
“Create file in c:\windows called perfc with no extension and #petya won't run” - okket
https://twitter.com/0xAmit/status/879778335286452224
======
okket
Also it looks like you have a change to recover your files until you restart
the infected machine. See

[https://twitter.com/hackerfantastic/status/87979028071470694...](https://twitter.com/hackerfantastic/status/879790280714706944)

    
    
      If you are infected with Petya and your machine has
      crashed/powered off. DO NOT POWER UP. Use a LiveCD or
      external machine to recover files

------
okket
"Petya Ransomware Attack – What’s Known"

[https://www.malwaretech.com/2017/06/petya-ransomware-
attack-...](https://www.malwaretech.com/2017/06/petya-ransomware-attack-whats-
known.html)

    
    
      Kill Switch
    
      Although some companies have claimed to have found a kill
      switch, this is nothing more than PR as the so called “kill
      switch” is only activated by modifying files on your own
      system (which can be done to stop most malware) and is not
      doable remotely like the WannaCry was. Furthermore, as
      stated above it’s unlikely the Perya ransomware is still
      spreading and the damage has already been done, thus a
      kill-switch would be futile.

