Basic Input Output System (NetBIOS) name resolution and port 445 is used for Server Message Blocks (SMB). They all serve Windows File and Printer Sharing. In Windows 2000, Microsoft has created a new transport for SMB over TCP and UDP on port 445, which replaces the older implementation that was over ports 137, 138, 139. Keep port 445 and port 139 opened will leave the hard disks exposed on this port, i.e. you share your hard drives with any one that can access to this port, including deleting, formating, and implant virus and so on.

Third Step

If you have not done so already, you should immediately install the MS17-010 patch from Microsoft. From here.

Fourth Step

Do not click suspicious links in emails or on websites.

Fifth Step

Backup everything you care via backup software especially for WannaCry ransomware like AOMEI Backupper Free. Create bootable media is also available. Download here.