Every day we offer FREE licensed software you’d have to buy otherwise.

CryptoBuster 1.0.9 Beta 2 Giveaway
$22.95
EXPIRED

Giveaway of the day — CryptoBuster 1.0.9 Beta 2

Effectively protects your valuable data from ransomware attacks
$22.95 EXPIRED
User rating: 31 (84%) 6 (16%) 45 comments

CryptoBuster 1.0.9 Beta 2 was available as a giveaway on May 30, 2022!

Today Giveaway of the Day
9.99
free today
The treasure chest of visually appealing and easily editable vector characters

CryptoBuster is an effective anti-ransomware solution with a small system footprint that can work side by side with your existing security product to offer an additional security layer and form the last line of defense against ransomware to protect your valuable data from damage.

CryptoBuster uses honeypots, which is an efficient and proven technique with low false-positive chances to detect and stop ransomware when they start to encrypt user files. You have full control over the honeypots creation process as you can either create honeypots manually customizing their names and locations or you can leave this job to CryptoBuster that can deploy hundreds of honeypots in strategic system locations with custom names and file types designed to allow ransomware to target those files before they can reach any of your important files.

Besides Honeypots that are effective to stop ransomware when they start to encrypt user files, CryptoBuster can intelligently monitor the file system to detect malicious activities that may indicate an ongoing ransomware attack or sometimes indicate the preparations for an attack. For example, CryptoBuster can detect the creation of files with extensions that are known to be used by ransomware to encrypt user files, also you can configure CryptoBuster to detect the creation of potentially dangerous files like batch files and scripts that are commonly used in ransomware attacks, or even to detect the creation of files of unknown types which is an aggressive technique used to stop most of the ransomware strains that change file extensions.

CryptoBuster was built to be a user-friendly and configurable anti-ransomware solution that is why it comes with a full range of tools and settings to allow you to customize all ransomware protection aspects provided by CryptoBuster and to have full control over actions made by the software. You can choose which protection module to enable and configure how this module works, configure automatic actions to perform in response to a specific event or disable this automatic response by setting CryptoBuster to monitor and report only. CryptoBuster comes with Security History feature that logs every security issue detected and actions performed by CryptoBuster; this would allow experienced users to understand how CryptoBuster works and the best way to configure the protection settings for best performance and user experience.

System Requirements:

Windows 11/ 10 (32-Bit and 64-bit); Microsoft .NET Framework 4.8

Publisher:

Smart PC Utilities

Homepage:

https://www.smartpcutilities.com/cryptobuster.html

File Size:

12.1 MB

Licence details:

1 year free updates

Price:

$22.95

GIVEAWAY download basket

A free antivirus solution to protect your PC in real time.
Log in to your system and web browsers using fingerprint management.
The standard anti-malware solution for Windows.
Secure your system against malware, spyware, and other threats.

Comments on CryptoBuster 1.0.9 Beta 2

Thank you for voting!
Please add a comment explaining the reason behind your vote.
#15

First, I would like to thank everyone for trying CryptoBuster and my apologies to anyone who had issues with the software - please remember the software is in Beta, and your feedback and error reports are very important to improve and fix the software issues -

We would like to share with you some of the proposed features that will arrive in the upcoming CryptoBuster releases.

– The development of Windows Driver to intercept ransomware at the Kernel level.
– Support honeypots and file system monitoring in network shares - the first place where ransomware attacks-
– Startup locations monitor - prevent ransomware from achieving persistence -
– Data shield -a feature that only allows trusted apps to read/write to specific files, protecting data from both encryption and exfiltration -

We are open to discussing any feedback or suggestions.

Reply   |   Comment by Smart PC Utilities  –  6 months ago  –  Did you find this comment useful? yes | no (+3)
#14

Could never download the program. It indicated "Opening when complete" as usual, except it was never complete. It always indicated "27 minutes" as time remaining. I don't usually have problems downloading or installing software. Unfortunate experience. Sorry for both of us.

Reply   |   Comment by Russel Wayne Carty  –  6 months ago  –  Did you find this comment useful? yes | no (0)
#13

I have the setup program for version ver1.0.823 Beta but I did not have a Win 10 test machine at the time so I never installed it. Now that I have a Win 10 test machine, I was curious about the program, but when I browse to the folder that has the version 1.0.823 setup file, Windows Defender brings up an alert. The details are:

Misleading:Win32/Lodi
This program makes misleading or fraudulent claims about the files, registry entries, or other items on your PC.

VirusTotal.com reported 26 security vendors and no sandboxes flagged this file as malicious


The current version setup file does not trigger Windows Defender and it has a perfect score (all "Undetected") on virustotal.com:
"No security vendors and no sandboxes flagged this file as malicious"

The older version is from December 2021. This newest version is 5 months later. I can only guess that the underlying technology of this latest version has changed quite a bit. Can Smart PC Utilities elaborate?

By the way, thanks for a year of updates. I expect it would pointless without being able to keep up with the latest evolutions of this software.

Reply   |   Comment by Gary  –  6 months ago  –  Did you find this comment useful? yes | no (+1)

Gary, The first CryptoBuster release (v1.0.823) was malware-free, and there were no major changes between the two app releases.

What happened is that an app certification entity named AppEsteem https://appesteem.com/ flagged CryptoBuster as misleading because they think the app has violated some of their deceptor rules, for example:

1.CryptoBuster has no option in the Settings that allows the user to shut down the app.
2. CryptoBuster is not notifying the user that it is running in the background after closing the app's main window.
3. The text in the CryptoBuster dashboard was misleading.

Using their relationships with major AV vendors, they reported the app to them, and AV vendors responded by flagging the app as malicious (Despite CryptoBuster does not contain any harmful or malicious code).

We contacted major AV vendors regarding this issue including Microsoft, but they didn't hear us.

To get rid of those false positive flags, we decided to fix the rule violations mentioned by AppEsteem and submitted the app to them for a review; they were cooperative enough to remove CryptoBuster from their deceptor apps list https://customer.appesteem.com/deceptors

Rest assured that the two CryptoBuster versions besides our other products are 100% clean.

Reply   |   Comment by Smart PC Utilities  –  6 months ago  –  Did you find this comment useful? yes | no (+2)
#12

After running I get message: "Unable to communicate with the CryptoBuster service" and the software is stopped.
What should I do?

Reply   |   Comment by Jerzy  –  6 months ago  –  Did you find this comment useful? yes | no (+1)

Jerzy,

Firstly, I would like to deeply apologize for any inconvenience this issue may have caused.

Regarding the error “Unable to communicate with the CryptoBuster service.”; this may be due to an unhandled exception that occurred when starting the CryptoBuster service, or the software installer was unable to create the service in the first place.

Please make sure that there are no errors that occurred during the software installation, and that your anti-virus software did not interfere with the CryptoBuster installer.

Follow the steps below to help investigate and fix this issue:

1. Make sure that the CryptoBuster service already exists on the system by using the following command in the CMD:

sc query cryptobustersvc

If the service was successfully installed, there would be information related to the service, otherwise the error message “The specified service does not exist as an installed service.”

2. Make sure that your anti-virus software is not blocking CryptoBuster.

3. Enable the CryptoBuster Debug Mode that will give us more details about this error:

a. Terminate any CryptoBuster processes.
b. Download and execute the following Registry file to enable the CryptoBuster Debug Mode https://www.smartpcutilities.com/files/cryptobuster-debug-mode.zip
c. Start CryptoBuster, and after the error message close the application.
d. In the File Explorer, navigate to "C:\ProgramData\Smart PC Utilities\CryptoBuster\Logs".
e. Send us all the generated log files (Via support ticket or support@smartpcutilities.com).

4. Get more error details from the Event Viewer
Use the following CMD command to export all events related to CryptoBuster to "D:\cryptobuster.evtx"

WEVTUtil export-log Application "d:\cryptobuster.evtx" /q:"Event[System[(Provider[@Name='CryptoBuster'])]]"

Send us the evtx file (Via support ticket or support@smartpcutilities.com).

Reply   |   Comment by Smart PC Utilities  –  6 months ago  –  Did you find this comment useful? yes | no (0)
#11

Block ports 139 (NetBIOS), 445 (Server Message Block), and 3389 (Terminal Services). These are the ports that APT29 uses. APT29 is the Russian hacking group that is causing much of the ransomware attacks. You're wise if you block these ports on your machine(s).

Reply   |   Comment by Kirt Fisher  –  6 months ago  –  Did you find this comment useful? yes | no (+7)
#10

To test it, I have installed it in a virtual W11 preview, running on a very old HP W10 desktop. Installation went OK, but I get the error message "Unable to communicate with the CryptoBuster service".

Reply   |   Comment by krypteller  –  6 months ago  –  Did you find this comment useful? yes | no (+6)

krypteller,

Firstly, I would like to deeply apologize for any inconvenience this issue may have caused.

Regarding the error “Unable to communicate with the CryptoBuster service.”; this may be due to an unhandled exception that occurred when starting the CryptoBuster service, or the software installer was unable to create the service in the first place.

Please make sure that there are no errors that occurred during the software installation, and that your anti-virus software did not interfere with the CryptoBuster installer.

Follow the steps below to help investigate and fix this issue:

1. Make sure that the CryptoBuster service already exists on the system by using the following command in the CMD:

sc query cryptobustersvc

If the service was successfully installed, there would be information related to the service, otherwise the error message “The specified service does not exist as an installed service.”


2. Make sure that your anti-virus software is not blocking CryptoBuster.


3. Enable the CryptoBuster Debug Mode that will give us more details about this error:

a. Terminate any CryptoBuster processes.
b. Download and execute the following Registry file to enable the CryptoBuster Debug Mode https://www.smartpcutilities.com/files/cryptobuster-debug-mode.zip
c. Start CryptoBuster, and after the error message close the application.
d. In the File Explorer, navigate to "C:\ProgramData\Smart PC Utilities\CryptoBuster\Logs".
e. Send us all the generated log files (Via support ticket or support@smartpcutilities.com).


4. Get more error details from the Event Viewer

Use the following CMD command to export all events related to CryptoBuster to "D:\cryptobuster.evtx"

WEVTUtil export-log Application "d:\cryptobuster.evtx" /q:"Event[System[(Provider[@Name='CryptoBuster'])]]"

Send us the evtx file (Via support ticket or support@smartpcutilities.com).

Reply   |   Comment by Smart PC Utilities  –  6 months ago  –  Did you find this comment useful? yes | no (0)
#9

After installing

Unable to communicate with the Cryptobuster service

What should I do ???

Reply   |   Comment by Paweł  –  6 months ago  –  Did you find this comment useful? yes | no (+8)

Paweł, wait until they offer a stable release version as a giveaway instead of a beta version...

I applaud them for making it public knowledge that this is a formal beta version and including a years worth of updates... not sure if the license to use it expires after the year of free updates or if the license to use it is non-expiring.

Reply   |   Comment by TK  –  6 months ago  –  Did you find this comment useful? yes | no (+3)

Paweł,

Firstly, I would like to deeply apologize for any inconvenience this issue may have caused.

Regarding the error “Unable to communicate with the CryptoBuster service.”; this may be due to an unhandled exception that occurred when starting the CryptoBuster service, or the software installer was unable to create the service in the first place.

Please make sure that there are no errors that occurred during the software installation, and that your anti-virus software did not interfere with the CryptoBuster installer.

Follow the steps below to help investigate and fix this issue:

1. Make sure that the CryptoBuster service already exists on the system by using the following command in the CMD:

sc query cryptobustersvc

If the service was successfully installed, there would be information related to the service, otherwise the error message “The specified service does not exist as an installed service.”


2. Make sure that your anti-virus software is not blocking CryptoBuster.


3. Enable the CryptoBuster Debug Mode that will give us more details about this error:

a. Terminate any CryptoBuster processes.
b. Download and execute the following Registry file to enable the CryptoBuster Debug Mode https://www.smartpcutilities.com/files/cryptobuster-debug-mode.zip
c. Start CryptoBuster, and after the error message close the application.
d. In the File Explorer, navigate to "C:\ProgramData\Smart PC Utilities\CryptoBuster\Logs".
e. Send us all the generated log files (Via support ticket or support@smartpcutilities.com).


4. Get more error details from the Event Viewer

Use the following CMD command to export all events related to CryptoBuster to "D:\cryptobuster.evtx"

WEVTUtil export-log Application "d:\cryptobuster.evtx" /q:"Event[System[(Provider[@Name='CryptoBuster'])]]"

Send us the evtx file (Via support ticket or support@smartpcutilities.com).

Reply   |   Comment by Smart PC Utilities  –  6 months ago  –  Did you find this comment useful? yes | no (+1)
#8

Wouldn't let me register. Removed.

Reply   |   Comment by george McGrath  –  6 months ago  –  Did you find this comment useful? yes | no (+3)

george McGrath, What error message appears when you try to register the software?

Reply   |   Comment by Smart PC Utilities  –  6 months ago  –  Did you find this comment useful? yes | no (0)
#7

Sorry, we could not find a license associated with this email address

Reply   |   Comment by zygmunttygrys@gmail.com  –  6 months ago  –  Did you find this comment useful? yes | no (+2)
#6

Port 139 is utilized by NetBIOS Session service. Enabling NetBIOS services provide access to shared resources like files and printers not only to your network computers but also to anyone across the internet. Therefore it is advisable to block port 139 in the Firewall.

Reply   |   Comment by Block It  –  6 months ago  –  Did you find this comment useful? yes | no (+9)

Block It, depends if you want legacy devices to communicate over windows networking on your LAN! It should be blocked by default on any public network profile. Most people have a NAT router built into their *DSL?, FTTP or cable modems... and only if you manually forward ports or put a private machine into the routers DMZ role will there be any need to close private LAN ports on a private LAN.

If you are using free WiFi access points around a connected town centre or internet café or airport you should always define that network as a public network and if you have default windows firewall it will block that port and a host of other ports for you.

The need to just block or close individual ports should only be a thing on legacy versions of windows that do not have advanced firewalls built in and sensibly configured by default.

Reply   |   Comment by TK  –  6 months ago  –  Did you find this comment useful? yes | no (+1)
#5

Once installed, is there a way to test it to see if it actually works?

Reply   |   Comment by Wahtsup  –  6 months ago  –  Did you find this comment useful? yes | no (+10)

Wahtsup,

I guess you could try changing the name of one of the "honeypot" file created, or try changing the extension of a regular file to see if the software let you do it...The idea of this software seems appealing to me, but if it is working then all antivirus softwares should use that solution, should'nt they ?

Reply   |   Comment by Franky99  –  6 months ago  –  Did you find this comment useful? yes | no (0)

Wahtsup, Test CryptoBuster on a VM, create honeypots then try to modify them manually or by using other tools and scripts, you can even run ransomware samples and see how CryptoBuster responds to it and how many user files were affected by the ransomware before CryptoBuster could halt it.

Reply   |   Comment by Smart PC Utilities  –  6 months ago  –  Did you find this comment useful? yes | no (0)
#4

How it works internally I wonder ? From my knowledge ransomware is form of a rootkit, which operates on low level by hooking APIs working with files and encrypting/decrypting doing there - meaning from windows everything looks pretty much normal, until hook is removed - only then encryption is visible, right ?
So this 'buster' is something like 'Unhackme' or similar software hooking itself even somewhere lower (as dangerous as it sounds, makes it pretty much rootkit itself!) or it is just 'monitoring' windows file API activities (as useless as it sounds for finding ransomware) ?

Reply   |   Comment by dex  –  6 months ago  –  Did you find this comment useful? yes | no (-3)

dex, Not all ransomware are rootkits; most of them run in the User Mode which makes all their malicious and encryption activity visible to the OS and other apps. The current CryptoBuster Beta can only monitor and respond to IO activities made to honeypots or other file types monitored by the File Extensions Monitor. When a malicious IO activity is detected, CryptoBuster will respond with a variety of actions configured by the user. Those actions aim to halt the ransomware encryption activity, thus minimizing the damage.

Please be informed that CryptoBuster is designed to work with other security apps, so it can't offer full protection against ransomware by itself.

We are working on a file system driver for CryptoBuster that will not only allow CryptoBuster to monitor and respond to malicious activities, but it would allow the app to intercept and prevent honeypot modifications and other IO activities at the Kernel level.

Reply   |   Comment by Smart PC Utilities  –  6 months ago  –  Did you find this comment useful? yes | no (+17)

Smart PC Utilities, Ok, fair enough, seems like you know what you do. I will try and test myself. BTW kernel mode is not always needed to hide malicious IO activity, better malware can effectively hide its presence or activity on filesystem even from user mode, its all about details and how extensive hooking is. Its always cat and mouse game. Probably most of retail users will not catch very advanced malware types, only those simpler spreading in the wild, so IO monitoring may be sufficient.

Reply   |   Comment by dex  –  6 months ago  –  Did you find this comment useful? yes | no (+2)

Smart PC Utilities, does this provide MORE preventative control than Windows 10 or above ransomware protected folder restrictions, or should this be used to create honeypots in other areas not protected by the built in ransomware protection?
TK

Reply   |   Comment by TK  –  6 months ago  –  Did you find this comment useful? yes | no (+3)

dex, I believe this program allows you to place files in chosen folder locations and then registers a call-back that calls back to the program if any process, known or unknown, changes the "honeypot" files contents. simple idea but warns about the horse escaping the stable AFTER the horse has already bolted.

I wonder if it's possible to erase the call-back list using some ring0 driver... rendering the idea moot.
Or a ransomware program hides the files being encrypted from the operating systems view using a rootkit driver so registered call-backs wont see the changes being made...
TK

Reply   |   Comment by TK  –  6 months ago  –  Did you find this comment useful? yes | no (+6)

TK, yes, exactly, that is what really advanced malware does - utilizing ring 0 driver to hide all signs of presence of ring 3 process hooking (call-backs chain) all sorts of windows provided APIs to work with files etc - so nobody monitoring such APIs will see anything. From Windows API point of view file was never touched, despite internally being already touched and encrypted, but hidden ring 3 process serves it further to callbacks chain as 'original' untouched and decrypted.
To detect such behaviour is very difficult, one needs some antirootkit and deeper knowledge of api tables etc. But hopefully this kind of malware is not so common, pure ring 3 attacks originated by some exploits in web pages are simpler, and touching some honey pot files can be monitored.
Catching already escaped culprit is another story, but knowing fast that house is on fire may be valuable too, at least there is time to ask for professional help before ransom is demanded...

Reply   |   Comment by dex  –  6 months ago  –  Did you find this comment useful? yes | no (+1)

TK, CryptoBuster relies on Event Tracing for Windows (ETW), a Windows built-in kernel-level tracing feature that logs kernel events and by using CryptoBuster algorithms it will be filter those events to determine which events are considered malicious (e.g.: honeypot file modifications, creation of files with extensions known to be used by ransomware, creation of potentially dangerous files like batches and scripts) after that it reports this to the user and performs a series of actions configured for this type of event by the user.

If an IO event is happening in the Kernel, CryptoBuster will see it.

That is why we are working on a file system filter driver to prevent and halt ransomware modifications at the kernel level before reaching any of the user's real files.

Yes, the example applies to the current Beta version but CryptoBuster will help you retrieve the horse before it's too late.

CryptoBuster adds additional protection besides the default Windows security ransomware protection; use the honeypots wizard to select locations other than locations monitored by Windows security, CryptoBuster will create honeypots with custom names, types, and sizes tailored for each location aimed to attract ransomware before reaching any real files.

Reply   |   Comment by Smart PC Utilities  –  6 months ago  –  Did you find this comment useful? yes | no (+1)

Smart PC Utilities, thanks for more detailed explanation. Interesting approach, events are often omitted in covering part of malware, so definitely worth a try.

Reply   |   Comment by dex  –  6 months ago  –  Did you find this comment useful? yes | no (+1)

Smart PC Utilities, with ETW are you creating additional event log files so file writes are being logged when they are not usually logged by ETW and then filtering the event logging for your honeypot items? I wonder because that would be quite an increase in writes to the system drive which is frequently a TLC or even worse a QLC SSD with limited erase/write cycles per FLASH memory cell...

Ransomware that access the drive directly and implements it's own file system driver so it can parse and manipulate the live filesystem without ETW being aware.

I presume you are aware that windows 10 ransomware protection can be told to protect other folders access too.

Personally I find the name you have chosen to be confusing as to my knowledge your product has no facility to determine the cryptographic systems in use and bust the effectiveness of that encryption by determining the key used and what's needed to decrypt the data. So it's does not bust the cryptographic system open or anything to do with cryptography at all.

Reply   |   Comment by TK  –  6 months ago  –  Did you find this comment useful? yes | no (+1)

TK, CryptoBuster does not need to write ETW events to a log file for filtering purposes as it consumes those events in real-time. Causing excessive writes would defeat the idea of CryptoBuster to be a lightweight security add-on.

From Microsoft Docs:
"You can consume the events in real-time or from a log file and use them to debug an application or to determine where performance issues are occurring in the application."

Ransomware accessing the drive directly to manipulate data would be challenging to detect and prevent even for sophisticated security solutions, however, I didn't see any ransomware utilizing its own file system drivers to manipulate files.

Regarding the Windows security Controlled Folder Access, it's a great feature to prevent ransomware and other malicious apps from modifying your files. We have an idea that is similar to the windows ransomware protection with additional features to address some of the Controlled Folder Access shortcomings:

1. Prevent un-trusted apps from both reading and writing to the files; this would help prevent data exfiltration, which is a common practice in ransomware that uses double and triple extortion.

2. Automatically allows apps with specific criteria from manipulating the protected folders without the need to add them manually to the trusted apps list (for example apps with valid digital signatures)

3. Improve user experience, by adding options to allow users to trust app and/or allow access to the file within the notification window itself; in Windows Security will you need to exclude apps manually using the Controlled Folder Access settings UI.

We used the word Crypto to refer to ransomware that uses cryptography to encrypt and damage user files, not the cryptographic systems themselves, and the word Buster to describe the purpose of our software which is to detect and stop ransomware activities to prevent damage or at least minimize it.

Reply   |   Comment by Smart PC Utilities  –  5 months ago  –  Did you find this comment useful? yes | no (0)
#3

See https://www.softpedia.com/get/Security/Security-Related/CryptoBuster.shtml for a positive review

It creates honeypot files to attract the bad guys. It places these files in folders the bad guys like to visit and checks if they are attacked.

That makes me wonder: if we know where the bad guys look for their targets, it is best to place your really valuable files elsewhere. And give them extensions the bad guys are not interested in.

Reply   |   Comment by krypteller  –  6 months ago  –  Did you find this comment useful? yes | no (+16)

krypteller, CryptoBuster takes advantage of hundreds of ransomware samples analysis to determine which system locations and file types the ransomware targets for encryption. CryptoBuster uses the information to create and deploy honeypots in specific system locations with file names, extensions, and sizes designed to allow ransomware to target those files before they can encounter any of the user real files.

You have full control over the honeypots creation process as you can either create honeypots manually customizing their names and locations or you can use the Honeypots wizard to create and deploy hundreds of honeypots in strategic system locations in one click.

Reply   |   Comment by Smart PC Utilities  –  6 months ago  –  Did you find this comment useful? yes | no (+6)

Smart PC Utilities, is it safer to name important files in my mother tongue instead of in English?
1) Or does the language used in the naming of the files does not make any difference for ransomware?

2) second question: I use Pro Lasso Pro to prevent installed software I do not want to use to run. EG edge, onedrive and skype.
Which normally running dll's or exe's could I switch off in that way to make my computer safer?

Reply   |   Comment by krypteller  –  6 months ago  –  Did you find this comment useful? yes | no (0)

"... if we know where the bad guys look for their targets, it is best to place your really valuable files elsewhere. And give them extensions the bad guys are not interested in."

One thing that I think is always recommended by experts is having off-line backups -- off-line so malware can't find it. Another is preventing the spread of malware, both by limiting it's access & with monitoring to catch it as early as possible -- CryptoBuster helps with the 2nd.

A sobering thought... since ransomware is now sold as a service, you could buy in on the dark web this afternoon, & be in biz in a day or two, making an average of about $20k/month.

Reply   |   Comment by mike  –  6 months ago  –  Did you find this comment useful? yes | no (+3)

krypteller, also means it does NOT stop ransomware attacks just reports an attack is in progress and has reached the honeypot files... any earlier files are now toast and if it cannot stop the ransomware activity you'll soon be getting the ransomware pay me now screen!

Reply   |   Comment by TK  –  6 months ago  –  Did you find this comment useful? yes | no (+5)

mike, I would also suggest NOT discussing ransomware mitigation ideas in any public forum or comments section! Such ideas made public can be learned and worked around and countered by ransomware developers. Best way to avoid Ransomware is never open executable email attachments, never open unsolicited email attachments, even non-executables! Non-executables can contain crafted errors that cause malicious code execution that could enable remote malicious user access to your private LAN. Always make sure that if you ever use a VPN or free WiFi or simple 4G modem or simple *DSL? USB modem (does anyone still?) that the network is defined in windows as a public network and NOT a private work or home network which leaves key private features accessible. Yes using a VPN on a computer behind a LAN can expose the VPN virtual network interface to the public internet or at least the rest of the VPN users that use that particular endpoint and so the VPN network MUST be defined as a public network.
True offline backups not just remote network shares on some NAS is the only way to protect data from the most basic ransomware that enumerates filesystems everywhere it can find including NAS storage.
TK

Reply   |   Comment by TK  –  6 months ago  –  Did you find this comment useful? yes | no (+1)

krypteller, Ransomware will enumerate all files regardless of the language; most of them are using APIs that list files in alphabetic order that is why CryptoBuster uses honeypot names starting with underscore (_) and dot (.) so that ransomware can encounter them before the real user files.

Regarding language, most ransomware won't affect systems using Russian and Belarusian as input languages.

Reply   |   Comment by Smart PC Utilities  –  6 months ago  –  Did you find this comment useful? yes | no (+1)

TK, CryptoBuster is intended to work with your primary security solution whom responsible for preventing and removing the malware in the first place to form the last defense line against ransomware; that is why we designed the app to be compatible with other security solutions and to have a small system footprint.

In some cases ransomware by bypass your security solution due to new/sophisticated stain or using a newly discovered vulnerability in the system, that where CryptoBuster will kick in to protect your important data from damage or at least minimize that damage.

It can halt ransomware encryption attack but not early enough to prevent any files damage, that why we are working on a file system driver for CryptoBuster that will not only allow CryptoBuster to monitor and respond to malicious activities, but it would allow the app to intercept and prevent honeypot modifications and other IO activities at the Kernel level minimizing files damage to nearly zero.

Reply   |   Comment by Smart PC Utilities  –  6 months ago  –  Did you find this comment useful? yes | no (+3)
#2

The Windows Installer Service could not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact your support personnel for assistance.

Reply   |   Comment by Alireza  –  6 months ago  –  Did you find this comment useful? yes | no (+5)

Alireza, Check the Windows installer service by using the following command in CMD (Administrative privileges required)

sc qc msiserver

Make sure the START_TYPE is set to 3 (DEMAND_START)

After that, start the Windows installer service with the following command:

sc start msiserver

Reply   |   Comment by Smart PC Utilities  –  6 months ago  –  Did you find this comment useful? yes | no (+6)

Alireza, When I tried to install it in SandboxIE Plus, I had the same experience.
The honeypot method they use, makes it possible to detect if your PC is under attack. But the giveaway will not remove the malware. Because do do not mention that in their description.

You can compare the giveaway to a speedometer: it will show you how fast you drive, but will not prevent you driving too fast.

Reply   |   Comment by krypteller  –  6 months ago  –  Did you find this comment useful? yes | no (+5)

krypteller, As CryptoBuster is intended to work with your primary security solution to form the last line of defense against ransomware. Your security solution is responsible for preventing and removing the malware in the first place, but in case of a new/ sophisticated ransomware strain that bypassed your security app, CryptoBuster will kick in to protect your data from damage or at least minimize the damage.

Regarding comparing CryptoBuster with a speedometer, it will show you how fast you drive, and at some point, it will slow you down or even force the car to stop to protect you from harm.

Reply   |   Comment by Smart PC Utilities  –  6 months ago  –  Did you find this comment useful? yes | no (+2)
#1

System Requirements:

Windows 11/ 10 (32-Bit and 64-bit)

This means I cannot test it on a virtual W7 64 Pro, my first choice.

Reply   |   Comment by krypteller  –  6 months ago  –  Did you find this comment useful? yes | no (+13)

krypteller,

CryptoBuster system requirements:

Microsoft Windows 11 v10.0.22000 and later.
Microsoft Windows 10 2004 and later (32-Bit and 64-bit).
Microsoft .NET Framework 4.8

Reply   |   Comment by Smart PC Utilities  –  6 months ago  –  Did you find this comment useful? yes | no (0)
Add a comment

iPhone app giveaways »

Christmas Trivia TV Giveaway
Turn your device into a holiday trivia game.
$0.99 ➞ free today
World Tides 2022 Giveaway
Delivers one year's worth of tide predictions for 8061 locations across every coastal country on the planet!
$3.99 ➞ free today
culur: Custom Color by Number Giveaway
Turn any photo into a printable Color by Number quickly and easily!
$2.99 ➞ free today
WiFox Giveaway
WiFox is a continually updated map of airport and lounge wifi passwords from around the world.
$2.99 ➞ free today
FaucetSafe Giveaway
A guide to safe sources of drinking water.
$2.99 ➞ free today

Android app giveaways »

FASTAR VIP - Shooting Star Rhythm Game Giveaway
Calming, fascinating word of fairy fantasy!
$0.99 ➞ free today
Final Weapon - Idle RPG Giveaway
Grow Weapon is an idle game where you adventure by collecting various weapons and powerful heroes.
$0.99 ➞ free today
Peppa Pig: Golden Boots Giveaway
Join Peppa Pig and friends on their new adventure!
$2.99 ➞ free today
Currency Converter Easily+ Giveaway
Convert currencies with all common ones.
$1.39 ➞ free today
My English Grammar Test: Articles - PRO Giveaway
Test and train English grammar and usage of English articles in an entertaining and challenging way!
$1.99 ➞ free today