Tips To Protect Your Pc From WannaCry Ransomware Virus Attack

0

Protect Your Pc From WannaCry Ransomware Virus Attack

The whole world again attacked by the WannaCry Ransomware dangerous virus, especially for users of Windows Operating System. There are many hospitals and companies, largest telecom company, and many more organizations in the world have been attacked by the Ransomware WannaCry malware. The MalwareTech tracker detected over 100,000 infected systems over the past 24 hours.

What is WannaCry Ransomware?

WannaCry Ransomware is a malware that enters a computerized system and encrypts all files in the computer so that it can not be opened by the user. This malware not only attacks client computers but also attacks server computers where important data belongs to agencies.

Mainly This malware infects Windows-based PC users who have weaknesses related to the SMB function that is run on that computer. Wannacrypt Ransomware malware is reported to have infected many users around the world.

Here is a PC Demo Demo Exposed to Ransomware Wannacrypt Malware:

Here are some file extensions that become targets of Malware Ransomware Wannacrypt:

  • Commonly used office file extensions (.ppt, .doc, .docx, .xlsx, .sxi).
  • Less common and nation-specific office formats (.sxw, .odt, .hwp).
  • Archives, media files (.zip, .rar, .tar, .bz2, .mp4, .mkv)
  • Emails and email databases (.eml, .msg, .ost, .pst, .edb).
  • Database files (.sql, .accdb, .mdb, .dbf, .odb, .myd).
  • Developers’ sourcecode and project files (.php, .java, .cpp, .pas, .asm).
  • Encryption keys and certificates (.key, .pfx, .pem, .p12, .csr, .gpg, .aes).
  • Graphic designers, artists and photographers files (.vsd, .odg, .raw, .nef, .svg, .psd).
  • Virtual machine files (.vmx, .vmdk, .vdi).

How Does Ransomware WannaCry Works After Infected?

1. Program And Tools Not Working

This malware will paralyze some programs or tools that exist in the computer registry, so if your computer experiences it, it could be your computer infected with Ransomware Malware Wannacry this.

2. Keyboard And Mouse Not Functioning

Malware Ransomware Wannacry will turn off keyboard and mouse function so you will not be able to use the I / O device. The active keyboard button is just the numeric keyboard key and enter.

3. Presence of Warning Message

The warning message delivered by Malware Ransomware Wannacry is a recognition that all of them are law enforcers, not only that you will be required to make a payment so that your computer can be free from Malware Ransomware Wannacry.

Tips To Protect Your Pc From WannaCry Ransomware Virus

Here are some precautions to minimize infected Malware Ransomware Wannacrypt:

1. Turn Off SMB v1 In Your Computer

Microsoft Functions takes unusual steps to protect its customers with unsupported versions of Windows – including Windows XP, Vista, Windows 8, Server 2003 and 2008 – with the release of security patches that fix the SMB flaws currently exploited by WannaCry ransomware. After updating the latest MS17-010 patch on your Windows OS, Disable on your SMBv1 Computer feature. Follow These Steps:

How to Turn off the SMB V1 feature for windows 7

  1. Search and Run the windows power shell (run as administrator)
  2. Enter the following script in the command
    Set-ItemProperty -Path “HKLM: \ SYSTEM \ CurrentControlSet \ Services \ LanmanServer \ Parameters” SMB1 -Type DWORD – Value 0 -Force

How to Turn off the SMB V1 feature for windows 8

  1. Search and Run the windows power shell (run as administrator)
  2. Enter the following script in the command
    Set-SmbServerConfiguration -EnableSMB1Protocol $ false

How to Disable SMB v1 via Regedit (all windows)

  1. Download Reg file from here https://goo.gl/j0YHLW
  2. Run as admin and merge the registry file
  3. Restart the PC

2. Perform AntiVirus Update

Already Antivirus Tools are staring given an update to protect attack from WannaCry. So you must update your antivirus. Make sure you use trusted Antivirus to improve the security of your PC using Windows OS.

3. Perform a MS17-010 Patch Update on Windows OS

MS17-010 security patch released by Microsoft has actually been announced since last March. But it seems most of the computers in the world have not installed them yet. So update your windows now see here: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx 

4. Block ports 139/445 and 3389

Port 139/445 and 3389 are paths that Ransomware Wannacrypt Malware may bypass, you need to block to prevent the spread of Ransomware Wannacrypt Malware to your PC.

Tutorial How to Block ports 139/445 and 3389:

  • Navigate to Control Panel, System and Security and Windows Firewall.
  • Select Advanced settings and highlights Inbound Rules in the left pane.
  • Right-click Inbound Rules and select New Rule.
  • Add the port you need to open and click Next.
  • Add the protocol (TCP or UDP) Port 139 and Port 445 and port 3389 (optional) the port number into the next window and click Next.
  • Select Block the connection in the next window and hit Next.
  • Select the network type as you see fit and click Next.
  • Name the rule something meaningful and click Finish.

Share and promote this article to your friends and family. It will help them.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.