How to remove Petya Ransomware! (2018, outdated)
ฝัง
- เผยแพร่เมื่อ 8 ม.ค. 2018
- Hello guys!
Today I'll show you how to remove Petya Ransomware! also, showing extra things of the Ransomware...
Here's a little summary of Petya in Wikipedia:
Petya is a family of encrypting ransomware that was first discovered in 2016. The malware targets Microsoft Windows-based systems, infecting the master boot record to execute a payload that encrypts a hard drive's file system table and prevents Windows from booting. It subsequently demands that the user make a payment in Bitcoin in order to regain access to the system.
Variants of Petya were first seen in March 2016, which propagated via infected e-mail attachments. In June 2017, a new variant of Petya was used for a global cyberattack, primarily targeting Ukraine. The new variant propagates via the EternalBlue exploit, which is generally believed to have been developed by the U.S. National Security Agency (NSA), and was used earlier in the year by the WannaCry ransomware. Kaspersky Lab referred to this new version as NotPetya to disambiguate it from the 2016 variants, due to these differences in operation. In addition, although it purports to be ransomware, this variant was modified so that it is unable to actually revert its own changes.
This is actually a Wiper, if you buy the key, your files will be deleted.
Hope you liked! See you Later! - วิทยาศาสตร์และเทคโนโลยี
UPDATED THIS VIDEO, GO CHECK: th-cam.com/video/9fW-NWT3eyY/w-d-xo.html
:)
thanks bro i've been waiting for 5 years after this video last thanks!
TYSM FOR HELP
No keyboard found. Press any key to continue
*touches a door key*
Hmmm, i have a key for my home,car,gate. Which one should i pick??
**clicks mouse**
lol
It says "Press any key to continue" so I pressed off button
Red text on red background. Outstanding move
Lol i completely agree with you🤣🤣🤣
they fuckin shit their pants
But seriously tho
the red text is lighter
Drop shadow helps, but still, when you have an infinite library of colours to chose from why go red on red? Ridiculous.
For those, who haven't watched the decription method - actually, the drive IS NOT formatted. The MGE (Millitary Grade Encryption) affects mainly HDDs, and everything is placed in an unreachable segment of the drive.
i have an hdd oof
@@flamboyantliquid7659 i have ssd
@@pedromalta2116VR usually Windows is on HDD. My Windows is on HDD, and my Kali and Ubuntu are on SDD.
I've been running windows on ssd for around 2-ish years, phew
@@Mentis_Mori same
Petya: *formates disk*
me: y know that you deleted youself too right
Petya: wait wha----
certified bruh moment
Yeah, bruh moment
bruh
yes
I think petya didnt delete hes own files or thats wrong and i have a brain error
Fact: The music actually scares me more than Petya xD
FR
The backsound music it's so more dramatically
*Scarely
Fr
xd
@@Oxut Not like every music is from GD. It is indeed a music used in a Geometry Dash level, but remember that the music is not made for GD.
Intro song: XenoGenesis
1st song: Lunar Abyss
2nd song: Lunar Abyss
3rd song Lunar Abyss
4th song Lunar Abyss
5th song: idk
fifth song is detious & lockyn - allure
Good job man))
5th song - Darude Sandstorm
Geometry dash player???
Gd is dah besst
Me: Realizes the first song is xenogenesis and the second is lunar abyss
Also me: *instantly checks the comments for geometry dash comments*
Lol Duell maestro
Bruh add me on gd Ifiel
same
Yeah you are right lol
Are you sure ? Because I have tried looking for it but in vain.
It doesn't format the disk, it encrypts the master file table so the drive becomes useless.
0 bytes/0 bytes is not the sign of a formatted disk, but a corrupted one
WARNING! Don’t play the intro at full volume
yea it seems messed up
tell me music name pls
TypicalLucas The Song Is Called Dark Paradise By TheFatRat
Why?
thef1y earrape
Yeah, you successfully recreated 2010 yt tutorial experience
me: gets close to my dog
my dog: what are you doing?
me: i'm trying to *p e t y a*
comedy *gold*
Not the only one watching on 2021 less go
looooool
Lol thats a good one
Yes, Comedy.
Petya is actually a russian name
I am selling time stamps for the warnings/best moments
3:04 *Beware of eye bleed*
3:58 *Pando swearing alert*
4:26 *Pando starts spamming Petya*
0:00 *Video starts :)*
🤣🤣🤣🤣
omg sweartng alert/?!??!? really??/1/?!/ he swer.>..>. OMGNGGG
4:20 this reminds me of me having a conversation with Google when i was younger.
lol
420
420
@@alt.egoistic oh look a pichu and a pikachu
Dog: woof
Me: hey can i.. PETYA
badum, tsshhhhh
Oh no u wanna infect da dog.....so rude!
@@rai8424 ,He Meant "Pet You",Not Something Bad :D,Also This Joke Was Really Good.😂😂😂😂
r/comedyheaven
Can i Pet YA? hehe i get it! Nice joke!
@@bmw1seriesmcoupe496 r/woosh
Do you play Geometry Dash?
Many of the songs that do you use are in the game
He does.
ya i play gd
@@BadPiggiesPhonk not you
@@BadPiggiesPhonk r/notopbutok
GameCube
Petya: "hacking the pc"
Pandotech: seem like you have chosen, Death
Ransomware=run somewhere :D
Funny. You have to run somewhere when you click RUN the RANSOMWARE
lol run
Hahaha
Lol
*When I ran out of my home* WHAT TO DO NEXT?!!??!?
Everyone srry 4 the high volume of the music
Hi, I just made my own original vide pls subscribe to me, and donate
PandoTech hiiiiiiiiii
PandoTech the password pls
Pasak PandoTech
i found a way to stop it! Remove the power cable or battery before the boot! remove the disk and attach it to another pc, remove the petya entry and rebuild the wbm (Windows Boot Manager)...
I think you just got a new subscriber! Love this.
Tip tho: dont use all red for your text. Maybe switch to blue or black on the more red screens. It shows up better and is easier to read.😊
Red is fine for me.
"'we are goanna remove petya,, he didnt remove he just show us what does
edit:wow so many responses
@Nguyen Truong Minh the sword and the shield always evolve together. Maybe Petya's (or any other viruses') creators laugh on their victims, but as time passes, there will be crafty programmers who can decrypt, defeat and develop a recovering method against it. The same with computer protection. As firewalls, antiviruses and users' caution improves (like knowing the free iPhone is a scam and they don't click the virus link), there will be crafty hackers who will manage to breach through these defense lines (I already heard about viruses that are able to trick antiviruses and hide from them).
@@NoraTheCreator117 anti-viruses are the most popular viruses. And hiding from them is so fucking easy :v
Nguyen Truong Minh the video is private
Yes no one can remove petya instead of the developers of petya can solve it.
General Gio Nope there is no way
Petya: HAHA! NOBODY CAN DEFEAT ME! IM THE UNDEFEATABLE VIRUS!
Pandotech: hold my beer
Edit: almost forgot about this comment, thanks for the 41 replies.
military encryption algorythm xDDDDDDDDD
hold my system32
@@apostolisjlightning4226 algorithm * xD xD
Petya: you Can’t got Red Uthv me Viteo: not in my mind
Pandotech : im god and im your father
25 likes we want the password
Horizon that password... For petya ransomware...
+PandoTech i'm your big fan can I help you to removing a virus
It’s pandotech
PandoTech
What did use for VM Reply pls
Petya: hey who r u
Me: killer queen bites the dust
Petya: NANI
Basically the skull is just a lot of dollar signs.
nice ASCII petya 10/10 lol
@Proloop Under Ok calm down Sherlock.
The boot information and the OS information are crypted, that's why they don't appear. It shows 0 bytes used of 0 because Petya used a custom filesystem. Still, you may be right or not.
I have found that if you boot into the Windows install disk after the computer blue screens, but before it stats to boot from the hard drive again, and run the MBR repair command (fixmbr on Windows 2000/XP, and bootrec /fixmbr on Windows Vista onward), you will save your data. I suspect this happens because the file overwrites the MBR with a trojan that will encrypt the hard drive the next time the computer boots up, but it doesn't activate until you boot from the hard drive again, and if it hasn't activated, you can basically "disarm the bomb", and save all your data. But if the encryption has activated, you're basically screwed unless someone can make a decryption utility.
They did decrypt, it wasn't formatted.
PETYA: NOBODY CAN REMOVE ME!
Real life weapons: Hey you come here
lol
If you cant get rid of it then reset your Hardware.
But beware all your Files are then gone so this video is really Helpful
1:11 - Petya in a nutshell
Try SCP 173 anomaly apocalypse
@Robotul Zombie ENGLISH PROFESSOR!!
@Robotul Zombie Nuhetlls
@Robotul Zombie it says nutshell bruh
1:11
thank you for making this vid, it makes me feel safer, i don’t want my pc to get destroyed
Fortnite sucks
@@GamerYt-ce7jp shut up that doesnt even relate to the comment he posted
Freernite xd
@@iguanawithinternetaccess930 is there any law that i have to relate the comment to the reply i put?
@@GamerYt-ce7jp haters gonna hate.
Petya:IM A RANSOMWERE
me:run some where :3
Petya: *formats drive*
Also Petya: *tells you that it encrypted your files*
wondering how i got so many like LMAO
ồ người vn kìa
He's going to be in my hate video
Top 10 fortnite youtubers who have sworn
@@@Moviesxp
No
False, do not format the pc. Petya does not encrypt the files, what she does is erase the list that has the hard disk to find and work with them. To recover all your data, it is necessary to restore that "list", which can be restored with the serial that has to be set to petya. When the files are not found, it appears that the disk is empty, but this is false.
So, how can I recover my valuable files?
Answer: You must connect the hard drive of your computer to another computer, and scan that disk with an application, which will give us a code which we must put on a web (I do not remember what it was called) that will give us the key to be able to restore that list. We place the hard drive again on the affected PC and enter the previous key.
If you want to see the URL of the websites and the name of the program, you can find it on TH-cam
You are false lol . I downloaded the same and i was the same :)
David. Do you fucking know what a hard drive is? If it encrypts then the physical storage device is well, encrypted. You can't just pop it into another computer.
DAVID HERNANDEZ if you put the hard drive on any other pc it will give the same problem.
Because the hard drive is like a Memory Card where it stores all the system files and windows.
And if you put it on another computer it will come with virus because it erases the system and encrypts the MBR.
DAVID HERNANDEZ well, instead you can just need a program to make a Petya key to decrypt or should I say, restore for free without paying. Also, like he/she said (Pando!) do not enter, so this technique by using the program to get a key for free is the best option.
Куба Попков he/she could say he/she.
Sorry for the question, but is safe to do this on a VM or there is a risk to infect your principal PC?
Me rewatching: good CRAP
Also me realizing hes an astolfo pfp now: Look how they massacred my boy
you can see this guy is a geometry dash player by the songs
Or he just... Idk... *went to newgrounds for songs?*
How about "BUG32.exe" virus?
Or maybe Not-Petya?
Coba SMADAV Nya bang
@@electroadvent9918 Not-Petya i think is the same but maybe with different background and text
Idk if avast is totally taken off cuz in regist editor there is some archives with avast on name should i delete EVERYTHING ABOUT AVAST OR THAT THINGS without any file (i deleted all manually) are not dangerous??
Petya doesn't format HDD, it just encrypts Master File Table(MFT)
When you heard the music I bet you were like duelo maestro.... Lunar abyss
According to the description if u try to ACTUALLY do what it tells you to do it straight up erases anything anyway
Oops! Your ears have been encrypted by high volumed PandoTech intro!
the only reason why i subscribed..
I am on a VM and I try to press all of the options on the boot menu and still it gives me the Petya screen
GD's "Duelo Maestro" level music. I just recognized it.
its that nine circles level right?
@@xdlebaghet9773 no
Music: lunar abyss. Is one of my favourites :D
Love it
This can be used to make nine circles levels in gd
Level : DUELO Maestro
@@malikarezkallah636 shame on then who doesnt understand what u r meaning
YOU BREAKED MY EARS WITH THE INTRO
What if I do this on GPT and what if I simply delete system reserved partition and reinstall windows? Does it corrupt the computer's firmware?
“What the f**k Petya did you ‘encrypted’”
They cursed for the 1st time (idk)
@mel fallen How ???
3:44
WHAT
I DIED LAUGHING AFTER SEEING THAT!
WHAT THE **** PETYA DID YOU “ENCRYPTED”
holy shit, Duelo Mastero 🔥
If C: is empty, where is petya installed?
It is in X: I think
On the master boot record.
Petya is installed in the MBR
Anic17 I’m guessing you’re fucked if something takes over the MBR? Or at least the hard drive is fucked
No Where LOL
2:30 BOOM! LOOKS LIKE A DARK MAGIC
SI PETYA FORMATEA EL DISCO DURO, COMO HACE PARA IMPLEMENTAR SU PROGRAMA DE ARRANQUE??????
When I ran Petya on windows 7 virtual machine, it removed all of the files. So Petya kills your files.
It's obvious that the link was going to be taken down at some point, and I don't plan on reuploading it.
WARNING: Don't download the file on a Real OS, download it on a VM
Could've guessed it would be your yt name...
I can make you a intro for a shoutout :D
PandoTech ty now Roblox lag is removed
Do not download the file if you want to try on your real OS!
Petya: No one can remove me! We have military-grade defenses!
PandoTech: Hold my beer.
True 😂
military grade? nope it is fake can be destoryed by fixing Windows MBR after backuping data in a Windows live CD
lol when you infected in the virus you: yeets pc pc: what did i wrong
Petya: I am a military grade encryption algorithm
pandotech: I’m just some guy who bypasses your system
03:15 BOOM! RSOD this time!
0:18 Geometry Dash, Duelo Maestro mmmmmm
ohhh yeaah
pandotech what is the name of the song? that you used in the video?
if the disk would be erased then petya wouldn't be able to start as well, it just moves the files into an unreachable part of the disk
4:34
If you look closely, it says: "Lame"
XD
XD
Wat
Xd
Szymonthebests Gamer @ it does lol
7:20 song? pls. I only remember it was on a famous GD level, but, I don't remember anything about it.
Synthy Spencer Lunar Abyss
PandoTech I mean, the second song
Can you please, tell me the name of the *SECOND* song?
Thank you but I had to find it myself. The second song is "Detious & Lockyn - Allure"
what
CHKDSK is a CMD command, that checks your disc. Available when runned as administrator
True, but not in this case.
PantoTech: is windows Vista remove
Me: what is you Computer error
Me:ughhhhhh I’m tired pandotech has nothing I need!!!!!
*sees video thumbnail*
Me:last video...
*watches video*
Me: omg, the music and vid is greatttttt
0:0:0:0:00 R.I.P Headphone users
Are you using the same windows vista when you downloaded trojan memz on it and removed it?
Petya Ransomeware: please pay to get your computer back!
Pandotech: im about to end this mans whole career
I got the music called Lunar Abyss
@Nguyen Truong Minh You watch that stream too? I watch too!
NO
@Nguyen Truong Minh That you ask me did you know that this reply is 6 m.
7:46 music name pls?
Yea whats the song?
4:31
When a teacher writes on the blackboard
Does it seem to me or is the music similar to the main music of welcome to the game 2?
Plese do not allow the watcher to download the file !! It cause very harm
But if the watcher wants to test it on a VM?
4:54 any one notice the thing?
it said
Key: 82920
Yeah I DId
the actual key is usually longer
He typed it
@@jagged7666 oh.
If someone is looking for it... the name of the song is Lunar Abyss.
my old laptop is infected with something i think is worse, i think the disk is formated(cant check, because cant open anything lol) its complete DEATH, trying to go to Safe Mode ? NOPE, was trying to bring it to a technician and they didnt know what the problem was lol, i really dont know what to do
Petya: Make PC flashing
People with Epilepsy: *They’re Grooving*
6:01 scanos? More like thanos cuz thanos will snap petya and ur computer is safe
AHAHAHA XD
lol
Good one xD
For anyone wondering the music playing on most of the video: Lchavasse - Lunar Abyss
So how do you really remove "Petya RSW" I only see proof that the disc is "formatted"
Lunar Abyss :D from GD
Does GD mean God?
Geometry dash
cheats for minecraft)
its not formatted bc petya just stoled whole files and bytes to hide server and when entered key then files is back to drives files
7:00 if I don't have the key I can't press next
how did you continued without the key?
I hear gd music
Death Moon was a good level
Only geometry dash fans will get
Duelo Maestro*
😶
Pls explain why there is bsod after you run a petya, and what happen if you end petya in task manager?
3:06 my eyes just went flashbang
Petya.exe: HAAHAHHAHAHAAH THERE IS NO WAY >:)
Pandotech: I'm using to delete Petya.exe
Petya.exe: excuse me WTF
Thanks bro. I have my computer fixed ^^!
probably you’re lying cause he basically said that's impossible to escape Peyra.
@@seemo_simona He's not lying. Why would he lie?
i think CMD and anti virus serves as the most crushing line of defense in your computer
But how the Petya Ransomware can still boot even the disk is formatted?
Lchvasse - Lunar Abyss
thank me later 8)
Geometry dashers is here!
@@user-ui4te8tu8d wait for me
Song plays
Me: GEOMETRY DASH
ME TOO
DUELO MAESTRO
Yes
+
For some reason, there isn't intro in this video
if you enter the sites what is gonna happen?
also how are you going to chec5 the links?
are you going to put them in another pc?