This experimental project allows you to scan in real-time new processes, DLLs and kernel-mode drivers with your custom YARA signatures. If a process, dll or driver matches one YARA rule, it is blocked from loading in the system, preventing a potential malware infection. This tool is not recommended for beginner users.
For Windows XP, Vista, 7, 8, 10 (32\64-bit)
Scan processes, DLLs and drivers in real-time before they are executed.
Use your own YARA rules to block processes, DLLs and drivers.
When something is blocked the program shows many useful details.
The software application uses only a few MBs of memory, you will not even notice it.
The program is free from spyware, adware or other pests, nothing extra is installed.
This software is completely free to use for anyone, at home and at work.
Here there are some screenshots of the application.
| Version | 1.3 |
|---|---|
| Last Updated | November 7, 2018 |
| Operating System | For Windows XP, Vista, 7, 8, 10 (32\64-bit) |
| Category | Experimental Tools |
| License Type | Freeware |
| File Size | 11.6 MB |