nProtect MBR Guard

Discussion in 'other anti-malware software' started by safeguy, Dec 23, 2011.

Thread Status:
Not open for further replies.
  1. safeguy

    safeguy Registered Member

    Well, I kind of came across this link (and tool) and it has not been mentioned elsewhere it seems.

    Get out nProtect MBR Guard for free:
    http://en-erteam.nprotect.com/2011/03/get-our-nprotect-mbr-guard-for-free.html

    Direct download link: -http://avs.nprotect.net/FreeAV/NPMBRGuardSetup.exe-
    VirusTotal report (Result 0/43) ~ VirusTotal Results Removed per Policy ~

    Their English blog: http://en-erteam.nprotect.com/
    WOT scorecard (Green): http://www.mywot.com/en/scorecard/nprotect.com
    More information on INCA Internet (nProtect) here: http://en.wikipedia.org/wiki/INCA_Internet

    P.S. I've not tried this program and I don't know whether this supports x64 (64-bit). Seems like an alternative to MBRGuard developed by BlueRidge but which is no longer offered as a stand-alone program and is incorporated into AppGuard instead.
     
    Last edited by a moderator: Dec 23, 2011
    safeguy, Dec 23, 2011
    #1
  2. kupo

    kupo Registered Member

    Wondering if it supports 64 bit system.. But I'm hesitant to try it.
     
    kupo, Dec 23, 2011
    #2
  3. sg09

    sg09 Registered Member

    Good info Safeguy..:) It might be a worthy software..:)
    It seems to have a flash screen and tray icon compared to completely silent BlueRidge MBR Guard.
     
    sg09, Dec 23, 2011
    #3
  4. yhjeon

    yhjeon Registered Member

    yhjeon, Dec 28, 2011
    #4
  5. sg09

    sg09 Registered Member

    Good to know that it supports 64 bit..:)
     
    sg09, Dec 28, 2011
    #5
  6. Victek

    Victek Registered Member

    Can nProtect MBR Guard block the TDSS rootkit which I believe infects the MBR on Windows 64 bit? Are there any known conflicts with other security applications, such as Norton Internet Security?
     
    Victek, Dec 28, 2011
    #6
  7. andyman35

    andyman35 Registered Member

    Also are there any conflicts with Disk snapshot utilities such as CTM?
     
    andyman35, Dec 28, 2011
    #7
  8. yhjeon

    yhjeon Registered Member

    Hi guys~
    I asked about those questions and.
    Our testing team members are going to test for those.
    I'm gonna let you know after the testing.
     
    yhjeon, Dec 29, 2011
    #8
  9. sg09

    sg09 Registered Member

    sg09, Dec 29, 2011
    #9
  10. yhjeon

    yhjeon Registered Member

    1. Can nProtect MBR Guard block the TDSS rootkit which I believe infects the MBR on Windows 64 bit?

    When MBR Guard is installed first then we try to attack with TDSS rootkit, it protected MBR sector. (in XPSP3_x86 environment)
    But the test system was freezed due to bunch of operations of malicious code.
    They thought that the freezing wasn't MBR Guard's problem but due to continous trying of malcode.
    And in Win7 x64 environment, since executing malicious code sample dyed our PC to BSOD, they couldn't test.


    2. Are there any known conflicts with other security applications, such as Norton Internet Security?

    There hasn't been reported about the conflict with any other security SWs. Please let us know if you got a clash while your using.


    3. Also are there any conflicts with Disk snapshot utilities such as CTM?

    We expect that our product is only monitoring about writing activity; therefore snapshot program won't affect ours.

    Sorry sg09, we hasn't converted it to english version.

    Thanks. John.
     
    yhjeon, Dec 29, 2011
    #10
  11. kupo

    kupo Registered Member

    Hello, are you planning on translating it to english? :D
     
    kupo, Dec 29, 2011
    #11
  12. Baldrick

    Baldrick Registered Member

    Hi yhjeon

    Not quite sure what you mean re. the effect on 64bit systems. Are you saying that nProtect interfered with the malware sample and the result was a BSOD or that the BSOD was caused by the malware sample before nProtect could do its job, or are you just not sure at this stage of testing?

    Thanks in advance.


    Balders :D
     
    Baldrick, Dec 29, 2011
    #12
  13. Victek

    Victek Registered Member

    Here is some information about TDSS (TDL 4) and the way it gets around patchguard on 64 bit Windows.

    http://www.securelist.com/en/analysis/204792157/TDSS_TDL_4
     
    Victek, Dec 29, 2011
    #13
  14. andyman35

    andyman35 Registered Member

    Thank you for that.I think I'll try it out on a VM :thumb:
     
    andyman35, Dec 29, 2011
    #14
  15. Technical

    Technical Registered Member

    And so?

    I suppose there is not a conflict with legit programs that change the MBR, like Truecrypt, Acronis True Image, Comodo Time Machine, Rollback RX, and so on. I suppose the software must be disabled before allowing that legit program to upgrade or change the MBR. Am I right?
     
    Technical, Dec 29, 2011
    #15
  16. ratchet

    ratchet Registered Member

    I've been thinking about that too. I'd be afraid that if the SS type app messed up, as they have been known to do, this product might prevent restoring the MBR. I uninstalled CTM once for my monthly defrag and imaging with ZSoft by mistake and nuked my Vista laptop but I was able to restore the MBR with Paragon.
     
    ratchet, Dec 29, 2011
    #16
  17. yhjeon

    yhjeon Registered Member

    I asked, but they said not sure.

    Hi baldrick.~
    In x64 environment, BSOD happend as soon as we executed TDSS sample.
    It can be changed by samples but, we couldn't test normally.
    And we can try to test if you got a sample.

    You are right. To use safe, I think we don't need to be adventurous.
     
    yhjeon, Dec 29, 2011
    #17
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice