Kaspersky has the ability to block all ransomware by protecting/restricting access:
*\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
*\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs
*\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
*\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*
*\SOFTWARE\Policies\*
*\SOFTWARE\Policies\*\
*\SOFTWARE\Policies\*\*
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\*
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\*\
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\*\*
Does Comodo do this automatically, or can you add these to defence +???
Kaspersky has the ability to block all ransomware by protecting/restricting access:
*\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
*\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs
*\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
*\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\*
*\SOFTWARE\Policies\*
*\SOFTWARE\Policies\*\
*\SOFTWARE\Policies\*\*
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\*
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\*\
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\*\*
Does Comodo do this automatically, or can you add these to defence +???
You are no longer advised to do this with Kaspersky 2013 due to the conflicts with other programs. Yes you had to add the rules for CIS version 5. But in CIS version 6 no need just use BB limited or above. So no need to add anything from what we know so far. With Kaspersky you better off using HIPS and lifting restriction levels.
Yes Kaspersky has now changed their stance of KIS 2013, plus Kaspersky Pure 3 etc.,