MCShield: antimalware to prevent removable drive infections

MCShield is an antimalware program designed to prevent infections transmitted via removable drives.

Homepage
http://amf.mycity.rs/programs/mc/mcshield/

Program Features:

 automatic mode which makes use of this software possible to everyone regardless of their operating system and
malware related knowledge;
 detection of newly connected drives and automatic scanning;
 ultra fast scanning of root and certain special folders on the hard drives and adaptive scanning of removable
drives;
 signatures and program updates using the integrated update tool;
 completely negligible impact on system performance;
 optimal functionality without any additional settings;
 possibility to modify the programs behavior according to specific user’s needs;
 creation of backup copies of everything that program detects and deletes;
 completely freeware..


The largest part of MCShield’s detections is based on generic routines designed for detection of certain prevalent worm families and heuristical analysis of drives’ contents.
The detection level is additionally improved through mathematical signatures and known bad file and folder names databases.Usage safety and prevention of false detections is performed through multiple verification of legitimacy of files performed inside the detection routines and, additionally, by cross-referencing the scan results with the legitimate files database.
To ensure the optimal protection level without decrease in functionality, MCShield enables it’s users to add their own files to the white list – items in this list shall never be detected regardless of how suspicious the program might consider them.

Documentation
http://amf.mycity.rs/programs/mc/mcshield/Doc/MCShield_Help_EN.pdf

Screenies









How does MCShield works

The explanation is based on default CPanel settings.
When the scanner runs (via the start menu shortcut, Tray Controller or CPanel), the program shall perform (initial) scan
of all partitions on all fixed drives (HDD) and removable drives (flash drives, memory cards...). Floppy and optical drives
shall never be scanned.
The program scans:
- on fixed drives: root folder for the presence of known bad files and folders; certain specific common folders
(note: the program does not scan system folders: ”Documents and settings”, ”Program Files”, ”ProgramData”,
”Users”, ”Windows”; nor shall it ever delete anything residing in those folders);
- on removable drives: : root folder for the presence of known bad files and folders; adaptive generic scan; various
generic / heuristic scans whose depth depends on level and type of infection on the drive; if necessary, the
program shall reset the attributes of files and folders modified by malware to enable easy access to those items.

Download Link
hxxp://amf.mycity.rs/programs/mc/mcshield/MCShield-Setup.exe

 

cool thanks
does it have an antivirus scaner from any antivirus vendor?

 

Hi,
I don't think so. Actually it is only a partial scanner I think.

Trying in my real system now. Small Impact on system.

 

nice it looks fast

 

Thanks sujay for good share

 

I wonder if this would provide any additional benefit to my Norton Internet Security and Panda USB Vaccine combo?

Some AVs already specifically scan USB drives, such as AVG.

 

I can say with certain that this program is way better than the panda USB vaccine. Panda doesn't have database like MCsheild and panda only creates autorun.inf file without trying to clean your flash drive from malware

 

I installed this program to try and (without letting me know me) it renamed 2 files in my NTFS external hard drive, one file was an autorun file and another file.

After that when I try to use the "safely remove hardware" in the taskbar to remove the USB hard drive it wont let me remove it, only way to remove it is pull the USB out and I am worry if the data in the HD might get corrupted.

I really regret installing this program it rename 2 files with telling me and now my USB cant be remove safely and MCshield wont let me restore the 2 files back to the original file.

I just want to ask if someone can help me fix this problem as I want to go back and safely remove the USB from the task bar safely because my whole important back up files is in that 1 TB hard drive.

 

Hello, everyone.


Bonzi,

As clearly stated, the program works in automatic mode.

User manual: "MCShield shall automatically react on detected malware – it shall delete malicious files and folders and rename the
suspicious ones (adding the ”.vir” extension)."

In case that the "another" file is not globally known (and, as such, whitelisted) or not added by the user to the user's whitelist, the behaviour you described was expected.

Right click the tray icon and select Stop. The program is now disabled and can not interfere with anything.

If you still can't eject the drive, the most probable cause is that some other program has an open file on the drive. In that case, a reboot should help.
In case you can eject the drive, than it's possible that MCShield had an open file on the drive due to the interference by some other security application during the scan. Recommendation in that case is, as always, that security programs should be added to exclusions list of all other security programs you have (to avoid conflicts).

In case you are indeed just a worried user, I am sorry that your experience with the program was not as it was meant.

Restore from where? You said the files were renamed. There's nothing to restore.
If they are legit, just remove the "'.vir" from the file name. MCShield shall not (and, from a technical point of view, can not) interfere with that.

If you don't feel like reading the manual and exploring the possibilities and features of MCS, then please... Right click the tray icon, Stop. Right click the tray icon, Exit. Control Panel, Add or Remove Programs; uninstall.

 

@dr_Bora:
Are you the developer of this program? Welcome to Wilders Security...

 

Yes I am... Thanks.

 

Yo Dr. Bora!

I'll be trying thisi tool tomorrow but thanks in advance! It sounds like a cool app!