andreafortuna/notpetyavaccine.ps1

## notpetyavaccine.ps1
$extensions = "", ".dat", ".dll"
$baseFileName = "C:\windows\perfc"

foreach ($extension in $extensions)
{
    $outFile = "{0}{1}" -f $baseFileName, $extension

    Write-Host ("Creating file: {0}" -f $baseFileName)
    New-Item $outFile -ItemType file -Value "Road block for Petya." -Force

    $ACL = Get-ACL $outFile
    $ACL.SetAccessRuleProtection($True, $False) # Remove inheritance.
    $ACL.Access | % { $acl.RemoveAccessRule($_) } # Remove explicit ACL's.
    $roRule = New-Object System.Security.AccessControl.FileSystemAccessRule("BUILTIN\Administrators", "Read", "Allow") # Administrators read-only.
    $ACL.AddAccessRule($roRule)

    Write-Host "Applying read-only ACL..."
    Set-ACL $outFile $ACL | Out-Null
}
	$extensions = "", ".dat", ".dll"
	$baseFileName = "C:\windows\perfc"

	foreach ($extension in $extensions)
	{
	$outFile = "{0}{1}" -f $baseFileName, $extension

	Write-Host ("Creating file: {0}" -f $baseFileName)
	New-Item $outFile -ItemType file -Value "Road block for Petya." -Force

	$ACL = Get-ACL $outFile
	$ACL.SetAccessRuleProtection($True, $False) # Remove inheritance.
	$ACL.Access \| % { $acl.RemoveAccessRule($_) } # Remove explicit ACL's.
	$roRule = New-Object System.Security.AccessControl.FileSystemAccessRule("BUILTIN\Administrators", "Read", "Allow") # Administrators read-only.
	$ACL.AddAccessRule($roRule)

	Write-Host "Applying read-only ACL..."
	Set-ACL $outFile $ACL \| Out-Null
	}