NoVirusThanks Smart Object Blocker

Discussion in 'NoVirusThanks' started by Cch123, Aug 3, 2015.

  1. Cch123

    Cch123 Level 7

    May 6, 2014
    #1 Cch123, Aug 3, 2015
    Last edited: Aug 3, 2015
    NoVirusThanks has just released a new tool. Here's my short summary of its capabilities. It has 2 modes, namely "lockdown" and "behavioral"

    1. Lockdown
    Lockdown mode is similar to Exe Radar Pro's lockdown mode, but on steroids. Basically, while Exe radar pro is simply an anti-executable, this software is capable of bringing the application whitelisting concept to drivers and dlls for a far more complete protection. (ERP is only able to control executables and not dlls and drivers.)

    2. Behavioral Mode
    Well basically, this mode allows you to write your own behavioral AV to the level of protection you want. Examples of such a rule is given by NVT: "You can block, for example, the web browser (Firefox, Chrome, Opera) from executing unsigned processes or unsigned dlls, thus preventing exploit kits from executing the payload." Another example is blocking double extensions.

    Overall, I think that this is an extremely exciting software, but there are still bugs here and there since its still so new. But definitely something to monitor

    Original Post from NVT on wilders:
    Av Gurus, porkpiehat, Umbra and 2 others like this.
  2. Umbra

    Umbra From Emsisoft

    May 16, 2011
    Community manager
    Vietnam & France
    Windows 10
    will wait a GUI version lol
  3. Raul90

    Raul90 New Member

    Feb 5, 2012
    Yeah. There's not much we can see in the gui and the rules creation need some getting used to. But it's a great software complement. If I could iron out the kinks in my trial I will keep it :)
Similar Threads Forum Date
[Quick Review] NoVirusThanks Smart Object Blocker (v1.1 Beta ) NoVirusThanks Aug 24, 2015
Video Review OSArmor by NoVirusThanks- An Overview Video Reviews Friday at 6:37 PM
Hello from NoVirusThanks New Member Introductions Dec 17, 2017