NoBot is a portable malware scanner for Windows - gHacks Tech News

NoBot is a portable malware scanner for Windows

NoBot is a portable spyware and malware scanner for the Windows operating system that focuses on detecting bots, spyware, and other types of malware.

I like portable security applications as I run them regularly on Windows machines as second opinion scanners. Fact is, no antivirus solution is perfect, and some may even introduce issues of their own on user systems.

A second opinion scanner may find threats that the resident security solution did not detect. It may, on the other hand, introduce issues of its own.

You may find the following reviews useful as well:

NoBot

nobot

NoBot is a portable software program that you can run from any location. The security program is offered as a free and a premium version. The free version is somewhat limited in regards to scan options and some other functions.

It supports the following features that the free version does not support:

  • Full scan and custom scan are not supported.
  • Scan for module injection.
  • Scan System Startup tasks.
  • Scan Windows Directories.
  • Check Windows Security settings.

The interface is identical in both versions. The interface is tab-driven, and it is here that you select the various available options.

Scan is probably the most important one as it allows you run scans for threats on the system. The program supports three different scan types:

  • Threat Scan to search common directories like the User folder for viruses, malware, and spyware.
  • Custom Scan to scan user-selected locations.
  • Full Scan to run a scan of all directories and files of the system.

Free users can run threat scans only; the two other scan options are reserved for premium customers. This limits the usefulness of the free version somewhat, but it is still okay if you use the program as a second opinion scanner.

The program does not reveal the folders that are included in the threat scan. It does scan the Registry, the User folder, and the program files folder at the very least (since it displayed hits in the scan results). NoBot scans (some?) files on VirusTotal which may explain why scans take longer than regular antivirus quick scans.

The threat scan takes a couple of minutes to complete which is not overly impressive considering that NoBot scans a low number of Registry keys and files only. The scan took 5:16 minutes on a fast SSD-powered system and scanned a total of 170 files and 67 Registry keys.

The program lists hits as they happen in the interface. You may need to change the size of the program window to display full Registry or file paths without scrolling on the screen.

NoBot does not act on its own after the scan which is good. It is up to you to go through the list of potential threats one by one for verification.

Buttons to clean the selected items or to run another scan are provided. A right-click reveals additional options as you can use the context menu that opens to add items to the list of exceptions and to open the file location on the local system. The latter works only for files and not Registry keys despite the fact that it is displayed for Registry key right-clicks as well. It would be nice if the developers would add an option to jump directly to the Registry key as well.

The type column provides the only indication why a file or Registry key is listed as a threat by NoBot. These reveal little to the user, however.

You can make some modifications on the Settings tab. Two of those handle the submission to VirusTotal. You can disable the submission entirely or disable the automatic submission only. Other options let you disable the scanning of the Registry, and the detecting of suspicious file paths.

The two remaining tabs, Quarantine and Exceptions, give you options to manage the quarantine and list of ignored files or keys.

Closing Words

NoBot needs a bit of work. The developers need to add information to the company website that explains the program's functionality in detail. It would also be useful if they'd mark the premium-only scan options as such and provide more explanation about discovered threats.

The developers note that their program uses heuristics to detect threats. While that may improve the chance of detecting unknown threats, it usually does increase the number of false positives as well.

Now You: Do you use second-opinion scanners?

Summary
software image
Author Rating
1star1star1stargraygray
4 based on 7 votes
Software Name
NoBot
Operating System
Windows
Software Category
Security
Landing Page
Advertisement

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:


Previous Post: «
Next Post: »

Comments

  1. Janice said on January 5, 2018 at 12:15 pm
    Reply

    F-Secure blocks http://nobotsecurity.com as Harmful Website…

  2. Anonymous said on January 5, 2018 at 1:13 pm
    Reply

    Bitdefender blocks hhtp://nobotsecurity.com as Harmful Website

  3. XenoSilvano said on January 5, 2018 at 3:17 pm
    Reply

    I use the portable offerings of IObit whenever I am away from the main computer that I use

  4. TelV said on January 5, 2018 at 3:33 pm
    Reply

    Malwarebytes didn’t flag Nobot as a harmful site, but I’m surprised they don’t have an SSL-enabled site. Also, I couldn’t find any links on the home page to indicate who they are so I’ll give that one a miss I think.

    I’ve used Microsoft’s portable scanner from time to time, but that’s about all.

  5. Sergey said on January 5, 2018 at 4:49 pm
    Reply

    Is it possible that meminfo really has a trojan miner in its exe?
    https://i.imgur.com/lc5K9d4.png
    Does anybody have any info on this?

    1. Martin Brinkmann said on January 5, 2018 at 5:06 pm
      Reply

      I doubt it. Did you check it on Virustotal as well?

      1. Sergey said on January 5, 2018 at 5:22 pm
        Reply

        According to Virustotal meminfo.exe is clean.
        But I’m still curious why NoBot marks it as a trojan miner.

      2. pHROZEN gHOST said on January 5, 2018 at 8:06 pm
        Reply

        It also flags my clock.exe … a program which I wrote :-o

      3. Sergey said on January 5, 2018 at 10:06 pm
        Reply

        Does it flag your clock.exe as a trojan miner or as something else?

      4. Robert said on January 5, 2018 at 11:48 pm
        Reply

        False positive. That is why I haven’t used Virus scanners in years other than Microsoft’s built in one. Most of them will block you from using software like “Nirlauncher” and “GPG4Win”. “NoBot” is likely another false positive.

  6. mxb said on January 6, 2018 at 2:41 am
    Reply

    Their website seems to be blocked on my AV.

    “Bitdefender has blocked this page
    This website was blocked to prevent a malware from reaching your device. Malware can cause your device to slow down or it can steal your private information.”

    Bitdefender is usually not one to flag competitive sites, so I’m definitely staying away until this has been resolved.

  7. sneezing__panda said on January 6, 2018 at 2:41 am
    Reply

    NoBot first started out on HF as an easy way to remove common RAT’s and Keyloggers. It just now started getting some more updates. If something is marked wrong it’s likely a false positive.

    1. sneezing__panda said on January 6, 2018 at 2:51 am
      Reply
  8. A. said on January 11, 2018 at 7:57 pm
    Reply
    1. Martin Brinkmann said on January 11, 2018 at 8:00 pm
      Reply
  9. FALSE POSITIVE said on January 13, 2018 at 8:30 pm
    Reply

    FALSE POSITIVES is a political wing that undermines the enemy with Ad-Hoc misleading accusations.

    By FALSELY POSITIVELY tagging someone’s code, AV enterprises do a double hurt to the IT Community:

    a) They use their authority to warn the customers about non-existent threats.

    b) They do a favour to malware creators, enabling the FALSE POSITIVE Charade.

  10. FALSE POSITIVE said on January 13, 2018 at 8:32 pm
    Reply

    @ A. the FP have been lowered to 3.

  11. Carl said on January 14, 2018 at 10:13 pm
    Reply

    Ran a threat scan. Didn’t find anything. Nice program and I like that I can just throw it on my USB and use it on the go. Thanks for the share

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.