Thank you thank you thank you a million thank you Kary
I've tested for 6 hours using the registry editor. Feel so busted now.
Worked also for me, when I used reg files (NB. do you know why this is so. Should I trust the rule, when it not is trickering using the registry editor?)
Loads of regards
(NB. do you know why this is so. Should I trust the rule, when it not is trickering using the registry editor?)I'm not entirely sure why it doesn't work with Regedit.exe when creating via the application, but I would encourage you to open a Service Request with McAfee Support to have this looked at further. I believe it warrants further investigation.
Actually, I believe the reason is because when you create a new Key via Regedit.exe directly, you're actually creating a new key called New Key #1, then it renames it to the value you specified (\CryptoLocker).
When creating via .REG file import, it's directly creating the key you're protecting against (\CryptoLocker), instead of using this rename operation.
If I block \REGISTRY\SOFTWARE\** keys, then any new Key is blocked (via Regedit.exe directly; working as you originally intended) and it has this New Key #1 value.