https://twitter.com/0xAmit/status/879789734469488642
vaccination for PETYA
>>61112876
what
>>61113093
PETYA scans %windir% for perfc, specifically that it checks to see if the name "perfc" exists within the directory. If it finds it, it doesn't execute the ransomware code. By creating a no extension perfc file in %windir% you basically prevent it from running.
>>61113188
> no extension
how?
>>61114500
>right click create text file
>delete the .txt
>>61113188
why the fuck is it doing that? again some failed killswitch?
>>61114500
why are you on /g/