need portable antivirus on usb key , kaspersky?

I use A-Squared Emergency Stick, for spyware cleaning as & when needed.
A-Square is good with spyware,rogue apps,trojans,worms and most other malware.
For now it includes A-Square Anti-Malware Free 3.5. But later they will add ver 4.0 which will also include the Ikarus AV engine.

see here:
http://www.emsisoft.com/en/software/stick/

Download ( approx 30 MB ) :
http://download1.emsisoft.com/a2usb.zip

 

wow wonderful
and does it write on the registry?
because i would like to use it in pc with low privilege too

 

Uhm... The USB stick is useful since it doesn't require installing the application on infected machine (which can be difficult/impossible due to malware interactions). However, running similar portable stuff under restricted account won't really do much good regardless whether it writes to registry or not. You need appropriate privileges to be able to clean the computer (IOW, you should be administrator).

 

Yes, it writes to registry. But if you don't have write/delete rights to the registry class in question it will fail.

What I usually do is make a DOS bootable USB drive.
See here for more info : http://www.bootdisk.com/pendrive.htm

Then copy the A-Squared Emergency stick contents onto the drive as a separate folder. Run update via windows on a clean machine, so that A-Squared downloads latest signatures.
Then use the USB drive to boot into DOS in the infected system. Then run the A-Sqaured Command Line Scanner. It will scan registry and hard disk. And you have no issues to admin restrictions

 

I definitely appreciate the information and insights.

I'm hoping someone can provide an explanation of what I'm seeing in running a test of Dr.Web CureIt. I have the standard eicar files (eicar.com, eicar.com zipped, and the eicar.com zipfile zipped) placed on my system. Additionally I'm running Trojan Simulator v1.0 which creates an active process in memory and adds an autostart entry in the registry.

The initial memory scan does not detect the Trojan Simulator active processes. In running a complete scan, it detects the eicar.com and two executable files associated with Trojan Simulator. But it did not detect those same files when they were in zip archives nor the active Trojan Simulator processes. I didn't test any other archive formats but can only assume it will produce similar results.

As a side note, I tried a-squared free v3.5 and it found all I expected it to (including all not identified by Dr.Web) along with three possible false positives. Unfortunately the GUI interface does add traces to the system being scanned, but as noted running the command line scan should rectify that issue.

Thanks for any thoughts on why the push for Dr.Web when it did not appear to be as strong as I first thought. Seeing that it's free, there shouldn't be any manufacturer bias involved (of course it does get folks to the website with links to the pay version but I'd say I'm being overly suspicious/cynical).

 

i download the last version
but told me database corrupted

 

Give it a few hours and download the newer bases when its available - I downloaded it in the weekend and it was working fine.

AVPTool v9 beta is out which includes the new heuristics which KIS/KAV2009 have

http://forum.kaspersky.com/index.php?showtopic=100269

 

http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/
here i download the tool
but with database corrupted
give it a try to this link

 

Just downloaded it now, titled setup_7.0.0.290_20.01.2009_10-49.exe
Worked fine for me.
Did you try to remove it, download it again and install it?

 

downloaded setup_7.0.0.290_20.01.2009_14-50.exe M5D

Code:

A64337EB53EF6EA7B64A54687044EAFA

i used sandboxie because i have nod32 ,to avoid conflicts

 

Don't use sandboxie.... that screws it up.

You can use AVPtool alongside any resident av.

 

Try pausing/exiting NOD when installing it.
Not sure how NOD works, but if its setup to delete/block automatically without warning, then it may have deleted some bases files.

(If NOD is your firewall, disconect from the internet or enable windows firewall if you pause/exit NOD).

How many files do you have in Kaspersky's "Bases" folder?

 

did you try under sandboxie?

 

Slow? It's one of the faster on-demand scanners I've come across. The default Express scan takes a little over 1 min. on my rig.

 

compare to nod32

i used lot of years ago drweb and it was very slow ,the real time amazing slow

 

I was referring to CureIt the on-demand scanner w/out real-time protection and no auto update feature.

http://www.freedrweb.com/cureit/

You should really give it chance since it sounds like you haven't used it in quite some time or quite possibly at all.

 

Did you try over sandboxie or download + run with NOD exited?
Didnt have a chance last night, will try tonight or in the weekend if I get time

 

Usually people's experience with Dr.Web's real-time file scanner is the exact opposite. Regarding the slow on-demand scanning, if you select it to check all files it really means it .. supporting a lot of packers, file types and scans archives as deep as it can get. No limitations about nesting levels etc. Files packed with unknown packers are scanned also.

 

AVZ Antiviral Toolkit is fantastic!

http://www.softpedia.com/get/Antivirus/AVZ-Antiviral-Toolkit.shtml

 

which database does it use?

can be updated?

 

I wouldn’t recommend AVZ as a scanner, its detection isn’t that good.
It uses its own database and can be updated.

AVZ's main use is for manual malware cleaning purposes (locating and removing malware by hand), AVZ is unlikely to detect malware by itself and detection is nowhere near as good as DrWeb and Kaspersky.