NoBot is a portable malware scanner for Windows

NoBot is a portable spyware and malware scanner for the Windows operating system that focuses on detecting bots, spyware, and other types of malware.

I like portable security applications as I run them regularly on Windows machines as second opinion scanners. Fact is, no antivirus solution is perfect, and some may even introduce issues of their own on user systems.

A second opinion scanner may find threats that the resident security solution did not detect. It may, on the other hand, introduce issues of its own.

You may find the following reviews useful as well:

• ESET Online Scanner review
• Run Trend Micro’s Anti-Threat Toolkit as a second opinion scanner

NoBot

NoBot is a portable software program that you can run from any location. The security program is offered as a free and a premium version. The free version is somewhat limited in regards to scan options and some other functions.

It supports the following features that the free version does not support:

• Full scan and custom scan are not supported.
• Scan for module injection.
• Scan System Startup tasks.
• Scan Windows Directories.
• Check Windows Security settings.

The interface is identical in both versions. The interface is tab-driven, and it is here that you select the various available options.

Scan is probably the most important one as it allows you run scans for threats on the system. The program supports three different scan types:

• Threat Scan to search common directories like the User folder for viruses, malware, and spyware.
• Custom Scan to scan user-selected locations.
• Full Scan to run a scan of all directories and files of the system.

Free users can run threat scans only; the two other scan options are reserved for premium customers. This limits the usefulness of the free version somewhat, but it is still okay if you use the program as a second opinion scanner.

The program does not reveal the folders that are included in the threat scan. It does scan the Registry, the User folder, and the program files folder at the very least (since it displayed hits in the scan results). NoBot scans (some?) files on VirusTotal which may explain why scans take longer than regular antivirus quick scans.

The threat scan takes a couple of minutes to complete which is not overly impressive considering that NoBot scans a low number of Registry keys and files only. The scan took 5:16 minutes on a fast SSD-powered system and scanned a total of 170 files and 67 Registry keys.

The program lists hits as they happen in the interface. You may need to change the size of the program window to display full Registry or file paths without scrolling on the screen.

NoBot does not act on its own after the scan which is good. It is up to you to go through the list of potential threats one by one for verification.

Buttons to clean the selected items or to run another scan are provided. A right-click reveals additional options as you can use the context menu that opens to add items to the list of exceptions and to open the file location on the local system. The latter works only for files and not Registry keys despite the fact that it is displayed for Registry key right-clicks as well. It would be nice if the developers would add an option to jump directly to the Registry key as well.

The type column provides the only indication why a file or Registry key is listed as a threat by NoBot. These reveal little to the user, however.

You can make some modifications on the Settings tab. Two of those handle the submission to VirusTotal. You can disable the submission entirely or disable the automatic submission only. Other options let you disable the scanning of the Registry, and the detecting of suspicious file paths.

The two remaining tabs, Quarantine and Exceptions, give you options to manage the quarantine and list of ignored files or keys.

Closing Words

NoBot needs a bit of work. The developers need to add information to the company website that explains the program’s functionality in detail. It would also be useful if they’d mark the premium-only scan options as such and provide more explanation about discovered threats.

The developers note that their program uses heuristics to detect threats. While that may improve the chance of detecting unknown threats, it usually does increase the number of false positives as well.

Now You: Do you use second-opinion scanners?