Wanna Cry Ransomware : Update 5/21/2017 FIX

A type of virus that infect computers, and then prevent the user from accessing the operating system, or encrypts all the data stored on the computer,
The user asks the ransom to pay a fixed amount of money, as opposed to decrypting files or allowing access again to the operating system.

Wanna Cry Ransomware Guidelines to stay safe :

  • Be careful NOT to click on harmful links in your emails.
  • Be wary of visiting unsafe or unreliable sites.
  • Never click on a link that you do not trust on a web page or access to Facebook or messaging applications such as WatSab and other applications.
  • If you receive a message from your friend with a link, ask him before opening the link to confirm, (infected machines send random messages with links).
  • Keep your files backed up regularly and periodically.
  • Be aware of fraudulent e-mail messages that use names similar to popular services such as PayePal instead of PayPal or use popular service names without commas or excessive characters.
  • Use anti virus and Always make have the last update.
  • Make sure your windows have the last update close the gap.
  • Use this link to download update Manual :

MS17-010 Update for Windows 8.1

The first option is for 64bit system and another option for 32bit system
MS17-010 Update for Windows 10

The first option is a 32bit system and a second option for a 64bit system
Update link for MS17-010 for Windows 7 and Server 2008

Choose the first 64bit system choice or the second 32bit option.
Links Update for MS17-010 for Windows XP and Server2003 and 8

Update 5/21/2017 : 

A tool under the name WanaKiwi is "able" to decrypt the data in the hands of the ransom software,

but only if the user has not restarted or turned off the computer.

This condition must come from how the rudimentary software algorithm works. The researcher focused on the initial numbers stored in the random memory of the computer on which the software is based to perform the encryption process.

More generally and simply, the tool searches for these numbers and begins the process of decrypting encrypted data in advance, hence the importance of the above requirement, in addition to the reference of some other reports to another condition is not to take off new software after infection such as games and office applications which can damage the order Store those numbers on your computer's memory by using that space for another program.

Note: The new tool works on both Windows 2008, 7, XP and Vista, and has been proven effective by some security companies. Another tool named WanaKey is based on the same principle

Link Download direct:  Wanakiwi_0.2.zip  or  Wanakiwi.zip

Update 5/15/2017 : 

The entry of the virus to your device, which is dependent on a gap in the Windows system and the gap is present in all types of Windows is that the feature is open.

if you did no't update your windows just turn off SMP,

There are two methods to turn off SMP manually or Tools . 

First Manually :

1.Control Panel\Programs\Programs and Features.

2. Remove check Box  SMB1.0/CIF Filse Sharing Support.

3. you must be restart your computer.

Done! Now you are safe. 


2. Tools :

Link Download direct: SMB2 Tools Disable 

1. RUN AS ADMINISTRATOR.

2.First check if the Features is turn on !.
when you run the tools will show this, if you see SMB2 currently enable so you must be Disabled it  


3. SMB2 IS currently disabled.


4. you must be restart your computer.

Done! Now you are safe. 

I hope it helps to keep you safe.

     
 

Discussion Info


Last updated October 20, 2018 Views 459,938 Applies to:

* Please try a lower page number.

* Please enter only numbers.

* Please try a lower page number.

* Please enter only numbers.

nice information very helpful to stay safe if you haven't already gotten 1703 i suggest installing it right now, not only is it faster than previous build its also a lot safe
Microsoft windows is one of the most advanced operating systems, making the software updates available all over the world will prevent such security attacks.

A type of virus that infect computers, and then prevent the user from accessing the operating system, or encrypts all the data stored on the computer,
The user asks the ransom to pay a fixed amount of money, as opposed to decrypting files or allowing access again to the operating system.

Wanna Cry Ransomware Guidelines to stay safe :

  • Be careful to click on harmful links in your emails.
  • Be wary of visiting unsafe or unreliable sites.
  • Never click on a link that you do not trust on a web page or access to Facebook or messaging applications such as WatSab and other applications.
  • If you receive a message from your friend with a link, ask him before opening the link to confirm, (infected machines send random messages with links).
  • Keep your files backed up regularly and periodically.
  • Be aware of fraudulent e-mail messages that use names similar to popular services such as PayePal instead of PayPal or use popular service names without commas or excessive characters.
  • use anti virus andAlways be updated.
  • use Windows Update to update windows to close the gap.

I hope it helps.

     
For me is only use Malwarebytes latest update [included ransomware protection], Local Antivirus and Windows Defender [Auto Update from windows update]

Your post will not help, the Wanna Cry Ransomware uses a backdoor in Windows that allows the Ransomware to install onto your computer without your knowledge. Thankfully Microsoft did create a security update that did patch the back door. 

Wanna Cry Ransomware Guidelines:

  •  Make a recovery disk! The WannaCry ransomware asks for $300 or more if you a modified version if you do not pay the creators ( in Bitcoin to its untraceable and not refundable ) encrypt all of your files on the computer. 
  • If your computer gets infected take it off of your network imedately! The ransomware will spread to other computers on the network! You can restore from a backup.
  • Report it, this helps log the progression of the ransomware. 

-Jonathan Boring
"All around tech nerd"

Hi,

I have already mentioned this in my post But in a concise manner

also maybe this not helping you but maybe other person this help him to stay safe

thank you any way .

-Mohamed Halim
-Windows Insider

but if you have been affected dont pay the ransom because they or what will not give you the decryption key for you to decrypt all of your files ,that is where the backup comes in .

also i advise you to get sophos which can help you avoid any malware that could harm your devices 

p.s. i am not sponsored although i use it regularly.

thanks

A type of virus that infect computers, and then prevent the user from accessing the operating system, or encrypts all the data stored on the computer,
The user asks the ransom to pay a fixed amount of money, as opposed to decrypting files or allowing access again to the operating system.

Wanna Cry Ransomware Guidelines to stay safe :

  • Be careful to click on harmful links in your emails.
  • Be wary of visiting unsafe or unreliable sites.
  • Never click on a link that you do not trust on a web page or access to Facebook or messaging applications such as WatSab and other applications.
  • If you receive a message from your friend with a link, ask him before opening the link to confirm, (infected machines send random messages with links).
  • Keep your files backed up regularly and periodically.
  • Be aware of fraudulent e-mail messages that use names similar to popular services such as PayePal instead of PayPal or use popular service names without commas or excessive characters.
  • Use anti virus and Always make have the last update.
  • Make sure your windows have the last update close the gap.

Update 5/15/2017 : 

The entry of the virus to your device, which is dependent on a gap in the Windows system and the gap is present in all types of Windows is that the feature is open.

if you did no't update your windows just turn off SMP,

There are two methods to turn off SMP manually or Tools . 

First Manually :

1.Control Panel\Programs\Programs and Features.

2. Remove check Box  SMB1.0/CIF Filse Sharing Support.

3. you must be restart your computer.

Done! Now you are safe. 


2. Tools :

Link Download direct: SMB2 Tools Disable 

1. RUN AS ADMINISTRATOR.

2.First check if the Features is turn on !.
when you run the tools will show this, if you see SMB2 currently enable so you must be Disabled it  


3. SMB2 IS currently disabled.


4. you must be restart your computer.

Done! Now you are safe. 

I hope it helps to keep you safe.

     

As per your post we can safe our computers from Ransomware by disabling SMB option and there are 2 options to turn off SMP. First option to manually turn off SMB and in second option to install SMB2 Tools Disable  and first disable SMB and then Enable SMB2. Here I became confuse, if we will disable and then again enable SMB2 option then how computer will safe from virus/ransomware becasue option is already on.

And if we will manually disable SMB option then file sharing will stop?

Reply In reply to deleted message

Hi,

This is just a precaution to stay safe 

Note: any famous system will of course  be try to penetrate it and always and always will there be attempts.

-Mohamed Halim
-Windows Insider
the best way to avoid this attack it regularly up date your computer or pc to the latest update ,that is the best way to avoid the attack and also regularly backup private info to a ssd or a usb or a backup drive  

Hi,

The Difference between CIFS and SMB.

SMB : 


SMB stands for "Server Message Block." It's a file sharing protocol that was invented by IBM and has been around since the mid-eighties. It was designed to allow computers to read and write files to a remote host over a local area network (LAN). The directories on the remote hosts made available via SMB are called "shares."

CIFS:

CIFS stands for "Common Internet File System." CIFS is a dialect of SMB. That is, CIFS is a particular implementation of the Server Message Block protocol, created by Microsoft.

So what’s the difference?

Most people, when they use either SMB or CIFS, are talking about the same exact thing.  The two are interchangeable not only in discussion, but also in application – i.e., a client speaking CIFS can talk to a server speaking SMB and vice versa.  Why?  Because CIFS is a form of SMB.


-Mohamed Halim
-Windows Insider

* Please try a lower page number.

* Please enter only numbers.

* Please try a lower page number.

* Please enter only numbers.