Two new samples of CryptoLocker (or something that calls itself that and does a similar job) here:
https://dl.dropboxusercontent.com/u/321 ... le%20A.zip
https://dl.dropboxusercontent.com/u/321 ... le%20B.zip
[ Password for both is "infected" sans quotes - Take care when downloading or examining! ]
These two samples are reported to bypass CryptoPrevent by running from the "Start Up" folders for ALL users (including SYSTEM level ones).
Not verified this myself as yet; will try to run these in a contained environment as soon as I can.
Thought you might like to take a look and see if you can update CryptoPrevent to work around this new version (if possible).