AVERT v2.2 - Coming soon!!!

Discussion in 'other anti-malware software' started by weirddemon, Jan 2, 2011.

Thread Status:
Not open for further replies.
  1. weirddemon

    weirddemon Registered Member

    Joined:
    Oct 3, 2010
    Posts:
    127
    Hey everyone,

    It's been a while since I released a new version of AVERT. The last version being v2.1 of course.

    Since it has been so long, I wanted to show everyone some screenshots of the new AVERT, explain some new features, changes and take any suggestions you all might have.

    So, before I begin, let me first thank all of you that use AVERT and those that support this project. I've received a bunch of emails about suggestions, bugs and just overall thanks on the project. Without interest, this project would just shrivel up and die.

    After v2.1 was released, I took some time off from developing AVERT. I was changing jobs and moving, so I needed to focus all of my attention on that. But, shortly after I became acclimated to my new job, I began working on v2.2.

    As soon as I did, I knew a lot of things had to change. I couldn't just keep adding things. I realized that so many things had to change for the better. Things that people have complained about couldn't be ignored. And as much as I didn't want to change AVERT, I knew I had no choice. I also recruited a guy who is currently redesigning the website in order to make it more current, functional, and easier to use.

    From the outside, AVERT may not look too different, but the inside has changed dramatically. I had to re-do the entire automation structure in order for everything to work more smoothly and perform much better with the rest of the application.

    One of the surprisingly big things that people complained about was the automation window. Remember the old one?

    http://img18.imageshack.us/i/avertautomationold.png/

    It was just a plain old ugly window that stayed on top of all other windows in the top left side of the screen. I've said it a million times, but AVERT is more of an emergency scanner than anything else, but people kept using it while trying to surf the web, type documents, etc. So, I decided to change it when I changed the automation structure. In fact, in order to change it, I had to change the automation process. So now, it looks like this:

    http://img714.imageshack.us/i/avertautomationnew.png/

    You see two windows in this screenshot. When the automation process starts, you see the top window. It's now on the right side of the screen. Since most of us read from left to right, it being on the right side is less obtrusive. You'll also notice that it's semi-transparent. This is another feature made to make it less obtrusive. If you mouse over it, it becomes completely visible and when the mouse is moved from it, it goes back to being semi transparent. Also, you'll notice I changed the color scheme to look a little more aesthetically pleasing.

    Along with these changes, I removed the label that stated what time the process began and it now reads how long the process is taking in seconds, minutes and hours. At the final report, you'll see the start time, end time, and how long the process took.

    Another big problem people had was how to UI was designed. A lot of people hated that there were so many pop-up windows. I remember one person suggesting that I change it to where, basically, everything was on the main window; with a billion and one check boxes and radio buttons everywhere. That, I'm sorry to say, was a horrible idea. You never want to overload one area of the UI with too much information. You'll end up scaring most users. Give someone too many choices at once and they won't know what to do.

    But, this did get me thinking. I could change the UI to reflect the same basic principle, without it becoming an overload and limiting the amount of pop-up boxes. Now, there's only one pop-up box and it is used for downloading the initial scanners. In the past, when the user chose "Custom" for the scanners, it would pop up a new box and the user could decide what they wanted to do from there. Now, the "Start" button changes to "Next" and when clicked, the user chooses those options from the next screen. Also on the main UI, you now have the choice to decide if you want to remove infections and an approximate amount of time for the chosen task is displayed:

    http://img263.imageshack.us/f/avertmain.png/

    There's one final thing I've added/changed I want to talk about. If you noticed in the last screenshot, there are three main tabs on the left side of the app: Automation, Reports, Tools. The third tab used to be ART, for the AVERT Registry Tool. It allowed you to import registry backups. I now have put that under Tools along with Fixes, Startup and the AVERT Signature Updater:

    http://img593.imageshack.us/f/averttools.png/

    Instead of the fixes being apart of the automation process, I made it it's own page that you can apply individually. It used to be another popup window and is applied so quickly, I didn't think it needed to be apart of the automation. You'll also notice that I added a Startup tool. If I had known how much of a pain that was going to be before I started working on it, I probably wouldn't have even bothered :p

    It allows you to view all of the startup applications and is similar to MSCONFIG. Using it, you can disable any application that might be malware.

    With that, there's one more thing I'm working on that will hopefully please a lot of people. I've Google AVERT and I've read a bunch of different forums, comments on blogs, etc. For the most part, people really like AVERT. But when it comes down to it, people hate false positives and the fact that there's nothing they can do about it with AVERT. So they won't use it because of that.

    When I started working on v2.2, I kept this in mind. Right now, I've come up with a band aid, but I do have a solution that will work in v2.3. I never thought I could really do anything about this because I didn't believe I had enough control over the antivirus apps. But I recently found out that I do, it's just going to be extremely difficult. So, I'm going to finish up v2.2 and when it's released divert all of my attention on the solution in v2.3.

    But for now, I'll explain the band-aid. I've added the ability to choose whether or not you want to remove found infections. Also, I've added a new advanced option for scanners called "Max." This option will never be checked by AVERT and will only be so, by the user. If this is checked, the scanners that can, will scan for infections in boot sectors, NTFS, and ADS streams. If a false positive is found in these areas, it could cause irreparable damage. So as long as this option isn't checked, those areas won't be scanned. If a false positive is found in, say an Adobe file, and that adobe file is removed, the app may no longer work. But, the PC still does. So this path is the lesser of two evils. Along with those options, scanners will not run heuristics scans unless Max is chosen. If you're unfamiliar with heuristics, it's basically a feature of most AV apps that allow it to find viruses that aren't in its database. That engine has proven to have found a lot of new viruses, but is extremely prone to false positives. Turning this feature off by default will lessen the impact of false positives.

    And lastly, each scanner AVERT uses can either "Clean" a virus of remove it. Cleaning attempts to basically disinfect the virus from a good file so if a false positive is found, that file won't be destroyed. On the custom scanner's page, there's another column that's labeled "Clean/Remove." You can choose which scanners you want to run based on that and AVERT will run the cleaning scanners before the removals scanners, so that the removal scanners won't go and cause a bunch of problems; false positive or not.

    So, that's all I'm going to type up for now. It's been quite lengthly as it is. Please let me know if you have any questions or suggestions. I haven't explained everything in every picture, so if you have any questions about those items, let me know.

    If everything goes well, AVERT v2.2 should be done and released by the end of this month.

    Thanks
     
  2. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Is there going to be an option to scan custom folders?
     
  3. weirddemon

    weirddemon Registered Member

    Joined:
    Oct 3, 2010
    Posts:
    127
    Um... that isn't currently in the works and I don't believe it's been asked about before. Do you think it's a needed function? I don't think it would be too hard to implement if there was enough support for it.
     
  4. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    All other scanners have that function.
     
  5. weirddemon

    weirddemon Registered Member

    Joined:
    Oct 3, 2010
    Posts:
    127
    Are you familiar with AVERT? It's not an antivirus scanner. It's an emergency tool that allows the user to scan their PC with multiple AVs apps at once. Usually, there's no need to scan a custom directory. All of the scanners that AVERT uses has that functionality, but it's not being utilized through AVERT at the moment.
     
    Last edited: Jan 2, 2011
  6. Pedersen

    Pedersen Registered Member

    Joined:
    May 4, 2010
    Posts:
    234
    Well I could use a custom scan option to scan only certain folders. Would help me a lot as malware researcher.
     
  7. weirddemon

    weirddemon Registered Member

    Joined:
    Oct 3, 2010
    Posts:
    127
    I can definitely make it happen and I probably will. I'm not sure if it will be apart of this release though. It depends if I have enough time towards the end. If not, I can definitely make sure it's in there with v2.3.
     
  8. syk69

    syk69 Registered Member

    Joined:
    Feb 7, 2010
    Posts:
    183
    I'd also like that feature added. Would be very helpful when you know where to scan and would take less time.
     
  9. Boyfriend

    Boyfriend Registered Member

    Joined:
    Jun 7, 2010
    Posts:
    1,070
    Location:
    Pakistan
    Please add custom scan options in AVERT. It will be highly useful feature for infected + non-infected systems, e.g., for scanning suspicious downloads, although major use still would be disinfection of highly infected system via multiple AV engines scanning.
     
  10. weirddemon

    weirddemon Registered Member

    Joined:
    Oct 3, 2010
    Posts:
    127
    What do you mean? AVERT does have custom scanning options. It has since it's first release. Did you take a look at this image?

    Or do you mean in relation to a specific directory, like what the others are referring to? If so, then yes, I'll add it in.
     
  11. Boyfriend

    Boyfriend Registered Member

    Joined:
    Jun 7, 2010
    Posts:
    1,070
    Location:
    Pakistan
    Hi weirddemon,

    I am referring to specific file/directory scan (on-demand scan). I hope we will be able to integrate it in multiple softwares via command line like in WinRAR for archive scan, in download manager for completed downloads scan, right click directory/file scan, etc. It will be highly effective against ever-increasing threats.
     
  12. weirddemon

    weirddemon Registered Member

    Joined:
    Oct 3, 2010
    Posts:
    127
    AVERT is an emergency on-demand tool. It works but utilizing multiple AV apps and most of the scanners support archives, so that won't be an issue. I can make it to where you can choose between scanning a single directory instead of every drive, but I'm not too sure about the other requests.

    If there's enough interest, I can make a right click option. That definitely sounds intriguing.
     
  13. Boyfriend

    Boyfriend Registered Member

    Joined:
    Jun 7, 2010
    Posts:
    1,070
    Location:
    Pakistan
    Making a right-click scan option will be highly appreciated if you do not want to provide other options in the AVERT. I have used it previously and it is very effective tool as promised. That is why I have requested to provide simple command line for multipurpose integration.
     
  14. weirddemon

    weirddemon Registered Member

    Joined:
    Oct 3, 2010
    Posts:
    127
    Making a right click option shouldn't be too difficult, but it won't be a high priority.

    What do you mean by "That is why I have requested to provide simple command line for multipurpose integration."?
     
  15. Boyfriend

    Boyfriend Registered Member

    Joined:
    Jun 7, 2010
    Posts:
    1,070
    Location:
    Pakistan
    Simple command line means command like:

    Scan <target folder> /recursive /clean /report result.txt

    and AVERT scan that folder using all its engine and report its result via txt/notepad file.
     
  16. weirddemon

    weirddemon Registered Member

    Joined:
    Oct 3, 2010
    Posts:
    127
    You'll have the option to determine if you want a specific directory, but that's all. AVERT handles the command line options. If you look at the images, you'll notice there are check boxes for removing infections and updating signatures.

    There are also radio buttons for the type of scan you want to commit for each scanner: Max, Thorough, Blended, and Minimal. Each option determines which parameters to run based on extensive testing.

    In order to make the app user friendly and easy to use by all, I decide what command line options to use via those radio buttons, but the user has the choice whether to update the signatures or remove the viruses.

    Also, in v2.2, you'll have access to the individual logs for each scanner.
     
  17. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    Awesome! This means if a scanners rootkit engine does not initialize it may be visible in the report that it had trouble loading, cool.

    Can't wait to give it a test drive.

    Now if it would only avoid looking like Microsoft security products (MSE, WinDefender) it would be heavenly. :D
     
  18. weirddemon

    weirddemon Registered Member

    Joined:
    Oct 3, 2010
    Posts:
    127
  19. markedmanner

    markedmanner Registered Member

    Joined:
    Nov 1, 2009
    Posts:
    134
    First off have loved AVERT have used it several times of friends computers. Just any idea though... dont know if could work but is there a way you could add a feature that would download RKILL and execute if it is needed. The reason I say this is there are times that no scanners will run due to the fact that a virus or rogue av will terminate any scanner you try to run. I have found RKill a huge help in these situations because it terminates malware processes so a scanner can be run. You may know all about RKILL if not see here: http://www.bleepingcomputer.com/forums/topic308364.html
     
  20. weirddemon

    weirddemon Registered Member

    Joined:
    Oct 3, 2010
    Posts:
    127
    Yeah. rkill is a great tool and I've been wanting to integrate it within AVERT, but there was something stopping me. I can't remember what now... but I'll look into it again.

    Thanks
     
  21. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    Unfortunately, I don't know that much about Sony software because I try to avoid rootkits. :D
     
  22. weirddemon

    weirddemon Registered Member

    Joined:
    Oct 3, 2010
    Posts:
    127
    That's a cheap shot ;)

    That was a long time ago and it was only to protect DRMs :p

    The UI design actually comes from three main apps. And some of it I improvised on based on the data I needed to present. There are elements from Sony's VAIO Care, GeekSquad's MRI and Piriform's CCleaner.
     
  23. markedmanner

    markedmanner Registered Member

    Joined:
    Nov 1, 2009
    Posts:
    134
    That would great.. that would make AVERT even better. hopefully you have success integrating it.
     
  24. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    Nice to see AVERT back on :D
     
  25. weirddemon

    weirddemon Registered Member

    Joined:
    Oct 3, 2010
    Posts:
    127
    Thanks. I'm super excited to be working on it again. Whenever I'm developing something this large and on my own, over time, I get a little burned out. My little break was a much needed hiatus :D

    I wanted to give you all a little more information about AVERT. I'm not sure exactly how I'm going to do it just yet, but after v2.2, I'm probably going to release a free version of AVERT and a paid version. The paid version won't be expensive. It will be =< 10 USD.

    When I released AVERT, I wanted it to be free, and it certainly will stay free in a capacity, but it would be nice to accumulate some money for my time and effort. I've received some donations, but so far the costs to host AVERT and what not have succeeded the donations. And not only that, but I've spent hundreds of hours into this project and I'll be putting hundreds of more into it.

    Either way, there will always be a free version, so you won't have to pay for it if you don't want to and you'll still be able to donate if you like.

    Thanks again guys and I'll continue to give you updates as they come.
     
Loading...
Thread Status:
Not open for further replies.