How to prevent bitcoin virus
1. Install the latest security patch for your computer. Microsoft has released patch ms17-010 to fix the system vulnerability of "eternal blue" attack. Please install this security patch as soon as possible; For Windows XP, 2003 and other machines that Microsoft no longer provides security updates, we can use 360 "NSA Arsenal immune tool" to detect whether there are loopholes in the system, and close the ports affected by the loopholes, so as to avoid being infringed by blackmail software and other viruses
2. Close ports 445, 135, 137, 138 and 139, and close network sharing
3. Strengthen the awareness of network security: don't click the unknown link, don't download the unknown file, don't open the unknown email...
4. Back up the important files in your computer to the mobile hard disk and U disk as soon as possible (regularly in the future), and save the disk offline after the backup
5. It is recommended that users who are still using Windows XP or windows 2003 should upgrade to Windows 7 / windows 10 or windows 2008 / 2012 / 2016 as soon as possible.
Recently, some domestic college students reported that their computers were attacked by viruses and their documents were encrypted. The attacker claimed to pay bitcoin to unlock. It is reported that the virus is nationwide, suspected to spread through the campus network, very fast. At present, Hezhou University, Guilin University of Electronic Science and technology, Guilin Institute of aerospace instry and universities in Guangxi are affected. In addition, some netizens reported that Dalian Maritime University and Shandong University were also attacked by the virus
up to now, more than 6500 computers in China have been invaded by the virus. Bitcoin is a kind of network virtual currency, but its exchange rate with RMB is surprisingly high, 300 bitcoin is about 3 million RMB
Kevin, a hacker on Weibo, has taught five temporary solutions:
1. Don't give money. The ransom is expensive and may not be recovered after it is paid
2. The non poisoned computer quickly backed up the data for many times. If it has been poisoned, lower the hard disk before reloading the system, and then install the operating system
3. Install anti blackmail protection tools, but it only works before the virus invades, but it can't do anything for the computer that has been infected with the virus, so it is still necessary to do a good job in the backup of important documents. Do not visit the website, do not open suspicious mail and files
4, turn off the computer, including TCP and UDP protocol 135 and 445 ports
5, but also do not understand, the network pinch
prevention:
at present, the main way of poisoning is through most of the attacks coming from phishing e-mail, or the website with malware visited by the victims
don't open the e-mail with unknown source, don't click the unsafe link, don't scan the QR code with unknown source, and don't give permission to the software with unknown source
Computer Xiao can pinch the Internet to avoid the limelight
{rrrrrrr}
treatment:
1. Firewall shielding port 445
2. System update with windows update
3. Turn off smbv1 service
3.1 is suitable for customers running Windows 8.1 or Windows Server 2012 R2 and later
for client operating system:
open control panel and click program, Then click turn windows features on or off
in the windows features window, clear the SMB 1.0/cifs file sharing support check box, and then click OK to close this window
restart the system
3.2 for server operating system:
open "server manager", click "management" menu, and then select "delete roles and functions"
in the features window, clear the SMB 1.0/cifs
file sharing support check box, and then click OK to close this window
restart the system
3.3 is suitable for running Windows 7, Windows Server 2008 R2, Windows Vista and Windows Server 2008. Modify the registry
registry path: HKEY_ LOCAL_ Machine system currentcontrolset services llanmanserver parameters
New Item: smb1, value 0 (DWORD)
restart the computer
1: open the blackmail software interface, Click. ( the hacker's bitcoin address)
2: paste it into btc.com (blockchain query)
3: find the transaction record of the hacker's collection address in the blockchain query, Then choose a txid (transaction hash value)
4: and paste the txid to the blackmail software interface button connect us.
5: after the hacker sees it, you can click check payment.
6: then click decrypt to decrypt the file
based on Tencent computer housekeeper's continuous investment in independent anti-virus engine research and development and proct performance optimization in recent years, combined with the multi engine architecture system, Tencent computer housekeeper's ability in security protection and virus detection and killing has reached the same level as the world-class anti-virus software; Especially in the processing of domestic popular samples, resource consumption and response speed,
1. Download Tencent mobile phone housekeeper and use stubborn Trojan horse special killing tool to check and kill virus
Open Tencent mobile phone Housekeeper - utility in the upper right corner - add - stubborn Trojan horse special killing - Antivirus - finish
2. If the mobile phone can't be opened, it's necessary to link the software on the computer to swipe, This will remove all viruses from the phone
scan first, wait for the end of scanning, and then kill the virus according to the prompt. It adopts cloud detection and killing technology, which can thoroughly kill the virus through Intelligent Cloud Identification, so as to protect your mobile phone from now on; thank you
it can thoroughly check and kill the virus, which is strongly escorted by cloud host defense, TVA anti-virus engine and system repair engine
housekeeper introces the international leading local checking and killing engine, which greatly improves the ability of Trojan horse checking and killing
the ability of virus anti-virus protection is international leading, which can comprehensively protect the computer security