Blacklist policies tab: The blacklist is a list of programs explicitly blocked via software restriction path rules. It is possible to use wildcards in blacklist policies. CryptoPrevent version 8 applies roughly ten times the number of blacklist policies at any given protection plan compared to version 7. Any of the black list rules may be removed if a specific one causes problems. Note when removing policies this will not change your plan to Custom and...

Whitelist policies tab: The whitelist is a list of programs explicitly allowed via software restriction path rules. Whitelist Executables Currently In All Blocked Locations button simplifies whitelisting by adding all existing items in blocked locations to the whitelist When using this feature ensure you review the files added to verify no malicious or unknown programs have been added Whitelist policies should be as specific as possible to avoid being overridden by a more specific blacklist...

FolderWatch HoneyPot tab: Enable FolderWatch HoneyPot Ransomware Detection (Premium Only) The HoneyPot feature related to FolderWatch places numerous files around your PC to act as bait. the root folder of each Protected location selected in the FolderWatch tab will be protected by the honeypot files this includes any custom locations honeypot files may or may not be visible in these locations depending on what hidden/system files you have shown When activity is detected against these...

FolderWatch tab: FolderWatch provides additional monitoring of a selection of common folders and custom folders (Premium Only). User Folders: these locations are based on the Windows internal location for these folders (normally under the user profile) all subdirectories and files are monitored in these locations Custom FolderWatch Folders: these locations can be monitored based on user selection only the top level selected directory files will be monitored in these locations sub folders must be added individually...

Prevent File Types tab: CryptoPrevent includes a program filter module that can either selectively block certain executable file types or indiscriminately block them. Prevent Suspicious File Types depending what is selected the .cpl, .scr, and .pif file types will check each files against our malware definitions and block them if a match is found Suspicious will also use various logic for determining if that file type should be launched various items like file location, naming...

The Maximum plan tab: The following protect each of these locations from executable files: %localappdata%\* Windows Vista + OS %userprofile%\AppData\Local\*\*.[executable extension] %userprofile%\AppData\Local\Temp\*.[executable extension] [windows installation directory]\Temp\*.[executable extension] Windows XP OS %userprofile%\Local Settings\Temp\*.[executable extension] [windows installation directory]\Temp\*.[executable extension] Block Executables Temporarily Extracted from Archives Windows Vista + OS %userprofile%\AppData\Local\Temp\wz*\*.[executable extension] %userprofile%\AppData\Local\Temp\*.zip\*.[executable extension] %userprofile%\AppData\Local\Temp\7z*\*.[executable extension] %userprofile%\AppData\Local\Temp\rar*\*.[executable extension] Windows XP OS %userprofile%\Local Settings\Temp\wz*\*.[executable extension] %userprofile%\Local Settings\Temp\*.zip\*.[executable extension] %userprofile%\Local Settings\Temp\7z*\*.[executable extension] %userprofile%\Local Settings\Temp\rar*\*.[executable extension] The Block Windows Programs section...

The Default plan tab The following protect each of these locations from executable files: %programdata% Windows Vista + OS %programdata%\*.[executable extension] %userprofile% All Supported OS %userprofile%\*.[executable extension] (does not include *.com extension) For each actual user folder at time of settings being applied, a rule for that specific user folder is added ([user folder location]\*.[executable extension] Windows Vista + OS [user folders location]\Public\*.[executable extension] Windows XP OS %allusersprofile%\*.[executable extension] Startup Folders (in Start Menu) Windows Vista...

The Minimum plan tab: The following protect each of these locations from executable files: %appdata% All Supported OS  %appdata%\*.[executable extension] Windows Vista + OS %userprofile%\AppData\*.[executable extension] %userprofile%\Appdata\Roaming\*.[executable extension] Windows XP OS %allusersprofile%\Application Data\*.[executable extension] %userprofile%\Application Data\*.[executable extension] %appdata%\* All Supported OS  %appdata%\*\*.[executable extension] Windows Vista + OS %userprofile%\Appdata\Roaming\*\*.[executable extension] Windows XP OS %allusersprofile%\Application Data\*\*.[executable extension] %userprofile%\Application Data\*\*.[executable extension] %localappdata% Windows Vista + OS %userprofile%\AppData\Local\*.[executable extension] %userprofile%\AppData\LocalLow\*.[executable extension] %userprofile%\AppData\LocalLow\*\*.[executable extension] Windows XP OS %allusersprofile%\Local Settings\Application Data\*.[executable extension] %allusersprofile%\Local Settings\Application...

Apply Protection tab: Protection plans are an easy way to apply sets of CryptoPrevent protections. Minimal plan includes all protections available in the original release of CryptoPrevent for blocking CryptoLocker and similar ransomware. These are a bare minimum level of protections and may not protect against more modern threats. Default plan includes additional protections to prevent a wider range of threats. More restrictive plans could impact software installations and this is the highest plan that...

Installation of CryptoPrevent is carried out with very few steps: (Note: Bulk/White-Label Client installation may vary slightly from the below) Extract the ZIP archive downloaded from our site to a location of your choosing and make note of the location. This file contains the installer/setup routine for CryptoPrevent. Launch the installer executable file from the above location. Click next. It is not possible to proceed without accepting the license agreement and clicking next. Choose whether...