Please send your questions to our support team.
How to disable access to the system hidden shares (when all disks are shared for administrators – c$, d$, admin$, etc.)? I am trying to disable it in Explorer folder properties but they appear again after a reboot.
I use the Pro version and have configured the file creation/deletion monitoring in a network share. I specified the folder path in this form: "\\Server\Folder\". Sometimes, I see the screen alert messages, but the alert log is empty and no email notifications are sent to me. Why?
A: File and folder deletion can be detected but this feature is not enabled by default. You need to configure the creation/deletion alert for a monitored folder.
A: The standard system mechanism for monitoring access to shares cannot log file deletion and creation. It logs user connections and the file open events.
The program has its own mechanism for monitoring the file creation and deletion in a specified folder. Unlike the connection monitoring mechanism, it cannot determine a user who performed the delete/create/rename operation. However, by analyzing the alert and connection logs, you can figure out which user was connected to the folder at the time the file was removed. Please note that the program will log file deletions and creations performed by a local user as well. So, this method of detecting a person who deleted a file is not 100% accurate.
Anyway, we suppose this is better than nothing. :)
A: The "Black list" function allows disconnecting annoying users when they are downloading a huge amount of data slowing down your PC. The blacklist function does not block such users completely from accessing your shares. It allows them to list your folders and open small files, but when they try to download large files (which take several seconds or more for downloading), they will be disconnected.
If you need to block some users completely, please use the system share access and security settings.
Q: How to disable access to the system hidden shares (when all disks are shared for administrators – c$, d$, admin$, etc.)? I am trying to disable it in Explorer folder properties but they appear again after a reboot.
A: The administrator shares are created automatically after the OS installation and enabling the network. You cannot disable it using Explorer like you do this with regular shares. Before disabling the system shares, please consult with your network administrator. If your PC belongs to a company and you do this on your work, you possibly should not do disable the admin shares because the administrator might need these shares for managing your PC, updating software, etc. You also might not have the necessary administrator rights for disabling the shares or installing any software in this case. If you can install software, you can track the administrator's activity on your disks using 10-Strike Connection Monitor. :)
If the computer is at home and you are the administrator, feel free to proceed. The admin shares can be disabled in the registry. Find the
registry path and create the value "AutoShareWks"=0 (dword) for workstations or "AutoShareServer"=0 (dword) for servers.
A: In order to send automatic email notifications on alerts, you need to do the following:
Basically, our program's email configuration is the same as any other email software's configuration (outlook, thunderbird, live mail, etc.) If you use public email services, you can find typical email IMAP/POP3/SMATP settings on their web sites.
Q: I use the Pro version and have configured the file creation/deletion monitoring in a network share. I specified the folder path in this form: "\\Server\Folder\". Sometimes, I see the screen alert messages, but the alert log is empty and no email notifications are sent to me. Why?
A: In the Pro version, the file creation/deletion monitoring is provided by the GUI console and the monitoring service both. However, the log recording and the email sending are performed by the service only. In this case, the service cannot monitor the folder because of not having necessary access rights. By default, all Windows services are started under the LocalSystem account. This account does not have rights on the network access. If you want the monitoring service to access that network share, you need to modify its starting settings and change the starting account to one that have access rights to that remote share. For example, if the program application (GUI part) monitors that share successfully, use the same account that is used for starting the GUI console for starting the monitoring service.
Steps to do:
A: ::1 is the short form of the local host IPv6 address (the same as 127.0.0.1). If you want to see regular addresses in the list (and you does not need IPv6), you can disable the "IP version 6" protocol in properties of network interfaces on your network computers.
System processes (drivers and services) can access local shares using a network path. The program detects and displays these connections in the list too. This is a normal situation . Moreover, you should not add the localhost address to the black list. If you do this, you can get problems in the whole system operation.