What is PETYA_NOTPETYA_WIPER?
Petya/NotPetya is a highly destructive wiper malware masquerading as ransomware. It targets Windows computers, encrypting the Master File Table (MFT) and overwriting the Master Boot Record (MBR) to completely prevent the operating system from booting.
Common Causes
- SMB vulnerabilities (EternalBlue/EternalRomance) on unpatched machines
- Compromised administrative credentials harvested via Mimikatz-like methods
- Malicious updates in accounting software supply chains
Step-by-Step Fix Guide
-
1
Install MS17-010 patch and keep system updated
-
2
Disable SMBv1 and limit administrative share access
-
3
Use boot sector write protections in BIOS/UEFI
-
4
Perform clean OS installation if MBR/MFT is completely destroyed
Commands & Diagnostics
bootrec /fixmbrpowershell.exe Disable-WindowsOptionalFeature -Online -FeatureName SMB1ProtocolStill Need Help?
Search our full database of 481+ documented PC errors for more solutions and step-by-step repair guides.
Search Error Database