Mahesh Sudula

Level 14
Verified
Malware Tester
Well, this is the exact piece of ransomware I tested against MCafee 2 weeks ago.
Sodinokobi.
Clearly the client was offline, and that made the mess.
If Inet is connected, Mcafee would have surely blocked it by its cloud signatures.
(Jti: Suspect!)
Mcafee doesn't have any client based offline behavior based system.
However my ransom extension is "atv 9362"
 

Burrito

Level 15
Verified
McAfee has been a substandard AV for over a decade.

There have been a few positive test results recently... so maybe they are finally turning it around.

But 'the turnaround' has been speculated on for over a decade. And CrapAfee has remained pretty bad.

We shall see.
 

Local Host

Level 17
Verified
McAfee has been a substandard AV for over a decade.

There have been a few positive test results recently... so maybe they are finally turning it around.

But 'the turnaround' has been speculated on for over a decade. And CrapAfee has remained pretty bad.

We shall see.
Over a decade ago McAffee was famous for bricking Windows Systems as well, I recommended every company to remove it to avoid conflicts/problems.

Before anyone comes yelling Windows 10, this was back with systems like Windows XP and Windows 7 (Windows 10 wasn't even a thing back then).
 

Mikesierra

Level 2
Thats´s bad but frankly I´m not surprised. I´ve had similar experiences with McAfee Endpoint Protection for Enterprise. Nevertheless, this is the outcome that one can expect from a working and reliable endpoint protection solution (Wisevector StopX) which doesn´t rely on signatures.
215280