image are credit to blog.kaspersky.com

News of Ransomware

Within a day, we trust that most of the computer that below windows 10 are already affected by the ransomware

Ransomware divided into few type as this (Wanna Decrytor / WannaCry / Wcry)

image are credit to blog.kaspersky.com

From the news online, we get to know that Taiwan are the Second larger Disaster country and HongKong are keep getting more and more user affected.

You can view the live report of Ransomware over here

image are credit to intel.malwaretech.com

List of Windows are affected.

Windows 10(1507,1511,1607)

Windows 8 / 8.1

Windows 7

Windows Vista

Win Server 2008、2008 R2、2012、2012 R2

Windows RT

Windows XP

Download Patch and Save your Machines from Official Microsoft Windows Patch file.

Windows 10

Goto update manager and update your computer.

Windows 8

No Update on Windows 8, please upgrade to Windows 8.1

Windows 8.1 64:

Here

Windows 8.1 32:

Here

Windows 7 64:

Here

Windows 7 32:

Here

Windows XP SP2 64 (English /Japanese) User:

Here

Windows Server 2008 (Itanium ):

Here

Windows XP 32 Version and Windows Server 2003

Temporary Solution : Network > TCP / IP > Dont tick SMB File sharing Or you can block the SMB from your router.

Because of the issue are affected the whole world, Microsoft will update the case issue over here.

If Step above are unable to cure your PC or Block the Ransomware.

You have to block the port on your Router

Port to Block on The Router are 445 and 139, it will affected all your sharing protocol.

If you cant Even make the setting in your Router, You have to Disable SMB server V1 and V2.

Windows 7/Sever 2008 / Vista

Step1:Go to Command Prompt

Run regedit on the command prompt.

Step2:

Go to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters
Right click on white space, Press right Click and Newly add DWORD key SMB1, Value set to 0 and continue another record for  SMB 2 , Value are 0 and REBOOT your computer.

Windows 8 or above

Step1: Run as administrator on CMD

Step2:

Type powershell (Enter)

set-ExecutionPolicy Unrestricted (Enter)

set-SmbServerConfiguration -EnableSMB1Protocol $false (Enter)

Press Y after you saw selection.

set-SmbServerConfiguration -EnableSMB2Protocol $false (Enter)

Press Y after you saw selection.

Reboot your PC after success.

Conclusion:

Don’t Ever pay them, Because doesn’t mean you get the password to decrypted.

And don’t use Third party Decrypter Online, it will be another virus release by them also.

Share this to your friends now before anyone get affect later on.

Latest Update:

As TechCrunch Updates:

Someone Had Research the Kill Switch

Read Full Article here.

1 reply
  1. coolguy
    coolguy says:

    i don’t understand. ransomware doesn’t encrypt the file system. it just encrypts files. the simplest way around ransomware is to wipe your drive, overwrite it, then reinstall your o/s. this means also you have an offline back up of your files. maybe even an image of your o/s . yes, its a pain in the ass. but i cant over emphasize the importance of backups. because there is no 100% way of protecting yourself…no matter how clever you are, or how much money you spend on software to protect yourself. why is this so hard to understand? unless there are some who just wish to peddle their software that doesn’t work, and prey on those who just don’t know any better.

    Reply

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *