Bitcoin virus immunity tool download
Publish: 2021-04-29 07:55:24
1. 1、 Win10 prevention process
win10 platform is relatively simple, because Microsoft has released relevant patches for this virus vulnerability in early March, so as long as your win10 has been automatically updated and upgraded to the latest version (version number is higher than 1511), you can successfully resist wannacrypt virus
operation steps:
1. "Settings" → "update and security" → "Windows Update", check that this item is on
2. Click the Cortana search box in the taskbar, enter "winver" and confirm that the version number is higher than 1511<
win10 users directly upgrade the latest version
II. Win7, win8.1, WINXP processing flow
for non win10 platform computers, because most of them have exceeded the service period, or e to various reasons, they have not opened the update and received the security patch, which is the hardest hit area of this attack. The solution is to download ms17-010 patch manually. At present, Microsoft has urgently released ms17-010 patch for different platforms, and the direct link address is as follows:
Windows XP (kb4012598)
32 bits:
http://download.windowsupdate.com/d/csa/csa/secu/2017/02/windowsxp-kb4012598-x86-custom-chs_. Exe
64 bit:
http://download.windowsupdate.com/d/csa/csa/secu/2017/02/windowsserver2003-kb4012598-x64-custom-enu_. Exe
Windows 7 (kb4012212, kb4012215)
32-bit:
http://download.windowsupdate.com/d/msdownload/update/software/secu/2017/02/windows6.1-kb4012212-x86_. msu KB4012212
http://download.windowsupdate.com/d/msdownload/update/software/secu/2017/03/windows6.1-kb4012215-x86_. MSU (kb4012215)
64 bits:
http://download.windowsupdate.com/d/msdownload/update/software/secu/2017/02/windows6.1-kb4012212-x64_. msu KB4012212
http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/03/windows6.1-kb4012215-x64_. MSU (kb4012215)
windows 8.1 (kb4012213, kb4012216)
32-bit:
http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/02/windows8.1-kb4012213-x86_. msu KB4012213
http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/03/windows8.1-kb4012216-x86_. MSU (kb4012216)
64 bits:
http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/02/windows8.1-kb4012213-x64_. msu KB4012213
http://download.windowsupdate.com/d/msdownload/update/software/secu/2017/03/windows8.1-kb4012216-x64_. MSU (kb4012216)
for other platforms or server versions, please go to https://technet.microsoft.com/zh-cn/library/security/MS17-010 Download the corresponding patch file
to search your own windows platform, you need to pay attention to the number of version bits (such as 32-bit / 64 bit)
confirm the platform version number again, click the download button of the corresponding version
click the link to download the patch of this platform directly. It should be noted that indivial platforms (such as win7) will contain two patches, Please download and install in order
3. Temporary disposal method
if it is not convenient for the computer to install the patch, or if you don't have a downloaded patch file on hand, you can consider the following temporary disposal method. The temporary disposal method is to shut down the corresponding port number of the system for immunization, which is effective for the current version of the virus, but it does not rule out the possibility of breaking the virus after it has a variant, The specific methods are as follows:
1. Download the 360 NSA immunization tool
NSA Arsenal immunization tool
software version: XP version
software size: 125.34mb
software license: free
applicable platform: WinXP Vista win8 win7
download address: http://dl.pconline.com.cn/download/996906.html
download the NSA immunization tool released by 360 company immediately, It has the characteristics of time-saving, labor-saving and low operation difficulty. The whole toolkit is 125mb. Double click to decompress automatically. Later, you will enter a main interface and operate according to the screen prompts. When the interface is green, it means the system is safe
NSA immune tool released by 360 company
2. Manually close windows 445, 135, 137, 138, 139 ports
in addition to the existing tools, you can also manually close 445, 135, 137, 138, 139 ports to resist virus attacks. The specific operation steps are as follows:
2.1 close ports 135, 137 and 138
1. Run and input "dcomcnfg"
2. On the right side of the computer option, right-click My Computer and select properties
3. In the default properties tab of my computer properties dialog box, remove the check box before enable Distributed COM on this computer
4. Select the default protocol tab, select connection oriented TCP / IP, and click delete
5. Right click on the network neighborhood to select properties, right click the network tab, and remove the check boxes of Microsoft network file and printer sharing and Microsoft network client to close ports 135, 137, 138 of the sharing end
manually close port
2.2 close port 139
open "network and dial up connection" → "local connection", select "Internet Protocol (TCP / IP)" attribute, enter "advanced TCP / IP settings" → "wins settings", there is a "disable TCP / IP NetBIOS", check to close port 139
2.3 close port 445
"start" → "run", enter "regedit", confirm and locate to "HKEY"_ LOCAL_ MACHINE\ SYSTEM\ CurrentControlSet\ Servi ces\ NetBT\ Parameters ", create a new DWORD value named" smbdeviceenabled "and set it to 0, then port 445 can be closed
note: after manually closing the port number, some intranet services (such as file and printer sharing) may fail. Please choose carefully
write at the end
wannacrypt is one of the most harmful viruses in recent years, second only to the shock wave of that year. The most important thing is that this virus will affect the hard disk data, and it is almost impossible to crack at present. The current method is that wannacrypt will automatically delete the original file before encryption, so some professional data recovery software can be used to try to recover. In short, keeping the system up-to-date is the best way to defend against viruses.
win10 platform is relatively simple, because Microsoft has released relevant patches for this virus vulnerability in early March, so as long as your win10 has been automatically updated and upgraded to the latest version (version number is higher than 1511), you can successfully resist wannacrypt virus
operation steps:
1. "Settings" → "update and security" → "Windows Update", check that this item is on
2. Click the Cortana search box in the taskbar, enter "winver" and confirm that the version number is higher than 1511<
win10 users directly upgrade the latest version
II. Win7, win8.1, WINXP processing flow
for non win10 platform computers, because most of them have exceeded the service period, or e to various reasons, they have not opened the update and received the security patch, which is the hardest hit area of this attack. The solution is to download ms17-010 patch manually. At present, Microsoft has urgently released ms17-010 patch for different platforms, and the direct link address is as follows:
Windows XP (kb4012598)
32 bits:
http://download.windowsupdate.com/d/csa/csa/secu/2017/02/windowsxp-kb4012598-x86-custom-chs_. Exe
64 bit:
http://download.windowsupdate.com/d/csa/csa/secu/2017/02/windowsserver2003-kb4012598-x64-custom-enu_. Exe
Windows 7 (kb4012212, kb4012215)
32-bit:
http://download.windowsupdate.com/d/msdownload/update/software/secu/2017/02/windows6.1-kb4012212-x86_. msu KB4012212
http://download.windowsupdate.com/d/msdownload/update/software/secu/2017/03/windows6.1-kb4012215-x86_. MSU (kb4012215)
64 bits:
http://download.windowsupdate.com/d/msdownload/update/software/secu/2017/02/windows6.1-kb4012212-x64_. msu KB4012212
http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/03/windows6.1-kb4012215-x64_. MSU (kb4012215)
windows 8.1 (kb4012213, kb4012216)
32-bit:
http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/02/windows8.1-kb4012213-x86_. msu KB4012213
http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/03/windows8.1-kb4012216-x86_. MSU (kb4012216)
64 bits:
http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/02/windows8.1-kb4012213-x64_. msu KB4012213
http://download.windowsupdate.com/d/msdownload/update/software/secu/2017/03/windows8.1-kb4012216-x64_. MSU (kb4012216)
for other platforms or server versions, please go to https://technet.microsoft.com/zh-cn/library/security/MS17-010 Download the corresponding patch file
to search your own windows platform, you need to pay attention to the number of version bits (such as 32-bit / 64 bit)
confirm the platform version number again, click the download button of the corresponding version
click the link to download the patch of this platform directly. It should be noted that indivial platforms (such as win7) will contain two patches, Please download and install in order
3. Temporary disposal method
if it is not convenient for the computer to install the patch, or if you don't have a downloaded patch file on hand, you can consider the following temporary disposal method. The temporary disposal method is to shut down the corresponding port number of the system for immunization, which is effective for the current version of the virus, but it does not rule out the possibility of breaking the virus after it has a variant, The specific methods are as follows:
1. Download the 360 NSA immunization tool
NSA Arsenal immunization tool
software version: XP version
software size: 125.34mb
software license: free
applicable platform: WinXP Vista win8 win7
download address: http://dl.pconline.com.cn/download/996906.html
download the NSA immunization tool released by 360 company immediately, It has the characteristics of time-saving, labor-saving and low operation difficulty. The whole toolkit is 125mb. Double click to decompress automatically. Later, you will enter a main interface and operate according to the screen prompts. When the interface is green, it means the system is safe
NSA immune tool released by 360 company
2. Manually close windows 445, 135, 137, 138, 139 ports
in addition to the existing tools, you can also manually close 445, 135, 137, 138, 139 ports to resist virus attacks. The specific operation steps are as follows:
2.1 close ports 135, 137 and 138
1. Run and input "dcomcnfg"
2. On the right side of the computer option, right-click My Computer and select properties
3. In the default properties tab of my computer properties dialog box, remove the check box before enable Distributed COM on this computer
4. Select the default protocol tab, select connection oriented TCP / IP, and click delete
5. Right click on the network neighborhood to select properties, right click the network tab, and remove the check boxes of Microsoft network file and printer sharing and Microsoft network client to close ports 135, 137, 138 of the sharing end
manually close port
2.2 close port 139
open "network and dial up connection" → "local connection", select "Internet Protocol (TCP / IP)" attribute, enter "advanced TCP / IP settings" → "wins settings", there is a "disable TCP / IP NetBIOS", check to close port 139
2.3 close port 445
"start" → "run", enter "regedit", confirm and locate to "HKEY"_ LOCAL_ MACHINE\ SYSTEM\ CurrentControlSet\ Servi ces\ NetBT\ Parameters ", create a new DWORD value named" smbdeviceenabled "and set it to 0, then port 445 can be closed
note: after manually closing the port number, some intranet services (such as file and printer sharing) may fail. Please choose carefully
write at the end
wannacrypt is one of the most harmful viruses in recent years, second only to the shock wave of that year. The most important thing is that this virus will affect the hard disk data, and it is almost impossible to crack at present. The current method is that wannacrypt will automatically delete the original file before encryption, so some professional data recovery software can be used to try to recover. In short, keeping the system up-to-date is the best way to defend against viruses.
2. According to the network security agency, this is a virus attack launched by lawless elements using the "eternal blue" leaked from NSA hacker's weapon library“ "Eternal blue" will scan windows machines with open 445 file sharing port, without any user operation. As long as the machine is turned on and connected to the Internet, criminals can plant blackmail software, remote control Trojan horse, virtual currency mining machine and other malicious programs in computers and servers. This is to remind the majority of computer users: 1. Install the latest security patch for the computer. Microsoft has released patch ms17-010 to fix the system vulnerability of "eternal blue" attack. Please install this security patch as soon as possible at the website of https://technet.microsoft.com/zh-cn/library/security/ms17-010; For Windows XP, 2003 and other machines that Microsoft no longer provides security updates, we can use 360 "NSA Arsenal immunity tool" to detect whether there are vulnerabilities in the system, and close the ports affected by the vulnerabilities, so as to avoid being infringed by blackmail software and other viruses. The download address of immunization tool is: NSA / nsatool.exe. 2. Close ports 445, 135, 137, 138 and 139, and close network sharing. 3. Strengthen the awareness of network security: don't click the unknown link, don't download the unknown file, don't open the unknown email... 4. Back up the important files in your computer to the mobile hard disk and U disk as soon as possible (regularly in the future), and save the disk offline after backup. 5. It is suggested that users who are still using Windows XP and windows 2003 should upgrade to Windows 7 / windows 10 or windows 2008 / 2012 / 2016 as soon as possible.
3. Unfortunately, Windows users are attacked by wanacry blackmail virus. The current solutions are as follows: (never pay ransom in any case. There is a lot of evidence that even if ransom files are paid, they cannot be decrypted.)
Windows users can completely eliminate wanacry blackmail virus on devices by formatting all hard disks
indivial users can contact domestic and foreign security manufacturers, such as Qihoo 360, Jinshan drug bully, Kaspersky, mcfel, Tencent security manager and other security centers for assistance in recovering important data
use "blackmail virus immune tool" to repair. Users download the offline version of Tencent computer manager "blackmail virus immunity tool" through other computers, and the files to a safe and non-toxic U disk; Then turn on the designated computer when WiFi is turned off, the network cable is unplugged and the network is disconnected, and back up important files as soon as possible; Then use the offline version of "blackmail virus immunity tool" to fix the vulnerability with one click through USB flash disk; Network can be normal use of the computer
use the file recovery tool to recover. Users who have been infected with the virus can use the computer manager - file recovery tool for file recovery, with a certain probability of recovering your documents
note: we will continue to pay attention to the handling methods of relevant security manufacturers, waiting for more superior perfect unlocking.
Windows users can completely eliminate wanacry blackmail virus on devices by formatting all hard disks
indivial users can contact domestic and foreign security manufacturers, such as Qihoo 360, Jinshan drug bully, Kaspersky, mcfel, Tencent security manager and other security centers for assistance in recovering important data
use "blackmail virus immune tool" to repair. Users download the offline version of Tencent computer manager "blackmail virus immunity tool" through other computers, and the files to a safe and non-toxic U disk; Then turn on the designated computer when WiFi is turned off, the network cable is unplugged and the network is disconnected, and back up important files as soon as possible; Then use the offline version of "blackmail virus immunity tool" to fix the vulnerability with one click through USB flash disk; Network can be normal use of the computer
use the file recovery tool to recover. Users who have been infected with the virus can use the computer manager - file recovery tool for file recovery, with a certain probability of recovering your documents
note: we will continue to pay attention to the handling methods of relevant security manufacturers, waiting for more superior perfect unlocking.
4. 1、 Shut down and disable the server service. Open CMD with administrator's permission and run:
net stop server
SC config lanmanserver start = disabled
2. Open firewall and disable port 445. Open the CMD with administrator permission and run the following script (provided by Jin an):
Netsh firewall set opmode enable
Netsh advfirewall firewall add rule name = & quot; deny445" Dir = in protocol = TCP localport = 445 action = block
3. For Windows XP users who no longer provide patches, open CMD and run (remember to disable related services):
net stop RDR
net stop SRV
net stop NetBt
4, You can patch it directly:
{ url:http%3A , text:Microsoft Security Bulletin ms17-010 - serious}
lazy solution with external network:
use 360nsa Arsenal immunization tool, download address:
in addition, for important files, leave more backup.
net stop server
SC config lanmanserver start = disabled
2. Open firewall and disable port 445. Open the CMD with administrator permission and run the following script (provided by Jin an):
Netsh firewall set opmode enable
Netsh advfirewall firewall add rule name = & quot; deny445" Dir = in protocol = TCP localport = 445 action = block
3. For Windows XP users who no longer provide patches, open CMD and run (remember to disable related services):
net stop RDR
net stop SRV
net stop NetBt
4, You can patch it directly:
{ url:http%3A , text:Microsoft Security Bulletin ms17-010 - serious}
lazy solution with external network:
use 360nsa Arsenal immunization tool, download address:
in addition, for important files, leave more backup.
5. It's a serious matter. Many students have been recruited. Suggestions are as follows:
1. Install the latest security patch for the computer. Microsoft has released patch ms17-010 to fix the system vulnerability of "eternal blue" attack. Please install this security patch as soon as possible at the website of https://technet.microsoft.com/zh-cn/library/security/ms17-010; For Windows XP, 2003 and other machines that Microsoft no longer provides security updates, we can use 360 "NSA Arsenal immune tool" to detect whether there are loopholes in the system, and close the ports affected by the loopholes, so as to avoid being infringed by blackmail software and other viruses. Download address: http://dl.360safe.com/nsa/nsatool.exe
2. Close ports 445, 135, 137, 138 and 139, and close network sharing
3. Strengthen the awareness of network security: don't click the unknown link, don't download the unknown file, don't open the unknown email...
4. Back up the important files in your computer to the mobile hard disk and U disk as soon as possible (regularly in the future), and save the disk offline after the backup
5. It is recommended that users who are still using Windows XP or windows 2003 should upgrade to Windows 7 / windows 10 or windows 2008 / 2012 / 2016 as soon as possible.
1. Install the latest security patch for the computer. Microsoft has released patch ms17-010 to fix the system vulnerability of "eternal blue" attack. Please install this security patch as soon as possible at the website of https://technet.microsoft.com/zh-cn/library/security/ms17-010; For Windows XP, 2003 and other machines that Microsoft no longer provides security updates, we can use 360 "NSA Arsenal immune tool" to detect whether there are loopholes in the system, and close the ports affected by the loopholes, so as to avoid being infringed by blackmail software and other viruses. Download address: http://dl.360safe.com/nsa/nsatool.exe
2. Close ports 445, 135, 137, 138 and 139, and close network sharing
3. Strengthen the awareness of network security: don't click the unknown link, don't download the unknown file, don't open the unknown email...
4. Back up the important files in your computer to the mobile hard disk and U disk as soon as possible (regularly in the future), and save the disk offline after the backup
5. It is recommended that users who are still using Windows XP or windows 2003 should upgrade to Windows 7 / windows 10 or windows 2008 / 2012 / 2016 as soon as possible.
6. Hello,
1, close port 445, install the released system patch in time, and then install the protection software
2. Windows users can completely eliminate wanacry blackmail virus on devices by formatting all hard disks
indivial users can contact security manufacturers at home and abroad, such as Qihoo 360, Jinshan drug tyrant, Kaspersky, mcfel, Tencent security manager and other security centers for assistance in recovering important data
use "blackmail virus immune tool" to repair. Users download the offline version of Tencent computer manager "blackmail virus immunity tool" through other computers, and the files to a safe and non-toxic U disk; Then turn on the designated computer when WiFi is turned off, the network cable is unplugged and the network is disconnected, and back up important files as soon as possible; Then use the offline version of "blackmail virus immunity tool" to fix the vulnerability with one click through USB flash disk; Network can be normal use of the computer
use the file recovery tool to recover. Users who have been infected with the virus can use the computer manager - file recovery tool for file recovery, with a certain probability of recovering your documents
note: we will continue to pay attention to the handling methods of relevant security manufacturers, waiting for more superior perfect unlocking.
1, close port 445, install the released system patch in time, and then install the protection software
2. Windows users can completely eliminate wanacry blackmail virus on devices by formatting all hard disks
indivial users can contact security manufacturers at home and abroad, such as Qihoo 360, Jinshan drug tyrant, Kaspersky, mcfel, Tencent security manager and other security centers for assistance in recovering important data
use "blackmail virus immune tool" to repair. Users download the offline version of Tencent computer manager "blackmail virus immunity tool" through other computers, and the files to a safe and non-toxic U disk; Then turn on the designated computer when WiFi is turned off, the network cable is unplugged and the network is disconnected, and back up important files as soon as possible; Then use the offline version of "blackmail virus immunity tool" to fix the vulnerability with one click through USB flash disk; Network can be normal use of the computer
use the file recovery tool to recover. Users who have been infected with the virus can use the computer manager - file recovery tool for file recovery, with a certain probability of recovering your documents
note: we will continue to pay attention to the handling methods of relevant security manufacturers, waiting for more superior perfect unlocking.
7.
The blackmail virus wannacry is mainly spread by taking advantage of the dangerous vulnerability "eternal blue" leaked by NSA (National Security Agency). Microsoft released ms17-010 vulnerability patch to fix it earlier, but many users did not update the patch in time, so that a large number of computers were attacked by blackmail virus, The least affected system is windows 10, because the latest version of windows 10 1703 has integrated vulnerability patches and is completely immune to blackmail virus. However, it does not mean that win10 is 100% immune to blackmail attack. There are many versions of win10, and the old version will still be infected by virus
Microsoft emphasizes that windows 10 users are not the target of this malware attack. However, according to Microsoft's security announcement, only the latest Windows 10 1703 creators update creator update does not exist the vulnerability of this attack. The previous windows 10 RTM original version, November 1511 update and 1607 anniversary update still need to be patched, If there is no update patch, win10 will still be attacked by blackmail virus, so we must pay attention to update the vulnerability patch in time. Win10 click Start -- settings -- update and security -- windows update to execute system update
8. Yes, you can definitely find it in a few years, but it's not necessary.
1. The virus is very harmful, but there is a patch.
2. Install a computer manager on the computer, and then open the toolbox, find the function to repair the vulnerability, and go to repair it
1. The virus is very harmful, but there is a patch.
2. Install a computer manager on the computer, and then open the toolbox, find the function to repair the vulnerability, and go to repair it
9. Wannacry blackmail virus prevention methods:
1. Install the latest security patch for the computer. Microsoft has released patch ms17-010 to fix the system vulnerability of "eternal blue" attack. Please install this security patch as soon as possible; For Windows XP, 2003 and other machines that Microsoft no longer provides security updates, we can use 360 "NSA Arsenal immunity tool" to detect whether there are vulnerabilities in the system, and close the ports affected by the vulnerabilities, so as to avoid being infringed by blackmail software and other viruses
2. Close ports 445, 135, 137, 138 and 139, and close network sharing
3. Strengthen the awareness of network security: don't click the unknown link, don't download the unknown file, don't open the unknown email...
4. Back up the important files in your computer to the mobile hard disk and U disk as soon as possible (regularly in the future), and save the disk offline after the backup
5. It is recommended that users who are still using Windows XP and windows 2003 should upgrade to Windows 7 / windows 10 or windows 2008 / 2012 / 2016 as soon as possible.
1. Install the latest security patch for the computer. Microsoft has released patch ms17-010 to fix the system vulnerability of "eternal blue" attack. Please install this security patch as soon as possible; For Windows XP, 2003 and other machines that Microsoft no longer provides security updates, we can use 360 "NSA Arsenal immunity tool" to detect whether there are vulnerabilities in the system, and close the ports affected by the vulnerabilities, so as to avoid being infringed by blackmail software and other viruses
2. Close ports 445, 135, 137, 138 and 139, and close network sharing
3. Strengthen the awareness of network security: don't click the unknown link, don't download the unknown file, don't open the unknown email...
4. Back up the important files in your computer to the mobile hard disk and U disk as soon as possible (regularly in the future), and save the disk offline after the backup
5. It is recommended that users who are still using Windows XP and windows 2003 should upgrade to Windows 7 / windows 10 or windows 2008 / 2012 / 2016 as soon as possible.
Hot content