USB-AV Free Antivirus

Discussion in 'other anti-virus software' started by sg09, Dec 27, 2012.

Thread Status:
Not open for further replies.
  1. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    Product Page
    -http://www.usb-av.com/usb-av-free.html-

    Features
    Requirements
    Screenshots
    usbavFree1.jpg

    usbavFree2.jpg

    usbavFree3.jpg

    usbavFree4.jpg

    usbavFree7.jpg


    Free vs pro
    Offline Updates
    -http://www.usb-av.com/updates.html-
    Send virus
    -http://virscan.usb-av.com/-

    Haven't try it. GUI looks interesting. Virustotal detects 2/46
    SHA256: 32be586db272c8542418ea7f56fd0cf737b2aa38500e9ebac8fb31ff49ea209a
    SHA1: ff2b073b7b8c31eabef3ba5fc8c841ccf2d72571
    MD5: cbe3ddc2b1afaa1df85679db83943f83
     
    Last edited: Dec 27, 2012
  2. Macstorm

    Macstorm Registered Member

    Joined:
    Mar 7, 2005
    Posts:
    2,531
    Location:
    Sneffels volcano
    What av engine does it use? just saw they are US based..
     
  3. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,514
    Location:
    USA - Back in a real State in time for a real Pres
    Certainly would like to know more about this. Thanks OP.
     
  4. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    Not sure about the engine! But the developers might be from Spain (See Facebook Page). So Panda?
     
  5. Macstorm

    Macstorm Registered Member

    Joined:
    Mar 7, 2005
    Posts:
    2,531
    Location:
    Sneffels volcano
    Thanks for the hint. It's strange though, their website and program gui, as well as all their posts on fb are in english, however most if not all comments are either in spanish or portuguese language..
     
  6. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    May be they have fans located in there. But go to the downloads page
    -http://www.usb-av.com/download.html-
    and then switch to the Digital Pills Tab. You will see Spanish language :p

    Update: Also the Free AV is available in Spanish too.
     
    Last edited: Dec 28, 2012
  7. Macstorm

    Macstorm Registered Member

    Joined:
    Mar 7, 2005
    Posts:
    2,531
    Location:
    Sneffels volcano
    I see ;)
    Funny, their paid AV-Pro is offered only in english :D
     
  8. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    Ah! It works.
    Installed it.
    1. No digital signature in installer.
    2. Clean and fast installation.
    3. You can send virus via GUI.
    4. It has quarantine, you can manually add files to it. Restore function is available.
    5. Can show reports: detection, removable drive history, all events.
    6. Starts scanning as soon as removable drive attaches.
    7. It can run quick scan of all drives. During scanning sometimes, it becomes non responding.
    8. Quarantine is automatic but you can set ask mode.
    9. Automatic flash scanning at launch.
    10. Offers password protection.
    11. Offers vaccination using dummy autorun folder in removable and fixed drive.
    12. Can disable autorun.
    13. Can show popup notification on events.
    14. Has sound alerts too.
    15. Offers heuristic analysis so regular update is not necessary.
    16. Database update is manual. Has to download package from webpage. Pro version has automatic updates.
    17. Excellent GUI.
    Virus centre.png
    18. Some interesting settings.
    interesting.png
    19. Can lock USB connections.
    20. Can protect USB write.

    I had created a LNK exploit manually and it is able to detect it.
    working.png

    Seems like a good alternative to MCShield except that it do not offer automatic updates.
     
  9. quanzi_1507

    quanzi_1507 Registered Member

    Joined:
    Feb 18, 2009
    Posts:
    320
    Since from Windows 7 onwards the OS now ignores all executable-related entries in autorun.inf, and since most AV nowadays can detect viruses that spread through USB with much more sophisticated detection algorithm (compared to hash check in this case), I think this one is redundant for newer system and is in the same category of USB Disk Security, USB Drive Antivirus... you name the rest.

    It can create a dummy autorun.inf folder in your root directory, but offers no mechanics whatsoever to protect it from being deleted / renamed (you'd be better off with Panda USB Vaccine or Bitdefender USB Immunizer).

    It scans as soon as a flash drive is inserted, but won't monitor the drive afterwards too see if a threat is created after the drive has been inserted. So if your system is infected then you're pretty screwed (you put your infected flash drive in, USB Drive Antivirus cleans it, the viruses running in your system then infect the drive again while UDA sits there and does nothing, you remove your drive without knowing that it is still infected).

    IMO programs like this is not qualified and should not be marketed as an antivirus, maybe some supplementary tool but definitely not an antivirus. Some users may install it thinking they're being protected by a full-featured antivirus while in fact they are not.
     
  10. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    You are right !
    It has a feature that allows you to make usb drives write-protected.
     
  11. quanzi_1507

    quanzi_1507 Registered Member

    Joined:
    Feb 18, 2009
    Posts:
    320
    That might works if I don't need to copy anything into my drives :D

    I beileve using Panda / Bitdefender to immunize your drive, renaming the extension or zipping all executables files (or putting them inside an iso, since Windows 8 now allows mounting iso images) will makes your flash drives virus-proof in most cases.
     
  12. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    ;)
    Not sure if this Free version also scan for threats in real-time. MCShield does.
    Good point, but think about an average joe. ;) It may not be of much use to use, security aware guys but could be useful to your parents or other less tech savvy persons. :)
    While Panda / Bitdefender immunization is a great tactics to prevent autorun malware, those do not prevent malware payloads coming from an infected PC. In fact in some highly infected PCs, I even found immunization not working at all. In those cases, such tools like MCShield or this (may be) are able to hunt malwares.
    2012-12-28_221618.png
     
  13. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    Since McShield is free and has realtime protection while USB-AV Free does not how would USB-AV Free be a good alternative?
     
  14. quanzi_1507

    quanzi_1507 Registered Member

    Joined:
    Feb 18, 2009
    Posts:
    320
    Yeah, their immunization only prevents autorun.inf from being created, not the actual infected executables so they're pretty useless in those cases.

    At least for older systems the viruses won't run automatically on flash drives insertion nor trick users with confusing action in the AutoPlay prompts. Remember Conficker? I regain my confidence in double-clicking my USB drive on older systems thanks to Panda / BitDefender immuziner :D

    The funny thing is MCShield states on their homepage that they considers USB antiviruses in general "worthless and overpriced", which is why they created MCShield in the first place. And while MCShield offers real-time protection, they only refers to it with humble terms like "tool" or "lightweight scanner", not an actual antivirus.
     
  15. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    Hi quanzi_1507, :)
    What the real-time protection of such 'tool's supposed to do?
     
  16. Cloud

    Cloud Registered Member

    Joined:
    Feb 1, 2011
    Posts:
    1,030
    Location:
    United States
    Nope, not as far as I know. :)
     
  17. quanzi_1507

    quanzi_1507 Registered Member

    Joined:
    Feb 18, 2009
    Posts:
    320
    Just done a quick test with MCShield2, looks like it doesn't have real-time protection either (I think it does since Victek123 said so o_O ). It offers a startup scan (when the program first runs) and an on-flash-drive-insertion scan. I try to create something malicious (blank autorun.inf file, empty RECYCLER folder, system.exe which is a renamed blank text file) but it won't detect them until the drive is plugged out and plugged in again.

    IMO it could just do the same scan on the drive right after the user clicks the safely remove icon in systray. Maybe delay the drive removal process a bit until the drive is cleaned up.

    I used to do a little project about viruses that exploit autorun.inf too, then realized that it would be useless on newer system anyway. Besides there are many better alternatives (like Panda / Bitdefender immunizer and MCShield) already.

    Some old screenshots if you are interested :D
     

    Attached Files:

  18. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    Good point. Perhaps a better description would be "automatic" protection instead of "real time"? I feel the main thing is if you have to use something manually each time to make sure your USB drives are clean sooner or later you'll forget. More generally I'm not sure why these dedicated usb apps are needed since current AVs automatically scan flash drives upon insertion.
     
  19. quanzi_1507

    quanzi_1507 Registered Member

    Joined:
    Feb 18, 2009
    Posts:
    320
    "Automatic" sure is the right word there :thumb:
    They were pretty useful back in 2006-2007 (XP-Vista era) when autorun.inf exploits wasn't that wisepread. Antiviruses back then could detect and delete the infected executables just fine, but always left behind the autorun.inf file, thus rendering users unable to double-click the drive (since the executables the autorun.inf file points to doesn't exist anymore an error message will shows up). Non tech-savvy people would think that their antivirus couldn't get the job done and that they were still infected, so they tended to turn to such apps to get rid of the symptoms :cautious:
     
  20. surfer91

    surfer91 Registered Member

    Joined:
    Jan 31, 2013
    Posts:
    6
    Location:
    Miami, USA
    to whom it may concern

    Hello for every one, I belong to the usb-av antivirus team and we will be glad to answer any cuestions you may have, just to clear the doubts we are in USA, thanks for your attention

    cordially usb-av team
     
  21. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    4,085
    Re: to whom it may concern

    ==>
    .....
     
  22. surfer91

    surfer91 Registered Member

    Joined:
    Jan 31, 2013
    Posts:
    6
    Location:
    Miami, USA
    From USB-AV Team

    USB-AV antivirus engine is designed by us on LUA,written from scratch, for detecting Trojans, viruses, malware and other malicious threats. It provides a high performance mutli-threaded scanning daemon, command line utilities for on demand file scanning, and an intelligent tool for automatic signature updates. The core USB-AV library provides numerous file format detection mechanisms, file unpacking support, archive support, and multiple signature languages for detecting threats. Hope we have clarified your doubts, USB-AV Team
     
  23. surfer91

    surfer91 Registered Member

    Joined:
    Jan 31, 2013
    Posts:
    6
    Location:
    Miami, USA

    the new version detects the virus shuts down processes, and removes it from the system and the registry, but it not substitute the funtions of an antivirus because this is for usb, this software is made to coexist with a complete antivirus like avast or kaspersky

    currently being tested the new version q has a wide range of security mechanisms aimed at the protection and decontamination of the operating system, and some elements of protection in real time, all while maintaining its essence as antivirus for USB.
     
    Last edited: Feb 1, 2013
  24. quanzi_1507

    quanzi_1507 Registered Member

    Joined:
    Feb 18, 2009
    Posts:
    320
    Well hope you guys do well with the new version.

    As for me USV-AV left its context-menu entry for drives after uninstallation, had to search for leftovers in registry to get rid of it.
     
  25. surfer91

    surfer91 Registered Member

    Joined:
    Jan 31, 2013
    Posts:
    6
    Location:
    Miami, USA
    You are right about that, in the new version all this have been fixed, we recommend you to wait for the new version and try it. We preciate for your comments and sugestions, you can subscribe to our facebook page www.usb-av.com/usbav and recieve updates about the new release, but we will post here when the new one comes out
     
Loading...
Thread Status:
Not open for further replies.