Teddygtri
asked on
Ransom.CRYPTXXX Activity 2
Trying to run Symantec SSR backup but Norton Security catches Ransom.CryptXXX Activity 2 ransomware attack and blocks suspected data port but does not clear the infection. So backup attempt fails. This attack is repeatable if same backup is executed again. How can we resolve this problem
Be sure to pull the machine off of your network if you haven't done so already.
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
If you still have data you wish to keep that hasn't been backed up. You're going to have to pull the disks offline, install it on another system as a secondary disk, scan it, then copy the files to something that isn't your primary backup. You don't know what already got encrypted, so you should avoid wiping your backup.
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
The anti ransomware is more of the after effect cases to be preventive and alert when Ransomware starts to conduct their act. Not sure how effective is it in discovering Ransomware instead. Worth the try but note that it does not decrypt your files.
There are other AntiRansomware tools such as from Bitdefender AntiRansomware Winpatrol WinAntiRansom and SecureAPlus.
There are other AntiRansomware tools such as from Bitdefender AntiRansomware Winpatrol WinAntiRansom and SecureAPlus.
ASKER
Thanks
Glad to see I was able to assist. You could have a look at CryptoPrevent for prevention, I can't say how well it works or not, but I do recall them being one of the 1st to counter getting these type of infections. Perhaps MalWare Bytes does better.
Viruses however can learn and adapt against detection patterns, hence first line of defense is user training. If users know not to open up unexpected random bills/documents then that saves one in most cases already. Some pointers can be found online such as here
Viruses however can learn and adapt against detection patterns, hence first line of defense is user training. If users know not to open up unexpected random bills/documents then that saves one in most cases already. Some pointers can be found online such as here
Follow this with a scan use Malwarebytes.
You do face the possibility of formatting and reinstalling Windows