App Data%(Temp\(Rar*|7z*|wz*|*.zip)|exe in order to allow easy clearance of legitimate software which downloads extra stuff while running their (eg Firefox, Office) or achieve the same goal in order to prevent automatic execution of (un)wanted softwares (even if because of MS lack of sand boxing it has to prompt you to update Windows).Nothing is better than offline backup (external USB disks).Now about security software in general: They should lock out a user which is bulk modifying or deleting files until an system administrator gives clearance. Secondly, because Microsoft doesn't even comprehend the concept of sand boxing.A so-called security product should add a few keys in the SOFTWARE RESTRICTION POLICY in order to prevent execution of executables in %(Local)?Instead of the easily accessible, saved password that you would otherwise be using.Forget using it on your i Phone, it wants to be running in the background ALL THE TIME to do anything (such as tracking your data usage).
I'm really not a fanatic of Trend Micro solutions as it has been proven to be ineffective with the latest "crapware". Once running on the client station it removes the shadow copy. One of my customers was infected by the latest "Locky Crypto" .zepto which was attached as a ZIP containing a per destination Email address "custom" base64 Java Script to download the ransomware binaries in chunks in order to bypass Firewall protections.Will make at least your data "safe" from fire, physical robberies Or and cloud storage. It causes Windows devices (laptops and surface pro tablet) to run at snail's pace or freeze completely.Forget about the master password protection - it expects some complicated master password to be created, that you have to use every time for it to log you in...In no way Trend Micro Email Gateway, End-Point, nor server protections was alerted that an end point was having a suspicious activity on server by systematically processing each directory and files the user has read and write access to.
I'm even thinking that the virus execution was triggered when it was sent automatically to Trend Micro (Some files correlates with the time the encryption process has started).