You are not logged in.
Pages: 1
I thought it might be useful to start a thread on this, for any issues people might want to discuss and a link dump...
Wikipedia overview
https://en.wikipedia.org/wiki/WannaCry_cyber_attack
Microsoft patches for multiple OS's including XP
http://www.catalog.update.microsoft.com … ?q=4012598
Microsoft Customer Guidance for WannaCrypt attacks
Security Bulletin MS17-010 (SMB Server )
Stop using SMB1 by Ned Pyle
How to disable SMBv1
Discover SMB1 in your environment with DSCEA
disable SMB 1 on Windows 7 via Group Policy
Offline
Thanks for the links, Simon. I was not infected but I'd like to know the steps needed to remove the ransomware.
Offline
I havent had to deal with an infection yet
Apart from the obvious 'flatten everything and restore backups', heres a few more links that should help
BleepingComputer's Help & Support
Bleeping computer - News
No more ransom
https://www.nomoreransom.org/crypto-sheriff.php
Decryption Tools - 'No more ransom' don't have a tool for WannaCrypt yet, but imagine they are working on it.
Offline
just kill service
sc stop mrxsmb10
sc stop mrxsmb20
sc.exe config lanmanworkstation depend= bowser/mrxsmb20/nsi
sc.exe config mrxsmb10 start= disabled
sc.exe config lanmanworkstation depend= bowser/mrxsmb10/nsi
sc.exe config mrxsmb20 start= disabled
sc delete mrxsmb10
sc delete mrxsmb20
Offline
Pages: 1