Even though I had Norton installed on my four networked computer, the Crytox malware went through them all last week and encrypted all the data files. I had offline backups, but I have a couple of questions:
(1) Is it too much to expect an anti-virus to stop a malware like this? Maybe there's something better than Norton. This was a disruptive event and can apparently happen to a non-commercial site. I'd rather not be open to the risk of an encrypting malware. Norton was apparently oblivious to what happened, in fact I received a report for the month telling me how well it worked.
(2) Is it adequate to clean up the boot drive as documented for this malware, or is it best to format all the drives?
Hello Roy, welcome to the forums. Peer to peer networks are seriously dangerous and should be avoided. Any one user on the network can exposed the network to a malicious download due to the lack of central control. Your router not being up to date with its firmware can also contribute to the issue. You can review this article:
This form of ransomware, I am sure you are aware of, uses multiple levels of encryption to inject files into the Windows shellcode. Malware creators are crafty in that, the first thing its initial dropper files do, is disable A/V so it goes undetected, and then, completes its contact with its C/C servers to complete the system infection. For that reason alone, I would personally replace the HD's on all the machines. Microsoft should reactivate once it determines the mainboard wasn't replaced and a fresh, un-activated install of Windows is detected. Restore your backup images as you determine appropriate.
Interesting that I've seen Malwarebytes mentioned in the solutions in a couple of threads in this Norton Community. This implies to me that Malwarebytes is superior to Norton and is a better alternative than Norton? Hmmmmmmm. Then why are we talking about Norton products here?
Norton Community talks about Malwarebytes as a source for free second opinion & free help.
Norton Community has users that run Norton + Malwarebytes real-time &or as second opinion.
Norton Community talks about Norton products.
Malwarebytes Forums
https://forums.malwarebytes.com/
Malwarebytes Blog
https://www.malwarebytes.com/blog
If you have a paid version of Malwarebytes it will work with Windows Defender with arguably better protection. Norton and Malwarebytes may have conflicts.
Malwarebytes is not designed to function like normal AV scanners and uses a new kind of scan engine that relies mostly on heuristics detection techniques rather than traditional threat signatures. [...]
Interesting that I've seen Malwarebytes mentioned in the solutions in a couple of threads in this Norton Community. This implies to me that Malwarebytes is superior to Norton and is a better alternative than Norton? Hmmmmmmm. Then why are we talking about Norton products here?