How to Overcome Malware Ransomware Wannacry
How to Overcome Malware Ransomware Wannacry - The whole world again shaken by the presence of Malware Ransomware Wannacrypt is very dangerous, especially for users of Windows Operating System.
This malware will infect Windows-based PC users who have weaknesses related to the SMB function that is run on that computer. Malware Ransomware Wannacrypt is reported to have infected many users around the world.
Here are some file extensions that become targers of Malware Ransomware Wannacrypt:
LAN AND WIFI is a network that can exchange data between computers connected to the network. The latest prevention to save your files is to backup first, make sure when you do backup do not connect with LAN and WIFI first. This is to prevent malware from getting into your computer system.
With this attack, of course, various Anti-Virus update to combat the occurrence of Malware Ransomware Wannacrypt attacks. Make sure you use trusted Antivirus to improve the security of your PC using Windows OS.
MS17-010 security patch released by Microsoft has actually been announced since last March. But it seems most of the computers in the world have not installed them yet. So this laxity is also used massively by WannaCrypt.Update security spreader on your windows by install Patch MS17-010 issued by microsoct. See: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
How to Turn off SMB V1 feature for windows 7
How to Turn off SMB V1 feature for windows 8
How to Disable SMB v1 via regedit (all windows)
Windows Scripting Host (often abbreviated as WSH) is an application that supports scripting functions in the Windows 2000 operating system, Windows NT Option Pack, Windows 98, Windows XP and Windows Vista that allows administrators to execute scripts for some administrative tasks, be it using cscript.exe or wscript.exe. You need to know that the macros function is used to avoid files from Ms. apps. Office, or WScript is affected by the Wannacrypt Ransomware Malware deployment.
Here is a step to find out the status of Windows Script & Macro ON / OFF:
As we know, Malware Ransomware Wannacrypt until until this post is published has no solution in overcoming the PC that has been infected Ransomware Malware Wannacrypt. So you need to take the various precautions described above.
Remember, always backup your important file files, do not regret later. To help overcome and combat Malware Ransomware Wannacrypt attacks, please help share this post to your friends so that not many victims affected by Ransomware Wannacrypt malware. Thank you for visiting.
This malware will infect Windows-based PC users who have weaknesses related to the SMB function that is run on that computer. Malware Ransomware Wannacrypt is reported to have infected many users around the world.
Here are some file extensions that become targers of Malware Ransomware Wannacrypt:
- Commonly used office file extensions (.ppt, .doc, .docx, .xlsx, .sxi).
- Less common and nation-specific office formats (.sxw, .odt, .hwp).
- Archives, media files (.zip, .rar, .tar, .bz2, .mp4, .mkv)
- Emails and email databases (.eml, .msg, .ost, .pst, .edb).
- Database files (.sql, .accdb, .mdb, .dbf, .odb, .myd).
- Developers' sourcecode and project files (.php, .java, .cpp, .pas, .asm).
- Encryption keys and certificates (.key, .pfx, .pem, .p12, .csr, .gpg, .aes).
- Graphic designers, artists and photographers files (.vsd, .odg, .raw, .nef, .svg, .psd).
- Virtual machine files (.vmx, .vmdk, .vdi).
Do not connect on LAN / WIFI, Do Back Up Data
LAN AND WIFI is a network that can exchange data between computers connected to the network. The latest prevention to save your files is to backup first, make sure when you do backup do not connect with LAN and WIFI first. This is to prevent malware from getting into your computer system.
Update AntiVirus
With this attack, of course, various Anti-Virus update to combat the occurrence of Malware Ransomware Wannacrypt attacks. Make sure you use trusted Antivirus to improve the security of your PC using Windows OS.
Perform a MS17-010 Patch Update on Windows OS
MS17-010 security patch released by Microsoft has actually been announced since last March. But it seems most of the computers in the world have not installed them yet. So this laxity is also used massively by WannaCrypt.Update security spreader on your windows by install Patch MS17-010 issued by microsoct. See: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
Non Enable SMB function v1
Microsoft took an unusual step to protect its customers with unsupported versions of Windows - including Windows XP, Vista, Windows 8, Server 2003 and 2008 - with the release of security patches fixing the SMB flaws currently exploited by WannaCry ransomware.After patch update MS17-010 on your Windows OS, do Disable on your computer's SMBv1 feature. Follow These Steps:
How to Turn off SMB V1 feature for windows 7
- Run windows power shell (run as administrator)
- Enter the following script in the command Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB1 -Type DWORD -Value 0 -Force
How to Turn off SMB V1 feature for windows 8
- Run windows power shell (run as administrator)
- Enter the following script in the command Set-SmbServerConfiguration -EnableSMB1Protocol $ false
How to Disable SMB v1 via regedit (all windows)
- Download the reg file that already ane make this at https://goo.gl/j0YHLW
- Run as admin and merge the registry file
- Restart the PC
Do not Activate Macros Function
Windows Scripting Host (often abbreviated as WSH) is an application that supports scripting functions in the Windows 2000 operating system, Windows NT Option Pack, Windows 98, Windows XP and Windows Vista that allows administrators to execute scripts for some administrative tasks, be it using cscript.exe or wscript.exe. You need to know that the macros function is used to avoid files from Ms. apps. Office, or WScript is affected by the Wannacrypt Ransomware Malware deployment.
Here is a step to find out the status of Windows Script & Macro ON / OFF:
- Click Start -> Run, then type: "wscript" without quotation marks
- If a message appears: "Windows Script Host access is disabled on this machine. Contact your administrator for details. ", That means WSH (Windows Script Host) in the OFF position
- Block ports 139/445 and 3389
- Port 139/445 and 3389 are paths that Ransomware Wannacrypt Malware may bypass, you need to block to prevent the spread of Rannomware Wannacrypt Malware to your PC.
The first way Tutorial How to Block ports 139/445 and 3389:
- open windows firewall or windows run cmd: (type "wf.msc", without quotation marks)
- Choose advance setting
- Inbound rules -> select New Rules
- Select Port -> next
- Select tcp and port contents 139,445,3389 -> next
- Check public, home, private -> next
- Name (fill in the example: Block Wannacry) -> next
- Or The second way to do Block port via windows firewall:
- Navigate to Control Panel, System and Security and Windows Firewall.
- Select Advanced settings and highlight Inbound Rules in the left pane.
- Right click Inbound Rules and select New Rule.
- Add the port you need to open and click Next.
- Add the protocol (TCP or UDP) Port 139 and Port 445 and port 3389 (optional) the port number into the next window and click Next.
- Select Block the connection in the next window and hit Next.
- Select the network type as you see fit and click Next.
- Name the rule something meaningful and click Finish.
As we know, Malware Ransomware Wannacrypt until until this post is published has no solution in overcoming the PC that has been infected Ransomware Malware Wannacrypt. So you need to take the various precautions described above.
Remember, always backup your important file files, do not regret later. To help overcome and combat Malware Ransomware Wannacrypt attacks, please help share this post to your friends so that not many victims affected by Ransomware Wannacrypt malware. Thank you for visiting.
Used this Online converter for file converting;
ReplyDeleteFile Spinner