Bitcoin blackmail virus system update
In my opinion, I don't know if it's right. We still need criticism and correction. I don't think this virus has anything to do with which way you use to access the Internet, and it also has nothing to do with which kind of computer (PC or laptop) you use. He mainly aims at some loopholes in the Current Windows operating system. We all know that when a software is downloaded, it must have the highest administrator authority to install the software on this computer. This should be a security policy of the computer operating system. However, there are loopholes in everything, and the operating system is no exception. For example, this virus outbreak, in fact, the patch was released as early as March, but many users didn't pay attention to it and didn't fix it. So, now as long as you are connected to the network, and the system vulnerability is not repaired in time, you can scan the port, use the vulnerability of a port, directly install the encryption software (virus) to your computer in the background, and encrypt your important files, so as to achieve the purpose of blackmail. So it's better not to turn off the self-renewal function of windows for convenience. At the same time, it's also recommended to turn off some ports that are not often used but are very dangerous, such as 445, 135, 137, 138 and 139—— Finally, WiFi is just a way to access the Internet. It can also spread viruses. So, quickly update and patch it .... There is also a video here. I think it's very good, but I don't know if I can watch it http://weibo.com/tv/v/?fid=1034 :
At present, there is no comprehensive unlocking method. Unfortunately, Windows users are attacked by wana series blackmail virus (bitcoin virus). The current solutions are as follows: (never pay ransom in any case. There is a lot of evidence that even if ransom files are paid, they cannot be decrypted.) < UL >
Windows users can completely eliminate wanacry blackmail virus on devices by formatting all hard disks The encrypted files in other hard disks cannot be unlocked by simply performing system reload.)
indivial users can contact domestic and foreign security manufacturers, such as Qihoo 360, Jinshan drug bully, Kaspersky, mcfel, Tencent security manager and other security centers for assistance in recovering important data
use the file recovery tool to recover. Users who have been infected with the virus can use the computer manager - file recovery tool for file recovery, with a certain probability of recovering your documents
note: we will continue to pay attention to the handling methods of relevant security manufacturers and wait for a more superior perfect unlocking scheme
{rrrrrrr}
10
(3) in view of the current technical means, if blackmail virus can not be solved, it can only be completely formatted, Then, the system is reinstalled and the system vulnerability patch is made to prevent the secondary poisoning
The blackmail virus wannacry is mainly spread by taking advantage of the dangerous vulnerability "eternal blue" leaked by NSA (National Security Agency). Microsoft released ms17-010 vulnerability patch to fix it earlier, but many users did not update the patch in time, so that a large number of computers were attacked by blackmail virus, The least affected system is windows 10, because the latest version of windows 10 1703 has integrated vulnerability patches and is completely immune to blackmail virus. However, it does not mean that win10 is 100% immune to blackmail attack. There are many versions of win10, and the old version will still be infected by virus
Microsoft emphasizes that windows 10 users are not the target of this malware attack. However, according to Microsoft's security announcement, only the latest Windows 10 1703 creators update creator update does not exist the vulnerability of this attack. The previous windows 10 RTM original version, November 1511 update and 1607 anniversary update still need to be patched, If there is no update patch, win10 will still be attacked by blackmail virus, so we must pay attention to update the vulnerability patch in time. Win10 click Start -- settings -- update and security -- windows update to execute system update
2. 3. Install anti extortion protection tools, do not visit the website, do not open suspicious mail and files
4. Turn off the computer, including TCP and UDP protocol ports 135 and 445. Pay special attention to win7 system, do not use campus network, nor CMCC
5. If you still can't understand it, cut off the network
[how to prevent bitcoin blackmailer virus] some suggestions on Security:
backup important personal data. Pay attention to personal computer security maintenance, regularly update system patches, safe and reliable antivirus software.
okcoin reminds users that the current domestic bitcoin trading platform does not support extracting bitcoin. If netizens want to buy computers for ransom payment, they need to choose a trading platform that can withdraw bitcoin to avoid a second loss. In addition, after paying the ransom, whether the computer attacked by the virus can be effectively unsealed remains unknown. Therefore, the technical personnel of okcoin currency bank suggest that the majority of Internet users upgrade and install the relevant patches of Windows operating system as soon as possible, and the infected machines should be disconnected immediately to avoid further spread of infection. Users who have not been attacked by virus should update the system as soon as possible, install regular and safe anti-virus software, and improve the defense ability of the computer.
2, In the CMD window, enter the following command:
Netsh advfirewall set allprofile state on
Netsh advfirewall add rule name = deny445 dir = in action = block protocol = TCP localport = 445
to open the windows update, so as to ensure that the system updates can be received at the first time
1 manually check whether there are any UN updated patches, And update
2 open Windows Defender regular scanning function
3 open windows defender, and bury fast scanning, if there is a problem, then deal with:
4 install an anti-virus software, and open real-time defense, regularly check and kill the virus