App Review AV vs. Petya V2 Ransomware

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.

Atlas147

Level 30
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 28, 2014
1,990
Wow pretty good job done by kaspersky and avira, honestly quite surprised that avira caught it even though it wasn't in it's base signatures. Unfortunately it doesn't show how it was caught. I always thought that avira didn't have a good 0 day, the malware was probably caught by cloud?
 
D

Deleted Member 333v73x

Thanks for the reviews!
Only Avira and Kaspersky? Wow I expected better, especially Sophos Home it uses the same signatures as its commercial/endpoint protection suites. No AV can block EVERY variant of ransomware - things like Bitdefender Anti-Ransomware, Malwarebytes Anti-Ransomware, Anti-Executables and Crypto Prevent are slowly but surely going to be needed to compliment an anti-virus. That malware NEEDED UAC authorization to do damage, so that proves it works :)
 

Av Gurus

Level 29
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Sep 22, 2014
1,767
Shadow Defender also protect vs Petya, confirmed on Wilderssecurity Forum:
The unofficial Shadow Defender Support Thread.

1.jpg
 

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
I have no question to Avira about its detection, of course the cloud or its signature is their primary main defense so the critical level to ruin a system is high enough. Compare to other programs which contains HIPS, BB and other forms of strong user interaction can definitely deny the access.
 

Lord Ami

Level 21
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Sep 14, 2014
1,026
Thanks for the reviews!
Only Avira and Kaspersky? Wow I expected better, especially Sophos Home it uses the same signatures as its commercial/endpoint protection suites.
Actually, F-Secure blocked it too. I'm not sure why he excluded it from DeepGuard popup. Both files were blocked, but he allowed first one and then executed it afterwards... why?
 

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
Actually, F-Secure blocked it too. I'm not sure why he excluded it from DeepGuard popup. Both files were blocked, but he allowed first one and then executed it afterwards... why?
He allowed it through UAC in the end and why was simply to show what would happen and for no other special reson as far I could understand.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top