FolderWatch tab:
- FolderWatch provides additional monitoring of a selection of common folders and, optionally, custom folders.
- Files flagged as potentially malicious will be quarantined in the folder specified here.
- It is important to note that subfolders are monitored in the case of the predefined user folders but not in the case of custom folders.
- It would be necessary to individually add subfolders to the custom list in order for them to be monitored.
- d7x Variables can be used in the Custom Locations to apply protections generically to various OS versions and 32/64 bit versions
- note it should be defined one line per folder
- The HoneyPot feature related to FolderWatch places numerous files around your PC to act as bait.
- When activity is detected against these files, the HoneyPot feature will do everything in its power to prevent any further system activity, including slowing the system and only allowing it to be rebooted or shutdown.
- When this feature is activated, the idea is that the system has been grievously compromised and your data is at risk from malicious activity.
- As such, it is a “last ditch” effort to preserve your data with the hopes that only our bait files will be compromised and not any legitimate data.
- Please use this feature with caution as there is the possibility of false positives due to the fact that any manipulation of the HoneyPot files will trigger our HoneyPot protections.
- If this feature is enabled it is highly recommended you enable the QuickAccess Tray Icon under the Installer tab as well
- otherwise the end user will not be notified and the system will shutdown without warning when HoneyPot feature is activated
- an event will still be written to the event log and and email alert (if enabled) will be sent out regardless of the QuickAccess Tray Icon being enabled
- View the client documentation for more information on these protections
- The default selections (shown in the picture above) are the recommended “set and forget” options that should not cause issues with any legitimate applications
- these are the same protections as selecting the Default Protection plan in the CryptoPrevent client