Bitcoin blackmail virus solution
Wanacry blackmail virus is a kind of worm computer virus with blackmail nature written by the professional criminal group of "shadow broker"
because of the wanacry blackmail virus, the windows-445 series port vulnerability ms17-010 is used to attack, which covers all versions of windows and has a huge audience. After wanacry attacks the computer, it will encrypt a large number of users' documents / data / files / photos, and require payment of bitcoin ransom to unlock
< H2 > unfortunately, Windows users are attacked by wanacry blackmail virus. The current solutions are as follows: (never pay ransom in any case, there is a lot of evidence that even if ransom is paid, the file cannot be decrypted.) < UL >
Windows users can completely eliminate wanacry blackmail virus on devices by formatting all hard disks
indivial users can contact domestic and foreign security manufacturers, such as Qihoo 360, Jinshan drug bully, Kaspersky, mcfel, Tencent security manager and other security centers for assistance in recovering important data
use "blackmail virus immune tool" to repair. Users download the offline version of Tencent computer manager "blackmail virus immunity tool" through other computers, and the files to a safe and non-toxic U disk; Then turn on the designated computer when WiFi is turned off, the network cable is unplugged and the network is disconnected, and back up important files as soon as possible; Then use the offline version of "blackmail virus immunity tool" to fix the vulnerability with one click through USB flash disk; Network can be normal use of the computer
use the file recovery tool to recover. Users who have been infected with the virus can use the computer manager - file recovery tool for file recovery, with a certain probability of recovering your documents
note: we will continue to pay attention to the handling methods of relevant security manufacturers, waiting for more superior perfect unlocking
At present, there is no comprehensive unlocking method. Unfortunately, Windows users are attacked by wana series blackmail virus (bitcoin virus). The current solutions are as follows: (never pay ransom in any case. There is a lot of evidence that even if ransom files are paid, they cannot be decrypted.) < UL >
Windows users can completely eliminate wanacry blackmail virus on devices by formatting all hard disks The encrypted files in other hard disks cannot be unlocked by simply performing system reload.)
indivial users can contact domestic and foreign security manufacturers, such as Qihoo 360, Jinshan drug bully, Kaspersky, mcfel, Tencent security manager and other security centers for assistance in recovering important data
use the file recovery tool to recover. Users who have been infected with the virus can use the computer manager - file recovery tool for file recovery, with a certain probability of recovering your documents
note: we will continue to pay attention to the handling methods of relevant security manufacturers and wait for a more superior perfect unlocking scheme
Windows users can completely eliminate wanacry blackmail virus on devices by formatting all hard disks
indivial users can contact security manufacturers at home and abroad, such as Qihoo 360, Jinshan drug tyrant, Kaspersky, mcfel, Tencent security manager and other security centers for assistance in recovering important data
use "blackmail virus immune tool" to repair. Users download the offline version of Tencent computer manager "blackmail virus immunity tool" through other computers, and the files to a safe and non-toxic U disk; Then turn on the designated computer when WiFi is turned off, the network cable is unplugged and the network is disconnected, and back up important files as soon as possible; Then use the offline version of "blackmail virus immunity tool" to fix the vulnerability with one click through USB flash disk; Network can be normal use of the computer
use the file recovery tool to recover. Users who have been infected with the virus can use the computer manager - file recovery tool for file recovery, with a certain probability of recovering your documents
note: we will continue to pay attention to the handling methods of relevant security manufacturers, waiting for more superior perfect unlocking.
3. Through this function, there is a file recovery function to recover the files deleted or encrypted by blackmail virus
2. After being infected with the virus, it's recommended to report to the public security organ immediately for the record, and it's better not to go to the prefecture level or above, county level or below, because as far as I know, many county-level organs are often overstaffed, What is more important is that they basically do not have the relevant technical processing ability and conditions, and many cases may have to be transferred to the higher authorities. As for how the police deal with it, it's out of the question
Third, prepare a new computer. This is the best way to minimize the loss. Never smash the computer or deal with it separately. Instead, you should listen to the arrangement of the police, because if the police are responsible, they may take this as a clue to carry out new detection. On the one hand, it is also a way to eliminate harm for the public, and on the other hand, it may bring some compensation for the loss
first, temporarily close the port. Windows users can use firewall to filter personal computers, and temporarily turn off 3389 remote login on ports 135, 137 and 445 (if they don't want to turn off 3389 remote login, at least turn off the smart card login function), and pay attention to update security procts for defense, so as to minimize the risk of computer attack
Second, update the released security patches of windows in time. When the ms17-010 vulnerability was first exposed in March, Microsoft had provided security updates for win7, win10 and other systems; After the outbreak of this incident, Microsoft also quickly released a special patch for Windows XP and other systems that had not provided official support before
the third is to use the "blackmail virus immune tool" to repair. Users download the offline version of Tencent computer manager "blackmail virus immunity tool" through other computers, and the files to a safe and non-toxic U disk; Then turn on the designated computer when WiFi is turned off, the network cable is unplugged and the network is disconnected, and back up important files as soon as possible; Then use the offline version of "blackmail virus immunity tool" to fix the vulnerability with one click through USB flash disk; Network can be normal use of the computer
fourthly, use the "file recovery tool" to recover. Users who have been infected with the virus can use the computer manager - file recovery tool for file recovery, with a certain probability of recovering your documents
in addition, enterprise network administrators can use the "Administrator Assistant" to detect the security of computer equipment. Tencent's anti-virus laboratory security team, after tackling key technical problems, launched a computer housekeeper "Administrator Assistant" diagnostic tool for vulnerable enterprise customers on the evening of the 14th. The enterprise network administrator only needs to download the diagnostic tool and input the IP or device name of the target computer to diagnose whether the target computer is infected with blackmail virus; Under the guidance of the diagnosis report, the health equipment that has not been patched can be patched and defense can be arranged in time
note: Windows users should try their best to avoid visiting high-risk web pages in the near future. If they are poisoned, they should not pay ransom. They can contact the security manufacturer to help recover valuable data, or they can completely eliminate the virus by formatting the hard disk.
Unfortunately, Windows users are attacked by wanacry blackmail virus. The current solutions are as follows: (never pay ransom in any case. There is a lot of evidence that even if ransom files are paid, they cannot be decrypted.)
< H2 > < UL >
Windows users can completely eliminate wanacry blackmail virus on devices by formatting all hard disks
indivial users can contact domestic and foreign security manufacturers, such as Qihoo 360, Jinshan drug bully, Kaspersky, mcfel, Tencent security manager and other security centers for assistance in recovering important data
use "blackmail virus immune tool" to repair. Users download the offline version of Tencent computer manager "blackmail virus immunity tool" through other computers, and the files to a safe and non-toxic U disk; Then turn on the designated computer when WiFi is turned off, the network cable is unplugged and the network is disconnected, and back up important files as soon as possible; Then use the offline version of "blackmail virus immunity tool" to fix the vulnerability with one click through USB flash disk; Network can be normal use of the computer
use the file recovery tool to recover. Users who have been infected with the virus can use the computer manager - file recovery tool for file recovery, with a certain probability of recovering your documents
note: we should also continue to pay attention to the handling methods of relevant security manufacturers, waiting for more superior perfect unlocking