Techit Tricks

You can download videos of CCNA | Azure | Vmware | AWS | Citrix | HP

Simplest way to Avoid WannaCry Ransomware Attack on Windows Machines

Step by step instructions to Avoid the WannaCry Ransomware Attacking Your Windows Computers

Don't Wanna Cry! We've had some basic and compelling strategies for you to keep your desktop or Laptop far from the malware. You may jump at the chance to look at the accompanying workarounds for your information security:

Disable the TCP Ports 445, 135, 138, and so forth to Prevent the WannaCry Ransomware

For Windows 7 and the later Windows OS like Windows Vista, Windows XP, Windows 2000, and etc., it's important to close the ports 445, 135, 138, 139 and keep from the malware on the Windows 10, 8.1, 8, 7, Vista, XP or thereabouts, in light of the fact that PCs are anything but difficult to be held to deliver if there are opening ports that way, particularly when the ports are in LISTENING status. You can do a port scan to the internal IP to check whether the ports are open:

1. Open Command Prompt in your Windows computer.

2. Type netstat –na.

3. Hit the Enter.


If you find the 135, 445 and 139 are on and in LISTENING, you can disable the TCP ports via the 3 methods below:

Disable Port 445, 135, 138, 139, etc. via the Firewall

1. Open the Control Panel.

2. Click the Windows Firewall.

3. Click Advanced settings.


4. Click Inbound Rule.

5. On the right side, click New rule.

6. Chose the Port.

7. Click Next.

8. Choose Specific local ports.

9. Type 135, 137,138,139, 445.

10. Click Next.


11. Choose Block the connection.

12. Click Next.

13. Tick the three checkboxes and click Next.

14. Type Close the port into the Name box.

15. Click Finish.

Then you can verify the ports by double-clicking the rule you’ve created just now.


Disable Port 445, 135, 138, 139, etc. through Command Lines
Open the Command Prompt and then type the following command lines into the box to disable them:
  • netsh advfirewall set allprofile state on
  • netsh advfirewall firewall add rule dir=in action=block protocol=TCP localport=445 name="Block_TCP-445"
  • netsh advfirewall firewall add rule dir=in action=block protocol=TCP localport=135 name="Block_TCP-135"
  • netsh advfirewall firewall add rule dir=in action=block protocol=TCP localport=138 name="Block_TCP-138"
  • netsh advfirewall firewall add rule dir=in action=block protocol=TCP localport=139 name="Block_TCP-139"

Disable Port 445, 135, 138, 139, etc. by Modifying the Registry
Also, modifying the registry to prevent the WannaCry malware is available.
1. Use Windows shortcut keys Win + R to launch the Run.
2. Type regedit and press the Enter.
3. Expand the entries via the path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters. (Note: For Windows 10 Creators Update users, you can paste it directly into the bar and press the Enter.)
4. In the subkey Parameters, right click the blank area for New.
5. Select the DWORD (32-bit) Value or the QWORD (64-bit) Value. (Note: Make sure your system type via Win + PauseBreak and choose the corresponding one.)


6. Rename the New Value #1 you created to SMBDeviceEnabled.

7. Double-click the SMBDeviceEnabled.

8. Change the Value data to 0.

Note: You can’t be more careful when modifying the Registry because it is a sensitive Windows database and if there are issues with the registry, you may encounter other serious system problems. So it is better to back up the Registry before you modify it.