Jump to content

Any WanaCry Vistims here?


JeffDunhill

Recommended Posts

JeffDunhill

I think everyobdy knows now that what's going on in the world by the name of wanacry. My friends have been the victims of this too. So just wondering if there're more here? And also if some can can help prevent it? Tips?

Link to comment
Share on other sites


  • Replies 30
  • Views 4.4k
  • Created
  • Last Reply

For what I know now, to be protected it's enough to have Windows Update and the resident Microsoft antivirus enabled. I hope that more experienced users will give more help :unsure:

Link to comment
Share on other sites


JeffDunhill
1 hour ago, 0bin said:

I have seen review of Sister, looks like Comodo Firewall Sandbox prevent it, and also latest Windows March Security Update?

 

Link to comment
Share on other sites


From years I have been waiting for some extreme sensations with some malware, ransomware ...but I did not have luck until now .... :(  tx38TOr.gif

Link to comment
Share on other sites


straycat19
4 hours ago, JeffDunhill said:

I think everyobdy knows now that what's going on in the world by the name of wanacry. My friends have been the victims of this too. So just wondering if there're more here? And also if some can can help prevent it? Tips?

 

As many who have been on here a while know, I don't use any type of anti malware or anti virus software on any of my systems.  They also know that I quit running Windows updates on any of my systems when Microsoft started adding telemetry and cumulative updates to Windows 7 and Windows 8.1 (I don't run Windows 10 as it is LESS secure than Windows  7 or 8.1, despite Microsoft's marketing lies.)  And they know that as part of my job I test malware to make sure that my systems cannot be infected by any of it because of the tweaks/modifications I make to windows.  As with other malware, this malware will not run on my system.  When I try to run it it won't run, even logged in as an administrator.  I have found that a few tweaks to the group policy and registry have saved me thousands of dollars in AV software and countless hours in cleaning up systems that AV/malware software failed to protect since even heuristics and behavior based software can't catch everything.  It's all marketing, not fact, and is usually advertised after the malware is released and they have time to modify their software's 'behavior' or heuristic detection.  

Link to comment
Share on other sites


I4rg£8all8ag

Straycat saves the world from WanaCry... Should be new post title, I'm off to remove my AV and malware protection, plus never updating the OS again ;)

Link to comment
Share on other sites


Akaneharuka

I saw this :)

 

Quote

This exploit works by gaining access to a remote machine via the SMBv1 protocol.  Unfortunately, it seems that even though Microsoft patched this flaw in March as MS17-010, many people did not install it.

If you have not installed the updates mentioned in the MS17-010 security bulletin, STOP WHAT YOU ARE DOING NOW AND INSTALL IT.  Yes, I did that all in caps because it is that important.  This ransomware is spreading like crazy and there is no known way to decrypt it for free. Therefore, install your updates so you don't lose your files when you become infected!

 

Link to comment
Share on other sites


37 minutes ago, I4rg£8all8ag said:

Straycat saves the world from WanaCry... Should be new post title, I'm off to remove my AV and malware protection, plus never updating the OS again ;)

... And they know that ...  ;)

 

(And they keep creating new anti-virii companies, software, and security solutions every day; and they keep creating new updates for their OSs.   :lol:)

Link to comment
Share on other sites


12 minutes ago, Akaneharuka said:

I saw this :)

"... STOP WHAT YOU ARE DOING NOW AND INSTALL IT..."

 

Should we or shouldn't we? 

 

Please, [S]traycat19, could you share the policy settings and registry modifications, and other precautionary settings, that make your PC run without any anti-virus software and security updates.  Thanks.  :flowers:

 

Link to comment
Share on other sites


1 hour ago, I4rg£8all8ag said:

Straycat saves the world from WanaCry... Should be new post title, I'm off to remove my AV and malware protection, plus never updating the OS again ;)

 

The guy ( @straycat19 ) really knows about he is talking about.


I agree with him : the rules in GPO are proactive security measures .


More than that the antivirus is dead and lots of antimalware solutions do not offer real time protection as is should be , because, today , the threats are so quickly.

 

" It was to late ",  this is what I heard more often from them, nowadays....

Link to comment
Share on other sites


Seconfig-XP_1.png

http://www.softpedia.com/get/Security/Security-Related/Seconfig-XP.shtml

Windows-Worms-Doors-Cleaner_1.png

http://www.softpedia.com/get/Security/Firewall/Windows-Worms-Doors-Cleaner.shtml

 

I run these programs in windows 7 as admin and compatibility with windows xp,

 

Untick telnet in add/remove windows components

 

Image result for telnet in add/remove windows components

And tick secure rules (delete) in WFC then en rules block:

File and printer share

Internet control message Protocol v4 and v6

Windows time service

Windows update

 

 

Link to comment
Share on other sites


32 minutes ago, omopos3 said:

... I run these programs in windows 7 as admin and compatibility with windows xp, ...

... For Windows 10, please?  Thanks. 

Link to comment
Share on other sites


I have here

Quote

Betreff: Your WinAntiRansom Registration Code
Von: [email protected]
Datum: 02.04.2016 05:36

but I don't use it and I removed my AV last year. The only sure effect of these tools is that they slow down the system

Link to comment
Share on other sites


28 minutes ago, adi said:

... For Windows 10, please?  Thanks. 

I dont know if these programs works with windows 10 (Im stick with 7 for now) , but they was originally created for XP so depends on you try or not.

All tweaks performed are only registry tweaks no others files o configurations are touched. the changes can be reverted and never had troubles for applying both.

The better i can say is this: create a VM and go for.

Link to comment
Share on other sites


Akaneharuka
2 hours ago, adi said:

"... STOP WHAT YOU ARE DOING NOW AND INSTALL IT..."

 

Should we or shouldn't we? 

 

Please, [S]traycat19, could you share the policy settings and registry modifications, and other precautionary settings, that make your PC run without any anti-virus software and security updates.  Thanks.  :flowers:

 

 

I believe you should install it

Link to comment
Share on other sites


4 hours ago, I4rg£8all8ag said:

Straycat saves the world from WanaCry... Should be new post title, I'm off to remove my AV and malware protection, plus never updating the OS again ;)

Good one. :lol:

 

 

3 hours ago, adi said:

Please, [S]traycat19, could you share the policy settings and registry modifications, and other precautionary settings, that make your PC run without any anti-virus software and security updates.  Thanks.  :flowers:

It's never gonna happen. B)

Link to comment
Share on other sites


9 hours ago, adi said:

could you share the policy settings and registry modifications, and other precautionary settings, that make your PC run without any anti-virus software and security updates.  Thanks.  :flowers:

 

 

I could share this great tutorial

but it is in german (15 pages) and the needed tool. If you are able to read and understand german let me know and I upload it.

Link to comment
Share on other sites


11 hours ago, Togijak said:

I could share this great tutorial

but it is in German (15 pages) and the needed tool. If you are able to read and understand German let me know and I upload it.

Not unless you could translate it.

 

[Any information is good information and must be welcome with an open mind; any opinion must be taken with a grain or a bucket of salt; all must be critically examined; and accepted (or rejected) in light of results of one's own experiments (experience).   :flowers:]

Link to comment
Share on other sites


17 hours ago, dcs18 said:

 

Hello bro,

 

It is not my busines to defend @straycat19 . and I am more than sure he doesn't need that....

Never talked to him personally.

 

With all of these, the guy explained somewhere in here which type of rules he created in GPO. Were rules about not to execute exe files in some critical places from windows liked by the malware to unpack its mess. For e.g %appdata% or %localappdata%.....

 

I cannot remember exactly where because it was to News and I am not quite interested all the time in every kind of them.

 

About the post you quated , yes , you are right, but maybe he will explain.


Also, I saw that he is not used to come back often to topics in which he commentated, and this is generally !

 

Greetings,

;)

 

Link to comment
Share on other sites


2 hours ago, adi said:

Not unless you could translate it.

 

 

My english is much too bad to translate a critical security tutorial

Link to comment
Share on other sites


Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...