USB-AV Free Antivirus

Product Page
-http://www.usb-av.com/usb-av-free.html-

Features

Requirements

Screenshots











Free vs pro

Offline Updates
-http://www.usb-av.com/updates.html-
Send virus
-http://virscan.usb-av.com/-

Haven't try it. GUI looks interesting. Virustotal detects 2/46
SHA256: 32be586db272c8542418ea7f56fd0cf737b2aa38500e9ebac8fb31ff49ea209a
SHA1: ff2b073b7b8c31eabef3ba5fc8c841ccf2d72571
MD5: cbe3ddc2b1afaa1df85679db83943f83

 

What av engine does it use? just saw they are US based..

 

Certainly would like to know more about this. Thanks OP.

 

Not sure about the engine! But the developers might be from Spain (See Facebook Page). So Panda?

 

Thanks for the hint. It's strange though, their website and program gui, as well as all their posts on fb are in english, however most if not all comments are either in spanish or portuguese language..

 

May be they have fans located in there. But go to the downloads page
-http://www.usb-av.com/download.html-
and then switch to the Digital Pills Tab. You will see Spanish language

Update: Also the Free AV is available in Spanish too.

 

I see
Funny, their paid AV-Pro is offered only in english

 

Ah! It works.
Installed it.
1. No digital signature in installer.
2. Clean and fast installation.
3. You can send virus via GUI.
4. It has quarantine, you can manually add files to it. Restore function is available.
5. Can show reports: detection, removable drive history, all events.
6. Starts scanning as soon as removable drive attaches.
7. It can run quick scan of all drives. During scanning sometimes, it becomes non responding.
8. Quarantine is automatic but you can set ask mode.
9. Automatic flash scanning at launch.
10. Offers password protection.
11. Offers vaccination using dummy autorun folder in removable and fixed drive.
12. Can disable autorun.
13. Can show popup notification on events.
14. Has sound alerts too.
15. Offers heuristic analysis so regular update is not necessary.
16. Database update is manual. Has to download package from webpage. Pro version has automatic updates.
17. Excellent GUI.

18. Some interesting settings.

19. Can lock USB connections.
20. Can protect USB write.

I had created a LNK exploit manually and it is able to detect it.


Seems like a good alternative to MCShield except that it do not offer automatic updates.

 

Since from Windows 7 onwards the OS now ignores all executable-related entries in autorun.inf, and since most AV nowadays can detect viruses that spread through USB with much more sophisticated detection algorithm (compared to hash check in this case), I think this one is redundant for newer system and is in the same category of USB Disk Security, USB Drive Antivirus... you name the rest.

It can create a dummy autorun.inf folder in your root directory, but offers no mechanics whatsoever to protect it from being deleted / renamed (you'd be better off with Panda USB Vaccine or Bitdefender USB Immunizer).

It scans as soon as a flash drive is inserted, but won't monitor the drive afterwards too see if a threat is created after the drive has been inserted. So if your system is infected then you're pretty screwed (you put your infected flash drive in, USB Drive Antivirus cleans it, the viruses running in your system then infect the drive again while UDA sits there and does nothing, you remove your drive without knowing that it is still infected).

IMO programs like this is not qualified and should not be marketed as an antivirus, maybe some supplementary tool but definitely not an antivirus. Some users may install it thinking they're being protected by a full-featured antivirus while in fact they are not.

 

You are right !

It has a feature that allows you to make usb drives write-protected.

 

That might works if I don't need to copy anything into my drives

I beileve using Panda / Bitdefender to immunize your drive, renaming the extension or zipping all executables files (or putting them inside an iso, since Windows 8 now allows mounting iso images) will makes your flash drives virus-proof in most cases.

 

Not sure if this Free version also scan for threats in real-time. MCShield does.

Good point, but think about an average joe. It may not be of much use to use, security aware guys but could be useful to your parents or other less tech savvy persons.
While Panda / Bitdefender immunization is a great tactics to prevent autorun malware, those do not prevent malware payloads coming from an infected PC. In fact in some highly infected PCs, I even found immunization not working at all. In those cases, such tools like MCShield or this (may be) are able to hunt malwares.

 

Since McShield is free and has realtime protection while USB-AV Free does not how would USB-AV Free be a good alternative?

 

Yeah, their immunization only prevents autorun.inf from being created, not the actual infected executables so they're pretty useless in those cases.

At least for older systems the viruses won't run automatically on flash drives insertion nor trick users with confusing action in the AutoPlay prompts. Remember Conficker? I regain my confidence in double-clicking my USB drive on older systems thanks to Panda / BitDefender immuziner

The funny thing is MCShield states on their homepage that they considers USB antiviruses in general "worthless and overpriced", which is why they created MCShield in the first place. And while MCShield offers real-time protection, they only refers to it with humble terms like "tool" or "lightweight scanner", not an actual antivirus.

 

Hi quanzi_1507,
What the real-time protection of such 'tool's supposed to do?

 

Nope, not as far as I know.

 

Just done a quick test with MCShield2, looks like it doesn't have real-time protection either (I think it does since Victek123 said so ). It offers a startup scan (when the program first runs) and an on-flash-drive-insertion scan. I try to create something malicious (blank autorun.inf file, empty RECYCLER folder, system.exe which is a renamed blank text file) but it won't detect them until the drive is plugged out and plugged in again.

IMO it could just do the same scan on the drive right after the user clicks the safely remove icon in systray. Maybe delay the drive removal process a bit until the drive is cleaned up.

I used to do a little project about viruses that exploit autorun.inf too, then realized that it would be useless on newer system anyway. Besides there are many better alternatives (like Panda / Bitdefender immunizer and MCShield) already.

Some old screenshots if you are interested

 

Good point. Perhaps a better description would be "automatic" protection instead of "real time"? I feel the main thing is if you have to use something manually each time to make sure your USB drives are clean sooner or later you'll forget. More generally I'm not sure why these dedicated usb apps are needed since current AVs automatically scan flash drives upon insertion.

 

"Automatic" sure is the right word there

They were pretty useful back in 2006-2007 (XP-Vista era) when autorun.inf exploits wasn't that wisepread. Antiviruses back then could detect and delete the infected executables just fine, but always left behind the autorun.inf file, thus rendering users unable to double-click the drive (since the executables the autorun.inf file points to doesn't exist anymore an error message will shows up). Non tech-savvy people would think that their antivirus couldn't get the job done and that they were still infected, so they tended to turn to such apps to get rid of the symptoms

 

to whom it may concern

Hello for every one, I belong to the usb-av antivirus team and we will be glad to answer any cuestions you may have, just to clear the doubts we are in USA, thanks for your attention

cordially usb-av team

 

Re: to whom it may concern

==>

.....

 

From USB-AV Team

USB-AV antivirus engine is designed by us on LUA,written from scratch, for detecting Trojans, viruses, malware and other malicious threats. It provides a high performance mutli-threaded scanning daemon, command line utilities for on demand file scanning, and an intelligent tool for automatic signature updates. The core USB-AV library provides numerous file format detection mechanisms, file unpacking support, archive support, and multiple signature languages for detecting threats. Hope we have clarified your doubts, USB-AV Team

 

the new version detects the virus shuts down processes, and removes it from the system and the registry, but it not substitute the funtions of an antivirus because this is for usb, this software is made to coexist with a complete antivirus like avast or kaspersky

currently being tested the new version q has a wide range of security mechanisms aimed at the protection and decontamination of the operating system, and some elements of protection in real time, all while maintaining its essence as antivirus for USB.

 

Well hope you guys do well with the new version.

As for me USV-AV left its context-menu entry for drives after uninstallation, had to search for leftovers in registry to get rid of it.

 

You are right about that, in the new version all this have been fixed, we recommend you to wait for the new version and try it. We preciate for your comments and sugestions, you can subscribe to our facebook page www.usb-av.com/usbav and recieve updates about the new release, but we will post here when the new one comes out