XP system bitcoin virus

1.

Yesterday, I went to the electronic reading room. Not long after I plugged in the USB flash drive, the teacher suddenly asked everyone to unplug the USB flash drive. Some students found that all the files in the USB flash drive could not be opened, and there were two more documents asking for money

so everyone rushed to check, as long as the U disk inserted in the school computer were poisoned, large-scale computer poisoning occurred in the evening

a lot of people's information and graation thesis are in the computer. I really feel that hacker's behavior is disgusting. For the sake of money, regardless of the future of students, teachers' lifelong scientific research achievements...

hope to catch criminals as soon as possible and give them severe punishment by law

this virus will scan windows devices with open 445 file sharing port. As long as the user's device is on the Internet, hackers can implant blackmail software, remote control Trojan horse, virtual currency mining machine and other malicious programs in computers and servers

some security researchers point out that this large-scale network attack seems to be deployed through a worm application, and wannacry can spread among computers. What's more terrible is that unlike most malicious programs, this program can replicate and spread on its own in the network, and most of the current viruses still need to rely on the successful users to spread by cheating them to click the attachment with the attack code

the attack has affected 99 countries and as many as 75000 computers, but because the virus uses anonymous network and bitcoin anonymous transaction to obtain ransom, it is very difficult to track and locate the originator of the virus

2. Wannacry virus is spread based on Windows system, and smartphone users will not be affected. To prevent viruses, please open the system control panel - system and security - install system patches. If you do not open the system patch function, please open and repair all vulnerabilities immediately. It is recommended to upgrade the system for systems below Windows 7. Thank you for your support and trust in Tencent housekeeper.

3. According to the network security agency, this is a virus attack launched by lawless elements using the "eternal blue" leaked from NSA hacker's weapon library“ "Eternal blue" will scan windows machines with open 445 file sharing port, without any user operation. As long as the machine is turned on and connected to the Internet, criminals can plant blackmail software, remote control Trojan horse, virtual currency mining machine and other malicious programs in computers and servers. This is to remind the majority of computer users: 1. Install the latest security patch for the computer. Microsoft has released patch ms17-010 to fix the system vulnerability of "eternal blue" attack. Please install this security patch as soon as possible at the website of https://technet.microsoft.com/zh-cn/library/security/ms17-010; For Windows XP, 2003 and other machines that Microsoft no longer provides security updates, we can use 360 "NSA Arsenal immunity tool" to detect whether there are vulnerabilities in the system, and close the ports affected by the vulnerabilities, so as to avoid being infringed by blackmail software and other viruses. The download address of immunization tool is: NSA / nsatool.exe. 2. Close ports 445, 135, 137, 138 and 139, and close network sharing. 3. Strengthen the awareness of network security: don't click the unknown link, don't download the unknown file, don't open the unknown email... 4. Back up the important files in your computer to the mobile hard disk and U disk as soon as possible (regularly in the future), and save the disk offline after backup. 5. It is suggested that users who are still using Windows XP and windows 2003 should upgrade to Windows 7 / windows 10 or windows 2008 / 2012 / 2016 as soon as possible.

4. In the bitcoin virus reload useful, but to format the C disk in the installation system can be. If you have any help, please take it

5. You can use Tencent computer housekeeper to check and kill viruses as follows
1. First, upgrade your antivirus software and update the virus library to the latest
2. Open Tencent computer Housekeeper - virus checking and killing
3. Select lightning, overall or designated location (three kinds of checking and killing modes, according to your own needs). During the process of killing, you will scroll the process description and display the progress bar. In its traditional interface, it displays the start status of the antivirus engine in the form of icons, and displays the identification times of suspicious behaviors, the number of files scanned safely and other information
4. Wait patiently for the end of the scanning, if there is any abnormality, you can click to deal with it and clean up the virus
5, You can also choose to turn on the Tencent computer manager in safe mode, and follow the above steps for antivirus
turn off the computer, cut off the network, and select the entry mode (press the F8 key to start the computer and select the first item to enter the mode. This mode only starts the basic driver, and does not load other software. Then open your virus software and clean it up

6. Now many security software can prevent bitcoin virus, such as Jinshan drug bully
unless you don't install security software, or the installed software is too junk, it doesn't play the role of anti-virus and anti-virus
if it has been poisoned, you can use the U boot disk or the system CD to boot. After entering the PE system, you can re partition and format the hard disk, and then reload the system
just in this way, all the data in the hard disk will be gone. If there is no important data, just do it like this.

7. It's not easy for home users to get the blackmail virus, because broadband providers have blocked port 445. As long as you don't visit strange websites, click strange links, and download strange files. Basically won't be poisoned, and now it won't be poisoned for the time being

for security, please go to the Microsoft official website to download the XP special patch after you start the Internet. This is the vulnerability used to fix the blackmail virus.

8. In the meeting, the virus can use 360 to fix the vulnerability
or download and install the official Microsoft patch directly
official patch download page 1 https://technet.microsoft.com/zh-cn/library/security/MS17-010
official patch download page 2 http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598

9. Steps of setting screen lock in WinXP

10. 1. To install the latest security patch for the computer, Microsoft has released the patch ms17-010 to fix the system vulnerability of "eternal blue" attack. Please install this security patch as soon as possible; For windows
XP, 2003 and other machines that Microsoft no longer provides security updates, 360 "NSA Arsenal immune tool" can be used to detect whether there are loopholes in the system, and close the ports affected by the loopholes, so as to avoid being infringed by blackmail software and other viruses
2. Close ports 445, 135, 137, 138 and 139, and close network sharing
3. Strengthen the awareness of network security: don't click the unknown link, don't download the unknown file, don't open the unknown email...
4. Back up the important files in your computer to the mobile hard disk and U disk as soon as possible (regularly in the future), and save the disk offline after the backup
5. It is recommended that users who are still using Windows XP, windows 2003 or windows
2008 / 2012 / 2016 upgrade to Windows 7 / windows 10 as soon as possible.