Ummm, in my post just below the 3 shields. If needed I can upload a SS
I did sign up for the alerts as well, I think yesterday.[/QUOTE]
SS please, I can't see it, I must be blind, or it could be sleep deprivation, I got a newborn son
SBGuard Anti-Ransomware hardens Windows
- Thread starter Av Gurus
- Start date
- Status
I did sign up for the alerts as well, I think yesterday.[/QUOTE]
SS please, I can't see it, I must be blind, or it could be sleep deprivation, I got a newborn son
Thanks mate.. Lol I can't see that? Do I need to enable something on the site for it to show?
No sleep until 1.4 is ready
@SBGuard
I don't know if you are aware there's another forum where your product was mentioned.
SBGuard
Some people already linked to this thread. But imagined some won't bothered reading this entire thread. And you can explain to them some of the innovations you are planning for your product. Of course, that's if you want to.
I don't know if you are aware there's another forum where your product was mentioned.
SBGuard
Some people already linked to this thread. But imagined some won't bothered reading this entire thread. And you can explain to them some of the innovations you are planning for your product. Of course, that's if you want to.
There very well may be a setting in your MT acct settings you need to enable, i didn't have to so I am not familiar where it would be.Thanks mate.. Lol I can't see that? Do I need to enable something on the site for it to show?
No sleep until 1.4 is ready
Sorry for poking fun at you then. maybe
lolHave a good one buddy.
Got it mate, there is an option to enable signatures in Preferences.. CoolThere very well may be a setting in your MT acct settings you need to enable, i didn't have to so I am not familiar where it would be.
Sorry for poking fun at you then. maybe
Have a good one buddy.
Thanks for letting us know, we'll definitely post some info
D
Deleted member 178
So basically , if i understand well; SBGuard monitors and blocks the various entrances (attack vectors) taken by the terrorist (malwarewriter) to put the bomb (Ransomware) in the building (OS), then the security guards (AVs) are supposed to find (quarantine) the bomb. But if the bomb is already in the building, SBG is useless.
Am i right?
Am i right?
Sounds like Counter Strike
SBGuard injects a whole load of registry entries to Windows and once SBGuard is closed, Windows does the rest.
These entries consist of execution restriction policies, processes modification and many other changes within OS backend.
These injections will block Ransomware from delivering the payload.
Example:
Once you click on a malicious link, it will automatically drop a java script (or exe or cmd or wsf or scr or bunch of other extensions) executable into your OS. Once dropped it will attempt to auto open itself. This is where SBGuard's rules come in play and block that execution. Once that happens it will create a log (ID 866). AVs should monitor this type of behaviour and once a process attempting to run is blocked, AVs have enough time to detect and remove these attempts. If the AV doesn't do the job, script will keep attempting to run, but will get blocked by these rules until someone notices it and deletes the file. We recommend looking at the logs or monitoring this ID 866 until we get the notifications service operational to give these alerts.
We keep monitoring new variants and how they deploy. Once we have enough information we add more rules.
At the moment, this is how it works, however we are working on some advanced mechanisms that will have SBGuard running as a service.
We recommend using 1.4.0 beta (download from our website) which has some really useful features. For example it let's you lock Downloads and Documents, in case users download an attachment and try to open it, it will be blocked.
Also, disabling WHS (Windows Host Service) prevents malicious Java and VBS scripts from running anywhere in the system.
Macros need to be disabled, users very often click enable once asked to do so, this will not give them a choice, it will just disable it.
Another one, we prevent hidden file extensions. Very often "terrorists" hide malware in PDF or image files. Our rules will make it visible, so it will clearly state if it contains an executable.
There is a lot more in the background, we have over 6000 lines of code in this piece of software and growing.
Hope this was clear
Version 1.4.5 stable is out now. Full change log and official notification via email in the next 24-48 hours.
http://www.sydneybackups.com.au/downloads/sbguard-1-4-5-stable/SBGuardsetup.exe
To upgrade, install over the old version and re-Enable protection.
More information coming soon
http://www.sydneybackups.com.au/downloads/sbguard-1-4-5-stable/SBGuardsetup.exe
To upgrade, install over the old version and re-Enable protection.
More information coming soon
For all new downloaders please use the download provided on our website. We collect emails so we can notify people about changes and any other important matter.
Last edited:
@SBGuard
The installer once downloaded, I right click on it and select properties, it identifies itself as installer for v1.4.0
Is there a reason for this ? Did you pull the Updated installer ?
I tried from both your link here and the website, same result for both.
EDIT:
After install i am running v1.4.5 so it is an error with the installer identification, needs updated to display the correct version.
The installer once downloaded, I right click on it and select properties, it identifies itself as installer for v1.4.0
Is there a reason for this ? Did you pull the Updated installer ?
I tried from both your link here and the website, same result for both.
EDIT:
After install i am running v1.4.5 so it is an error with the installer identification, needs updated to display the correct version.
Last edited:
Thank you for letting us know, we must have missed the change on the installer
All future updates can be done using the updates button within SBGuard.
cheers
Liking the Update Button, and the addition of the "Force Apply"
It's shaping up nicely SBGuard.
It's shaping up nicely SBGuard.
There is more coming soonLiking the Update Button, and the addition of the "Force Apply"
It's shaping up nicely SBGuard.
Trying this again on the advice of @_CyberGhosT_ version 1.4.5 is a lot better, going to have a play with it.
version 1.4.5 is a lot better, going to have a play with it.
I know we just released 1.4.5 , but we are already working on 1.5 which should have some exciting features like "Panic mode"Trying this again on the advice of @_CyberGhosT_
Panic mode i like the sound of that reminds me of my state of mind a lot of the time. 
Sounds like Counter Strike
SBGuard injects a whole load of....
Not to be rude, but could you give Umbra's question a direct Yes or No reply? Most of us are more security-savvy than the average Internet user but that explanation was a little difficult for those of us --like me for one-- who don't understand the entire jargon.
I really liked CryptoPrevent but it looks like they have abandoned the new version so I will give SB Guard a try as it looks really promising
- Status
You may also like...
-
Harden Your Windows Security: Master Microsoft Defender’s Advanced Protections- Started by Bot
- Replies: 1
-
Driver version for Kaspersky Anti-Ransomware Tool- Started by RRlight
- Replies: 12
-
ATP Test: How easily Windows can be tricked by malware- Started by SeriousHoax
- Replies: 45
-
New Multi-Stage Windows Malware Disables Microsoft Defender Before Dropping Malicious Payloads- Started by Brownie2019
- Replies: 4