How To Deal With Ransomware Wannacry Easily

Posted by Abirama on Tuesday, May 16, 2017 in Computer | No comments

Now the world is surprised by the ransomware attack called WannaCry. This ransomware, attacked so many countries and causing a billion of dollars of loss. There are so many people, that tried to fight back, but some people decide to give their money in order to save their precious files. But before you do anything stupid, you should take a look at this one.

There are so many ways to fight the ransomware attack. And today I'm going to give you the easy way. But before we start, did you know what is WannaCry and how does it worked? WannaCry (wcry) or also known as Wanna Decryptor is a specific ransomware program that locks all data on a computer system and lets the victim have only two files: instructions on what to do next and the Wanna Decryptor program itself.

When the program is opened, the computer will notify the victim that their files have been encrypted, and give them a deadline to pay, warning that their files will be deleted. The attacker demands the payment of Bitcoin, gives instructions on how to buy it, and gives the Bitcoin address to send.

How To Deal With WannaCry Easily

But before we go any further, I'm just going to tell you that until the second this article was written there is no way to decrypt WannaCry. Or simply, there is no way to save your data.

This method is more intended to remove the virus, then re-use the infected computer. Here's how to solve WannaCry's ransomware. There are two ways, here it is ...

1. Format and Reinstall Windows

Let's start the easy way first shall we? The first way is to format and reinstall your Windows. This way is the most effective and recommended for a person that doesn't have a patient. Why? Because all your data is encrypted and can not be saved, so just delete it. And after that reinstall, so your computer performance feels new. The virus is gone, and the computer feels like new. 

2. Eliminated The WannaCry Virus

The second way, is person that didn't want to lose their data or files. But I do not recommend this way. Why? Because first, it was complicated. And second there is not necessarily a way of decrypting or saving it.

But if you still want it and hope that someday your data can be saved, here's the steps:

• Unplug the infected computer hard disk.

• Attach the infected hard disk with HDD dock or HDD enclosure. 

• Connect to another computer with already installed antivirus updates 

• Perform a scan using the latest antivirus. 

• Restore the detached HDD to the computer.

• Then boot Windows as usual.

You can also remove the virus manually, this is not recommended for a newbie:

• Boot into "Safe Mode".

• Press "Ctrl + Shift + Esc". On the "Processes" tab look for suspicious software, usually using high RAM resouce and CPU even in idle position. If found, right-click and "End Task".

• Click the "Start Up" tab, then "Disable" any software you do not recognize.

• Press "Win + R", then type "Regedit". Press "Ctrl + F", then look for "Ransom.CryptXXX" or "WannaCry", deleted it, if you found it straight away.

• Last but not least is to check the following folders "% AppData%", "% LocalAppData%", "% ProgramData%", "% WinDir%", "% Temp%". If a strange or unfamiliar file is found, just delete it.

There are still no way to eliminated or decrypted the WannaCry Virus. But SensorsTechForum said that WannaCry uses an HTTP path to send a key. There is an assumption, that this key can be sniffed. Given HTTP the path is not encrypted. To do so can use WireShark software. But if you want to eliminated the WannaCry virus and save your files, then you should do the step above.