Softpedia >Windows >Security >Security Related >  ShadowGuard
ShadowGuard icon

ShadowGuard

5.0/5 1
Certified 100% FREE Donationware   

A simple software utility that can block unauthorized attempts to erase File Shadow Copies of files on your computer, which is usually done by ransomware #Preserve shadow copy  #Block ransomware  #Protect shadow copy  #Shadow copy  #Block  #Preserve  

Softpedia Review

Free Download

Review by:
4.0/5
ShadowGuard screenshot

The Shadow Copy technology is used in Windows to create backup copies or snapshots of files on your computer, even while you are using them, so as to allow the quick recovery of data in case of need. As expected, one of the actions ransomware and other malware, for that matter, takes is attempting to delete the existing shadow copies of files. The reason behind this endeavor is simple: once your files are encrypted by the ransomware, it is much more difficult, if not impossible, to recover them in the absence of a shadow copy.

Having that in mind, ShadowGuard provides a way for you to make sure that shadow copies of file are not deleted without your consent. If active, this tiny application can take action when an application tries to erase shadow copies and stop it completely.

But how does it actually work? ShadowGuard attaches itself as a debugger to specific Windows processes, namely powershell.exe, WMIC.exe or VSSAdmin.ese. Its purpose is to detect commands meant to tamper with shadow copies in due time and blocking the application or process that initiated this action.

To put it another way, ShadowGuard prevents the deletion command from executing and thus, preserve the targeted shadow copies. Then, it sends a termination signal to the application that started the deletion command in the first place, meaning it blocks the actions of what could be ransomware.

Attaching ShadowGuard to the Powershell process can affect other applications that make use of Powershell commands. Please remember to disable it in case you experience problems with an application.

The same goes for the VSSAdmin.exe process, as ShadowGuard might tamper with the well-functioning of backup applications. To avoid such situations, you can create a whitelist containing applications that are allowed to modify or delete shadow copies and are not to be terminated.

ShadowGuard is a simple application, extremely easy to use and manage. However, it does alter the normal functioning of some Windows processes, which might affect third-party applications. You shouldn’t forget to disable it if it happens that an application does not work properly, especially if we are talking about applications that manage volume shadow copies.

ShadowGuard 1.0.1

 add to watchlist add to download basket send us an update REPORT
  runs on:
Windows 10 32/64 bit
Windows 8 32/64 bit
Windows 7 32/64 bit
Windows Vista 32/64 bit
Windows XP 32/64 bit
  file size:
793 KB
  filename:
ShadowGuard_Setup.exe
  1 screenshot:
ShadowGuard - ShadowGuard can block actions takes via Powershell, WMIC.exe or VSSAdmin.exe.
  main category:
Security
  developer:
  visit homepage

Bitdefender Antivirus Free

Feather-light and free antivirus solution from renowned developer that keeps the PC protected at all times from malware without requiring user configuration
Bitdefender Antivirus Free

Zoom Client

The official desktop client for Zoom, the popular video conferencing and collaboration tool used by millions of people worldwide
Zoom Client

7-Zip

An intuitive application with a very good compression ratio that can help you not only create and extract archives, but also test them for errors
7-Zip

ShareX

Capture your screen, create GIFs, and record videos through this versatile solution that includes various other amenities: an OCR scanner, image uploader, URL shortener, and much more
ShareX

4k Video Downloader

Export your favorite YouTube videos and playlists with this intuitive, lightweight program, built to facilitate downloading clips from the popular website
4k Video Downloader

Windows Sandbox Launcher

Set up the Windows Sandbox parameters to your specific requirements, with this dedicated launcher that features advanced parametrization
Windows Sandbox Launcher

Microsoft Teams

Effortlessly chat, collaborate on projects, and transfer files within a business-like environment by employing this Microsoft-vetted application
Microsoft Teams

IrfanView

With support for a long list of plugins, this minimalistic utility helps you view images, as well as edit and convert them using a built-in batch mode
IrfanView

calibre

Effortlessly keep your e-book library thoroughly organized with the help of the numerous features offered by this efficient and capable manager
calibre

Context Menu Manager

Customize Windows’ original right-click context menu using this free, portable and open-source utility meant to enhance your workflow
Context Menu Manager

% discount
IrfanView
  • IrfanView
  • calibre
  • Context Menu Manager
  • Bitdefender Antivirus Free
  • Zoom Client
  • 7-Zip
  • ShareX
  • 4k Video Downloader
  • Windows Sandbox Launcher
  • Microsoft Teams
TRY
essentials
Click to load comments
This enables Disqus, Inc. to process some of your data. Disqus privacy policy