With the skyrocketing rise of file encrypting ransom malware we ALL need as much protection as possible. While custom scripts and locking locations can certainly help - a good, up to date Antivirus is 100% essential for all users.
Yesterday I discovered a new feature in the latest NOD32 Antivirus. While cleaning up from a Crypto infection (All files successfully recovered from online backup - Thanks KeepItSafe!!!) I was copying the MANY encrypted files to a safe location to ensure they were all replaced. About 5 seconds through hasty copying NOD32 popped it's friendly head up, and told me I was being suspicious. Unless I confirmed what I was doing - Nothing was going to happen.
Opening loads and loads of files VERY rapidly - is EXACTLY what Crypto malware does! If the initial infection had been stopped in 5 seconds and asked to confirm - there would have been less files needing recovery, and even less work lost!
Traditionally antivirus works by comparing the files on your computer to signature files downloaded from the vendor. These signature files are released as often as every 15 minutes to try keep you safe from new threats, but they require the vendor to know about a specific virus before it can detect it.
Nod32's non-signature based detection of suspicious activity is called Heuristics - Detecting virus like activity so it can get virusses BEFORE definition files have been made.
You MUST make sure you are running the LATEST version of your antivirus program to take advantage of it's latest features. These program updates are NOT automatic, but are usually free. If you have any trouble updating your antivirus program, give us a call and we'll happily help you out, and keep you as safe from harm as we can!