Kaspersky Anti-Ransomware Tool for Business 4.0: commercial release
- Windows Server operating system support. You can now protect computers running desktop (Windows 7-10) and server operating systems (Windows Server 2008R2-2019).
- Shared folders protection. Kaspersky Anti-Ransomware Tool for Business now is able to prevent attempts made by other network machine to encrypt shared folders.
- Crypto-miners prevention. In addition to malware objects, the application can now detect and block adware, pornware, and riskware objects (including crypto-mining software).
- Daily reports delivery. A daily delivery option is now available for the detected objects report, along with monthly and weekly reports.
- Redesigned Installation Wizard. The application is now installed with a more consistent user experience.
Main known limitations
Limitations in restoring files:
- In some cases, the application does not delete files created by malware.
- The application does not delete or restore files that are being used by another process.
- The application rolls back all file modifications that were made during analysis of a process.
- The application does not support EFS-encrypted files.
- Cloud files may be restored to local folders.
- The application does not restore files located:
- On storage devices with file systems other than NTFS, including re-writable optical discs (CD-RW, DVD-RW).
- On Windows network drives.
Limitations in restoring registry keys:
- The application may not restore some registry keys, resulting in “an application couldn’t be launched” messages.
Limitations in restoring system activity:
- Shutting down processes or process flows affected by malware may cause unstable performance of the operating system.
Limitations in detecting malware, adware, and other activity:
- The application does not control file changes initiated through the loopback interface if software running on a computer tries to access files over the network that are located on the same computer and available for modification.
- The application does not control file changes initiated by processes running at the operating system kernel level.
- There will be no report entries if no threats are detected or if the application fails to scan an object. There will only be report entries if malware is detected.
- The application does not detect activity from shared folders of adware or legitimate software that could be used to damage the user's data.
- When connected to the Internet via a proxy server, a report will only be sent to the administrator if the SMTP server is within the local area network.
- When application from the Blocked list is added to the Allowed list, it has to be deleted manually from the Blocked list before it is allowed to start.
- If there is any connectivity issue while a report is being sent, the next attempt to send it will be made according to the schedule specified in the application settings.
- In some cases, empty folders may remain after the application has been uninstalled.
- In rare cases, the application interface may be unstable if the application is used in multiple user sessions. This does not affect the protection level.
- For the Trusted machines feature to work, the Audit logon events function must be enabled in Windows settings.
- The application settings are not automatically transferred when updating from the beta1 and beta2 versions.