Jump to content

Ransom Beta Fails to Detect

Recommended Posts

Hello Teddyjtr. Welcome to the forums. Thanks for your report. Was this a test environment? Can you share the MD5 or SHA256 of the sample you ran?

In our tests, we are successfully detecting some variants of CryptXXX. We are aware of additional variants and are working on solutions for our next Beta release.

Link to post
Share on other sites

Thanks Bob for Quick turnaround on this!


I would be happy to share the MD5 or SHA256 with you but I don't know where to find them? Please help me locate these items.

Your Beta provides no indication of Detection of the Ransom attack.


Norton Security support sees the attack and blocks the port involved but does not remove the attack source. Blocking does NOT resolve the attack but shuts off the port for 30min..

Link to post
Share on other sites

Hi Teddyjtr. Please see your private message inbox. Thanks!

Also, if you have the MBAMService.log from the affected machine, that would be great to have. It's located here:



Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.