SBGuard-Anti-Ransomware

SBGuard Anti-Ransomware 1.4.5

World’s first most complete, actively updated Ransomware prevention tool that protects your Windows PC against all known Ransomware malware, such as CryptoLocker, CryptoWall, TeslaCrypt, CryptoXXX, CTB-Locker, Zepto and many others.

SBGuard_screen1

See it in action

In this lab example we have used one of most popular Ransomware breeds, the notorious TeslaCrypt. First video example has SBGuard PROTECTION ENABLED and second video has it DISABLED.

Note that these videos are for demonstration purposes only. Real world Ransomware will be delivered via different methods. 99% of Ransomware comes via some sort of a link, either via email or browser activity. SBGuard Anti-Ransomware is specifically designed to prevent execution of malicious files that arrive that way.

sbguard_disabled_thumbsbguard_enabled_thumb

How it works

By enabling protection, SBGuard Anti-Ransomware injects a large number of restriction mechanisms and modifies some core Windows components to prevent malicious behaviours and executions which Ransomware viruses use to infect the system. As new Ransomware viruses are released, SBGuard team will work hard and fast to protect against any new sneaky techniques these malicious programs use.

Update 30.08.2016

 

More details about what SBGuard actually does at this stage:
It injects around 700 registry entries to force Windows Group Policy to use inbuilt software execution restriction capabilities in certain locations and prevent certain file types from executing. On top of that it will disable Windows Gadgets (known vulnerability) and disallow several other system actions Ransomware will attempt to perform to encrypt your data. We have gathered all possible tricks Ransomware uses to execute it’s payload and we believe our software will prevent execution of most known Ransomware if not all. We are actively monitoring new ways Ransomware enters the system and we will keep adding more exclusions. We do however have a work in progress on some more advanced techniques that will require SBGuard to run as a service. Another feature on it’s way is to provide live notifications when SBGuard blocks any execution, including from legitimate softwares. This will help novice users to diagnose any issues quickly.

Important: SBGuard Anti-Ransomware could block legitimate programs from installing. It is recommended to disable protection before installing new Windows applications and then re-enabling it back after.

What SBGuard Anti-Ransomware doesn’t do

SBGuard Anti-Ransomware is not an Anti-virus. It is designed to prevent Ransomware infection and documents encryption. It will however help protect against many known viruses which use similar techniques to infect Windows PCs. For maximum possible protection, we recommend a bundle of SBGuard Anti-Ransomware and a reputable Anti Virus product. For more information and recommendations, please contact us.

Important: SBGuard Anti-Ransomware is actively developed and updated to protect against all known and future Ransomware exploits, however please note that nothing offers 100% protection against Ransomware. It is crucial to stay vigilant when browsing internet and opening emails. “Think before you click”

Requirements and Instructions

Requirements

  • SBGuard Anti-Ransomware has been tested on Windows 7 Pro & Ultimate (Home edition not tested well enough), 8, 8.1 and 10. Windows XP is not supported
  • .net framework 3.5 is required to run it. All operating systems after Windows Vista have .net 3.5 inbuilt
  • SBGuard Anti-Ransomware requires to run with “Administrator” privileges, to be able to modify Windows core components

Instructions

  • Run setup.exe and follow the instructions
  • Run SBGuard Anti-Ransomware shortcut on your desktop.
  • Note: Windows 8 & 10 may display a message “Windows protected your PC” > click More Info > Run Anyway

SmartScreen

  • Read instructions in the application
  • Click Enable Protection button
  • Restart your computer for changes to take effect

  • Open SBGuard Anti-Ransomware and check “Protection Status”, it should be green, meaning protection is enabled

  • If wish to install new programs it’s advised to Disable Protection > Restart PC > install your program > Enable Protection > Restart PC

Current stable version SBGuard Anti-Ransomware v.1.4.5.1

Please check your SPAM or JUNK folder in case the email link doesn’t show up in your inbox

16 Comments

    • Thank you for letting us know. It’s most likely due to the fact that we don’t have the valid publisher certificate applied on compiled SBGuard file. This means the product publisher shows as “Unknown” which some applications and some webmail see as suspicious.
      We are working on the certificate and should have it applied some time soon.

      Cheers

    • We haven’t applied a valid publisher certificate, that’s most likely why Avast detects problems. We are working on obtaining one.
      Thanks

  1. SHA256: 4d9713f180aed8cea9e70a8b468b56a6701f4637fe103b7179541afa6e268712
    File name: SBGuardsetup.exe
    Detection ratio: 4 / 57
    Analysis date: 2016-09-04 15:24:43 UTC ( 1 day, 6 hours ago )

      • It doesn’t look right, it says it install itself for autorun at Windows startup, that’s not true. Once you close it it’s closed, no autoruns or startups. Also, the registry keys malwr.com detected are not what SBGuard injects. Also, no injection happens unless buttons within the program are pressed and disabling each button will fully revert the process to Windows default state.
        It heavily modifies registry to inject all restriction mechanisms, that’s it’s purpose. We can guarantee you there is nothing malicious about what it does.
        We are a respected registered Australian business, we wouldn’t risk our reputation by giving something malicious. SBGuard project is our contribution to society to help protect against Ransomware.
        Any questions, we are more than happy to answer.

          • We haven’t done much testing on Home versions as we thought majority of people uses Pro, but based on a lot of feedback it seems Home versions are heavily present. We will try and perform more testing soon and let you know. You are welcome to do so if you wish and give us your feedback.
            Thank you for submitting false positive report, not sure why it sees it as heuristic.. We are working on the certificate, hopefully that fixes it.
            Cheers

  2. Hey fellas, I hope you have not dropped work on SBGuard, it’s a solid concept and was moving along nicely.
    We also miss your updates and communication over at malwaretips.com
    We wish you well and hope to hear something in the near future. PeAcE

    • Hi CyberGhosT. Thank you for your comment. We apologise for the late reply.
      Unfortunately due to time constraints and budget limitation we have paused any further SBGuard development. It is not the end of it, we will resume our work on it at some point soon.
      Regardless of any new updates, SBGuard is still very much a strong prevention tool since Ransomware has not changed the way it arrives/deploys to a PC. Even WannaCry uses exactly the same method as any other variant previously. SBGuard will prevent it’s initial execution.
      We will keep you updated. Cheers

Leave a Reply

Your email address will not be published. Required fields are marked *

clear formPost comment