Skip to content
Urgent Announcement

McAfee is receiving multiple reports of modified Petya ransomware variants. McAfee Labs is receiving various samples which are in analysis, and can confirm that McAfee Global Threat Intelligence (GTI) is protecting against current known samples at the low setting.

  • Extensions currently known as being affected are:  .3ds, .7z, .accdb, .ai, .asp, .aspx, .avhd, .back, .bak, .c, .cfg, .conf, .cpp, .cs, .ctl, .dbf, .disk, .djvu, .doc, .docx, .dwg, .eml, .fdb, .gz, .h, .hdd, .kdbx, .mail, .mdb, .msg, .nrg, .ora, .ost, .ova, .ovf, .pdf, .php, .pmf, .ppt, .pptx, .pst, .pvi, .py, .pyc, .rar, .rtf, .sln, .sql, .tar, .vbox, .vbs, .vcb, .vdi, .vfd, .vmc, .vmdk, .vmsd, .vmx, .vsdx, .vsv, .work, .xls, .xlsx, .xvd, .zip
  • We have confirmed with the samples that SMB is being used as a propogation method, and are aware of reports that RDP may also be used but have yet to confirm this.
  • After encryption, impacted systems may show a ransom screen and suggest a system reboot after which the system will not be accessible.

McAfee has released an Extra.DAT to include coverage for this threat — it is attached to KB89540.


Continuing Information

McAfee will continue to post more information in Knowledge Base article KB89540 (https://kc.mcafee.com/corporate/index?page=content&id=KB89540) as available.

To receive information about McAfee product updates, sign up for the Support Notification Service (SNS) at https://sns.secure.mcafee.com/signup_login

Knowledge Center

Begin your search by entering a search term or a product. Entering both may provide more relevant search results. Search Tips
Reset|Share This Search
Search Results Feedback »

All Results (63040)

Knowledge Base (11564)

Content Source
Technical Articles
Content Type
Best Practices (231)
Plugins And Components
Sort By:
A to Z
Last Modified Date

Communities (51342)


Videos & Podcasts (134)


Collapse Pane
Sort By:
Sort By:
Technical Article
All McAfee products that support Microsoft Windows platforms. McAfee products are verified / validated against and supported with all Microsoft Service Packs and critical updates (including monthly security updates) for Windows platforms supported by
Last Modified Date:4/9/2017
Technical Article
This issue exists only when too much privilege has been granted to an account that is used to retrieve McAfee product updates from UNC shares and other update sites.. McAfee Agent 5.x, 4.x McAfee ePolicy Orchestrator 5.x McAfee VirusScan Enterprise
Last Modified Date:4/7/2017
Technical Article
McAfee SIEM Enterprise Security Manager (NitroView ESM) 9.3.x and earlier McAfee SIEM Event Receiver (NitroView Receiver) 9.3.x and earlier. Add CEF Event forwarding on the sending ESM In the ESM Properties , click Event Forwarding , Add . Add all
Last Modified Date:5/12/2014
Technical Article
McAfee Email Gateway (MEG) 7.x. For a list of MEG 7.x installation menu options, see KB74853 .. Reset the password using the Super Administrator role If you have created a user account with the Super Administrator role, you can use this account to
Last Modified Date:4/7/2017
Technical Article
An upgraded DLP Endpoint software package is unable to communicate properly with an older DLP Endpoint extension; it is unable to access the correct policy settings from ePO.. McAfee Data Loss Prevention Endpoint (DLP Endpoint) 9.x. Multiple issues
Last Modified Date:6/2/2017
Technical Article
All McAfee products. If you require a change to the features or functions of McAfee products or have other suggestions that could make our products better, McAfee encourages you to submit your request or idea to the new Ideas forum platform at
Last Modified Date:4/9/2017
Technical Article
McAfee ePolicy Orchestrator (ePO) 5.x. An ePO Agent Handler must have a high availability/high bandwidth connection to the ePO database: Inevitably the question of whether it is more appropriate to add an additional Agent Handler or deploy another
Last Modified Date:10/6/2016
Technical Article
All McAfee products. IMPORTANT: McAfee servers are private computer systems. These systems, including all related equipment, networks, and network devices (specifically including Internet access), are provided only for authorized use. They might be
Last Modified Date:1/9/2017
Technical Article
McAfee Endpoint Security (ENS) 10.5.x, 10.2.x. Dynamic Application Containment (DAC) rules in the McAfee Default policy are set to report only to reduce false positives. Adaptive Threat Protection provides two additional predefined Dynamic
Last Modified Date:4/14/2017
Technical Article
McAfee VirusScan Enterprise for Storage (VSES) 1.1.x, 1.0.x For details of VSES 1.x.x supported environments, see KB74863 .. System requirements to support ICAP Protocol filers with VSES The VSES service ICAP Scanner temporary folder: The ICAP
Last Modified Date:4/7/2017
Page 1 of 24Next Page
Results: 1 - 10 of 231|
Per Page