SBGuard Anti-Ransomware hardens Windows

Word…

http://www.sydneybackups.com.au/sbguard-anti-ransomware/

SBGuard Anti-Ransomware is a free program for Microsoft Windows devices that hardens the operating system to block ransomware attacks dead in their track.

While there are plenty of anti-ransomware tools out there for the Windows operating system, there is little information about hardening the system to block ransomware from installing itself on it.

SBGuard Anti-Ransomware tries to change that by offering an on/off solution that applies around 700 Registry entries to the Windows Registry that limit software execution.

It injects around 700 registry entries to force Windows Group Policy to use inbuilt software execution restriction capabilities in certain locations and prevent certain file types from executing.

Additionally, it blocks Windows Gadgets, and “several other system actions Ransomware will attempt to perform to encrypt the data”.

If that sounds awfully vague, it is. One of the main issues with solutions like this is false positives. While the program may very well block most — the company claims all known and many future — ransomware attacks, you may experience issues running or installing legitimate software relying on functionality that is blocked.

The only solution provided by the company that creates SBGuard Anti-Ransomware is to turn it off during installation of software to avoid issues related to it.

Turning it off on the other hand means no protection while software is installed, so users better make sure the software is legitimate before performing the operation.

The installation of SBGuard Anti-Ransomware should not pose any issues even inexperienced users. Please note that it requires the Microsoft .NET Framework 3.5 to run. Also, you are required to enter an email address on the developer site to download the program. The download link is sent to the email address you enter.

The program itself is dead easy to use. Start it with elevated rights after installation, and click on the enable or disable buttons to toggle the protection status of the operating system.

There is also a handy restart button. You need to restart the computer before the changes take effect.

As mentioned earlier, the program adds a number of restriction mechanisms and modifications to Windows using the Windows Registry. It is highly recommended to back up the Windows Registry, or even better, the whole system disk, before enabling the application’s protective features.

The company behind the product released a demo video that showcases how ransomware is blocked after enabling the program’s protection on a Windows computer.

SBGuard Anti-Ransomware protects against ransomware threats such as Cryptolocker, CryptoWAll, Teslacrypt, CTB-Locker, Zepto and others according to the company.

It also mentions on the product page that it monitors ransomware development and will implement protective measures against new attack forms as soon as they become known.

The program does not display notifications right now if the execution is blocked. A future update will introduce the feature and others, such as an option to run the program as a service for advanced security options.

Closing Words

SBGuard Anti-Ransomware hardens Windows machines against ransomware attacks. In fact, it protects at least partially against other forms of malicious software as well, but is no replacement for anti-virus programs.

The application could use a whitelist feature that enables you to allow programs to run while the protection is enabled.

Also, the devs should consider publishing a list of changes that the program makes as many users and most admins won’t install it otherwise.

https://youtu.be/T3-2RZT3F6Y

via SBGuard Anti-Ransomware hardens Windows – gHacks Tech News

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s