<tt><font size=2><br>
> <br>
> Trying to at least limiting the ransomware flow, i've hitted:<br>
> <br>
> </font></tt><a href="http://blog.windowsnt.lv/2011/06/01/preventing-malware-with-srp-english/"><tt><font size=2>http://blog.windowsnt.lv/2011/06/01/preventing-malware-with-srp-english/</font></tt></a><tt><font size=2><br>
> <br>
</font></tt>
<br><tt><font size=2>I've looked at that, but shyed away - there are quite
a few legitimate installers that first extract to %TEMP% and then run from
there. Some even run helper programs that fail silently if prevented, resulting
in a borked install.</font></tt>
<br>
<br><tt><font size=2>What are your experiences with these settings?</font></tt>