You'll want to review our FAQ here:http://www.foolishit.com/cryptoprevent- ... neral-faq/
as well as the technical FAQ here for more information on what each feature does:http://www.foolishit.com/cryptoprevent- ... formation/
From the first FAQ this will provide more details on what you are doing/testing:
Will this protect against other ‘Crypto’ type ransomware such as CryptoDefense, CryptoWall, etc., and their newer v2/v3 and future variants??
There are a number of new CryptoLocker clones emerging that can also be prevented by CryptoPrevent. The majority of these are protected against by default protections in their older versions, but newer variants are coming out that can only be stopped by the Maximum Protection + Program Filtering (BETA) option, which uses a definitions based system to keep current with known malware threats. This is however a “BETA” which means it is not fully tested on all platforms. Also note this option is not available with the portable edition of CryptoPrevent.
The newer variants require the Max Protection + Program Filtering BETA because most of this stuff has figured out how to get around the original “Software Restriction Policy” based protections provided by CryptoPrevent at the Max and lower levels. It is the Program Filtering component that protects against these threats by using a pseudo-real-time filter that is definitions based.
The definitions for the Program Filtering component are updated not on a set schedule but as they become available, and they are provided by SaneSecurity.com — currently there are over 7000 unique detections in the definitions, and that number is growing. But it isn’t all-encompassing, because unlike the Software Restriction Policies protection, this won’t get “zero-day” malware that hasn’t previously been detected and added to the definitions, so they can still slip past it I’m afraid.
Right now the Max settings I can’t recommend for daily use to everyone who wants to “set it and forget it” but rather just to those who understand that yes, if you are installing legitimate software you may need to disable the protections temporarily. This is not the fault of Program Filtering, which shouldn’t block ANY legitimate software, but rather mainly due to one of the path rules in the Max settings, which is “Block Temporary Extracted Executables” and is available to disable by itself (while Program Filtering remains enabled) if you used the Advanced interface to configure CryptoPrevent.