A type of virus that infect computers, and then prevent the user from accessing the operating system, or encrypts all the data stored on the computer,
The user asks the ransom to pay a fixed amount of money, as opposed to decrypting files or allowing access again to the operating system.
Wanna Cry Ransomware Guidelines to stay safe :
- Be careful NOT to click on harmful links in your emails.
- Be wary of visiting unsafe or unreliable sites.
- Never click on a link that you do not trust on a web page or access to Facebook or messaging applications such as WatSab and other applications.
- If you receive a message from your friend with a link, ask him before opening the link to confirm, (infected machines send random messages with links).
- Keep your files backed up regularly and periodically.
- Be aware of fraudulent e-mail messages that use names similar to popular services such as PayePal instead of PayPal or use popular service names without commas or excessive characters.
- Use anti virus and Always make have the last update.
- Make sure your windows have the last update close the gap.
- Use this link to download update Manual :
The first option is for 64bit system and another option for 32bit system
MS17-010 Update for Windows 10
The first option is a 32bit system and a second option for a 64bit system
Update link for MS17-010 for Windows 7 and Server 2008
Links Update for MS17-010 for Windows XP and Server2003 and 8
Update 5/21/2017 :
A tool under the name WanaKiwi is "able" to decrypt the data in the hands of the ransom software,
but only if the user has not restarted or turned off the computer.
This condition must come from how the rudimentary software algorithm works. The researcher focused on the initial numbers stored in the random memory of the computer on which the software is based to perform the encryption process.
More generally and simply, the tool searches for these numbers and begins the process of decrypting encrypted data in advance, hence the importance of the above requirement, in addition to the reference of some other reports to another condition is not to take off new software after infection such as games and office applications which can damage the order Store those numbers on your computer's memory by using that space for another program.
Note: The new tool works on both Windows 2008, 7, XP and Vista, and has been proven effective by some security companies. Another tool named WanaKey is based on the same principle
Update 5/15/2017 :
The entry of the virus to your device, which is dependent on a gap in the Windows system and the gap is present in all types of Windows is that the feature is open.
if you did no't update your windows just turn off SMP,
There are two methods to turn off SMP manually or Tools .
First Manually :
1.Control Panel\Programs\Programs and Features.
2. Remove check Box SMB1.0/CIF Filse Sharing Support.
3. you must be restart your computer.
Done! Now you are safe.
2. Tools :
Link Download direct: SMB2 Tools Disable
1. RUN AS ADMINISTRATOR.
2.First check if the Features is turn on !.
when you run the tools will show this, if you see SMB2 currently enable so you must be Disabled it
3. SMB2 IS currently disabled.
4. you must be restart your computer.
Done! Now you are safe.
I hope it helps to keep you safe.