How to Deal with Wannacrypt Ransomware Virus

Ransomware Virus Wannacrypt raging the world, the use of Windows operating system vulnerabilities, due to rapid response to the rapid spread of chain, campus computers, personal computers, government agencies are hardest hit. Poisoned computers all documents are encrypted and will be extorted up to $ 300 or more. Steward with you, with the prevention and treatment!

Properly turn on the computer can be anti-virus

【general user】
Whether in the home, the company or the public network, ordinary network users, as long as the completion of the following five things before the boot, you can perfectly avoid the extortion virus.

1. preparatory work
First prepare U disk or mobile hard disk, in other non-important documents on the computer to download the computer housekeeper "extortion virus off-line version of the immune tool", and copy the tool to a safe U disk.

View the system supported by the immune tool

Immune system supported by the system
Windows XP (32-bit system);
Windowsserver 2003 (32-bit system); Windowsserver 2003 (64-bit system);
Windows Vista (32-bit system); Windows Vista (64-bit system);
Windows 2008 (32-bit system); Windows 2008 (64-bit system);
Windows 7 (32-bit system); Windows 7 (64-bit system);
Windows 2008 R2 (32-bit system); Windows 2008 R2 (64-bit system);
Windows 8.1 (32-bit system); Windows 8.1 (64-bit system)

If you find the system does not support, please manually download the Microsoft official patch package download package

Windows system patch download address
Windows Server 2008 (32-bit System) Patch: Click to download
Windows Server 2008 (64-bit System) patch: Click to download
Other operating system please visit: click to download, select the appropriate patch version download

2. Before disconnecting the network
To the office, if the office computer plugged in the network cable, then first unplug the cable; if it is connected through the router wifi, then turn off the router.

3. Back up important documents
Copy important documents from your computer to your mobile hard disk or U disk backup.

4. bug fixes
Copy the U disk or mobile hard disk in the "extortion virus offline version of the immune tool" to the computer, double-click to run; wait a moment, wait for the bug to repair finished, and then restart the computer, you can access the Internet.

Use tutorial >>

If you do not download, you can download it by clicking on the download

A) Double click on the tool, click Run, please be patient

B) After the repair is successful, you will see this box, please click OK to restart the computer

C) If the repair fails, click the OK button on the pop-up box, and then close the black window, but also to ensure that no infection, attack

5. Open the document guardian, to prevent variants attack

【Administrator User】

If you are an administrator, you can use the following 3 steps to avoid the extortion virus.

1. Disable access layer switch between PC segment 445 port access
2. Require all employees to fix the vulnerability as described above
3. You can use the "Administrator Assistant" to confirm whether the staff computer vulnerabilities repair
Command line: MS_17_010_Scan.exe 192.168.164.128

Download the administrator assistant

For Android & iOS assistant tool - iOS & Android Manager


What phenomenon on behalf of my computer received an attack

Wannacry Virus Attacked computer interface

(1) Will be infected computer completely broken network, and in the repair process to ensure full disconnection
(2) Download the "extortion virus off-line repair kit" on another networked computer and extract it to U disk

Offline repair package

(3) To keep the net, will be equipped with a toolkit U disk into the infected computer, right click on "1_ killing tool. Bat", select "run as administrator", waiting for the successful removal of the virus
(4) Continue to keep the network, run "2_ file recovery. Exe", according to the use of tutorials to complete the recovery of encrypted files using tutorial >>

Recover Encrypted Data from Wannacry Computer

(5) Continue to keep the network, run the "3_ immune tool. Exe", please be patient waiting for the patch is installed, follow the prompts to restart the use of tutorial >>
(6) repair is complete, you can restore the network connection.

Read More:

How to Recover Lost Data from a Virus Attack Computer

How to Repair Damaged Video File due to WannaCrypt Virus Attack

Recover Files from Wannacry Virus

Suffer Wannacry Ransomware Attacked? Teach You How to Recover Encrypted Data

Summary:Once your computer suffer WannaCry ransomware attacked,how to fix WannaCry Virus Attact, Protect Wanna Cry Ransonware simple steps to recover data encrypted by WannaCry Ransomware.Decrypt data encrypted by WannaCry Ransomware easily by Data Recovery software.

recover data wannacry computer

Does your computer or laptop be attacked by WannaCry virus? Recently, many computers have been attacked by the WannaCry virus, causing most of the files to be encrypted and ransomware to pay Bitcoin for decrypted files. There is no perfect decryption tool or program, but according to the analysis of the virus, we found that the virus used to encrypt the original file and then delete the original file, so for the deleted file there is a certain possibility of recovery, we can recover data after suffer wannacry ransomware attacked.

Data Recovery can help you recover lost or deleted files from computer in 3 recovery modes,no matter your computer suffered Wannacry ransomware attacked, virus infected or other reason:deleted, lost, formatted,etc. It will automatically perform 'quick scan' to quickly scan your hard drive, lost hard drive or storage device to find the lost files in just 1 minute. You can conveniently preview and locate the files you need.Data Recovery supports recover photos, videos, documents, email and more from Computers, Hard Drives, Flash Drives, Memory Cards, Smartphones, Cameras and Camcorders.

 

How to Recover Encrypted Files by Wannacry Ransomware

Step 1. Launch Data Recovery

Download and launch Data Recovery tool and install it on your computer,then run it on your system and choose to recover data from your hard disk.Since WannaCrypt Ransomware affects almost every kind of data off the computer, please select “All File Types” and click on the “Next” button.

Step 2. Select Whole Computer Locations have been Encrypted by Wannacrypt

You would be asked to select locations to scan for deleted files. You can simply select the common location, the affected drive, or the whole computer. Since Ransomware affects the entire system, you should select whole computer and click on the “Start” button to commence the recovery process.

Step 3. Recover Encrypted from Wannacrypt Computer

Wait for a while as the application will recover the deleted files from your system. If your files have been recently affected by the malware, then the recovery tool would be able to restore a substantial amount of data. After completing the recovery process, you will get a screen like this. Your data will be segregated according to its location. To get it back, simply select it and click on the “Recover” button.

Download the Data Recovery for Windows or Mac:

 

Well done! Only three steps to recover photos, videos and other data from computer after suffered wannacrypt ransomware attack (or any virus attack) in the future as well. If your phone suffers from a virus attack, cause the data is lost, learn how to recover lost data from Android phone.

How to recover lost data from iPhone

Related Articles:

Recover Lost Data from a WannaCry Virus Attack Computer

Recover Files from WannaCry Virus Memory Card and USB Drive

How to Fix Damaged Video After WannaCry Virus Attack

Security Experts Teach You 3 Strokes Defense WannaCrypt Ransomware Virus

May 15, with the enterprises and institutions focused on the start office on Monday, WannaCry extortion virus may further spread, universities, banks, hospitals and other high-risk users will be a great challenge. As of 10:30 on the 14th, the National Internet Emergency Center has been monitoring about 242.3 million IP addresses suffered "Eternal Blue" vulnerability attack; by the blackmail the software IP address number of nearly 35,000, of which IP in China about 1.8 Million.

In this regard, Tencent security anti-virus laboratory person in charge, Tencent computer steward security expert Ma Jinsong said, WannaCry extortion virus, although the potential harm, but the security researchers in the defense of WannaCry blackmail virus has made some progress. Tencent computer housekeeper has released "extortion virus immune tool" and "extortion virus immune tool off-line version", the user as long as the correct disposal method, through the computer steward extortion virus immune tool, you can reinforce the computer to avoid infection.

How ordinary personal computer users operate

Ma Jinsong proposed in strict accordance with the norms of operation, to avoid the computer was infected with the virus. Tencent computer housekeeper who launched the "extortion virus immune tool" offline version (http://guanjia.qq.com/wannacry/) can help you immune to extortion virus. Before the boot to ensure that the computer is in a broken state, after the boot back to the important documents in other documents without important information to download offline patch package to a safe, non-toxic U disk, and then copy the U disk "extortion virus immune tool" Offline version to this computer, a key repair vulnerability; networking can use the computer.

1. Open the computer before the broken network: open the computer before the first cut off the computer network cable or cut off Wi-Fi, and then boot operation.
2. Back up important documents to the mobile hard disk or U disk
3. Download the immune tool: in other no important documents on the computer to download "virus off-line version of the immune tool"
4. copy the U disk in the "virus off-line version of the immune tool" to the computer, run and wait for the completion of the patch after the restoration of the computer, you can normal Internet

How does an enterprise administrator user operate?

Administrators are not sure whether the computer is infected, you can use Tencent computer steward's "administrator assistant" diagnostic tool for testing. Enterprise network administrator as long as the download of this diagnostic tool, enter the target computer's IP or device name, you can diagnose the target computer is infected loopholes loopholes. The biggest benefit of this diagnostic tool is to provide an effective tool for network administrators to diagnose computer equipment security and defense, which can help companies fully understand the security of computer equipment, greatly enhance the efficiency of the administrator, and in the diagnosis of the guidance of the report Under the health of the equipment has not yet patched in time to patch, layout defense.

1. Disable Access Layer PC PC segment This 445 port access.
2. Require all employees to follow the previous 1 to 4 steps to repair the vulnerability.
3. Use the "Administrator Assistant" to confirm whether the employee computer vulnerability is fixed.
(Command: MS_17_010_Scan.exe 192.168.164.128)

How to protect the file

In addition, in order to avoid the file again by WannaCry similar virus threat. Tencent computer housekeeper has also launched a protective tool "document guardian", the user can be in the latest version of the 12.5 version of the computer steward toolbox to open, select the "full document backup", to be restarted after the computer, "document guardian" will be intelligent protection of the computer Document, when there is encryption, modify, delete and other operations to achieve no sense of automatic backup. At the same time, Tencent computer housekeeper also on the line "computer housekeeper file repair tool", can help users reduce the loss caused by blackmail virus.

On the WannaCry extortion virus new variants rumors, Ma Jinsong said that although the current monitoring of the data and did not fully confirm the WannaCry 2.0 extortion virus has been struck, but the possibility of a new variant is very large, to remind the majority of users, be sure to strengthen the network security awareness , Unfamiliar links do not click, unfamiliar files do not download, unfamiliar mail do not open, computer installation and open anti-virus software!

Read More:

How to Recover Encrypted File from Wannacry Virus Infected Computer

Recover Files from Wannacry Virus Infected Memory Card and USB Drive

How to Repair Damaged Video File due to WannaCrypt Virus Attack