Smart Object Blocker is a Windows OS utility that provides a valid approach to prevent malware and rootkit infections without requiring virus signatures or updates, you can create your own rules to block or allow objects. It monitors in kernel-mode all processes, dlls and drivers loaded in the system, best bulletproof protection. You can write rules to allow (or block) processes, dlls and drivers, you can use wildcards and regular expressions, and the rules are updated in real-time (no need to restart the application).
For Windows XP, Vista, 7, 8, 10 (32\64-bit)
With the Lockdown Mode you create a granular whitelist of applications, dlls and drivers that are allowed to run in the system and all the rest is automatically blocked, period. This approach is very powerful because the program can block 0-day threats without having to rely on signatures or updates.
With the Behavioral Mode you can specify custom rules to block processes, dlls and drivers. You can block, for example, the web browser (Firefox, Chrome, Opera) to execute unsigned processes or unsigned dlls, thus preventing exploit kits to execute the payload. You can also exclude specific objects from being blocked.
We have developed a smart way to create rules: you can use wildcards, regular expressions (PCRE), field aliases, custom environment variables, group multiple conditions, and much more. The “grouping” of a conditional evaluation based on any supported vars/aliases which fully acknowledges both wildcarding and full regex has literally unlimited potential.
Thanks to the custom environment variables and to field aliases the rules that you create for you can also be shared and used by other users. This makes the program very powerful because you can also use rules from other users, joining forces with other skilled users is always good to create the perfect whitelist or blacklist.
You can scan with your custom rules every field about a to-be-loaded process, dll and kernel-mode driver, including the process name, parent process, PID, file MD5 hash, file publisher, file description, file size, name of the vendor / company that signed the file, entire command-line string, and much more.
Our program does not install any user-mode or kernel-mode API hook on your system. It uses all documented (and undocumented) kernel-mode callbacks to monitor for executions of processes, modules and drivers. We have created this program to support all Microsoft Windows OSs, 32/64-bit, with a focus on stability.
|Last Updated||May 31, 2018|
|Operating System||For Windows XP, Vista, 7, 8, 10 (32\64-bit)|
|Category||Malware Protection Tools|
|File Size||1.7 MB|