Are there any more paths that can be entered into Software Restriction Policy that will help protect against Cryptolocker and any other type of Ransomware? I copied and pasted the paths using info provided by Bleeping Computers.
AVAST users should be safe from infection during the short period when the malware is new and “undetected” as long as AutoSandbox and DeepScreen are active. “The infection is prevented by means of a dynamic detection,” said Sramek.
“We also automatically add detections for each new sample that passes our backend filters,” said Jiri Sejtko, Sramek’s colleague in the avast! Virus Lab.
“Against future threats like this, having a backup is always a good idea – who knows when CryptoLocker v2.0 will be released, and every antivirus solution is reactive by nature,” said Sramek. “The encryption used is virtually unbreakable, there is zero chance of recovering files after infection.”
Thanks for the helpful information. I witnessed SRP work while trying to install HP Printer Control so at least the temp path keeps executables from running there.
I think I will try out Crypto Prevent. Seems much easier than SRP.
I do have HitmanPro.Alert installed but it is not the one for Cryptolocker. I will install it once it comes out of beta.
I also had Corrine mention to show known file extensions which will allow a user to view the extension before opening the file. Extensions such as pdf.exe more than likely are going to be bad news.