Author Topic: USB  (Read 13061 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33519
  • malware fighter
Re: USB
« Reply #15 on: November 05, 2009, 10:00:06 PM »
Hi George Yves,

I do not know whether it will function on Vista, but on XP SP3 runs like a charm,
Threatfire alerted but I allowed it, Immunet Protect did not alert a thing on installing and downlaoding, nor did a scan with MBAM, SAS, and RUBotted, ThreatExpert Memory Scan, ESET Sys Inspector, a-squared-free did not flag it, scans are fast, pendrives with their own logo's now sit protected.
I will test it a bit longer, seems to run fine next to avast and Immunet Protect and ThreatFire (no further alerts), and for the updater I get 2 heuristic flags: http://www.virustotal.com/nl/analisis/ccb02889d246641a68435019229bc97d771ce3b0dab91e92963fd43b4f5c04cd-1257455211

polonus
« Last Edit: November 05, 2009, 10:10:09 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline mkis

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1618
Re: USB
« Reply #16 on: November 05, 2009, 10:06:52 PM »
cross posted with Pol but I have posted anyway - program must be okay if Immunet Protect passes it.


I now have mxone installed on my computer and giving it a test run because I am looking for a program like this with a simple, clear, straightforward user interface that is easy for the average user to work with.

I had problems with download and install and have also ended up with Mex or spanish version, which may be only one available to me even though url was definitely reading /en  on route to download page (/en indicates english, thats right isn't it). I had to edit my hosts file to prevent the download being blocked (just checked now, still edited but will prob return deleted entry with next auto update of hosts file - so see how mxone updates run then).

Haven't had time to translate spanish UI as yet so first run through I was going a bit blind but looks at moment like I'm only with 'on demand' setting (or version). I'm a bit too busy to do much right now but look to translate UI tonight. Had intended to have someone test this for me but under circumstances will have to do this myself, so program now on my most used PC. That okay - have USB in and out of here all time.

May look to download / install Panda USB vaccine to another computer to test run there.
http://www.pandasecurity.com/homeusers/downloads/usbvaccine/

Also will prepare a more comprehensive test run with some USB devices for USBNoRisk when have spare time.
Avast7 Free, MBAM (on demand), MVPS Hosts

Intel DG41TY, Windows 7 Ultimate, IE9, Google Chrome, 4 GB ram, Secunia PSI, ccleaner, Foxit Reader, Faststone Image viewer, MWSnap.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33519
  • malware fighter
Re: USB
« Reply #17 on: November 05, 2009, 10:18:28 PM »
Hi mkis,

The interface is also in English, you can install various languages, I like this program, let us test if it can be recommended to be used next to your resident av solution of choice. This is how it sits there on the pendrive,
see picture,

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline mkis

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1618
Re: USB
« Reply #18 on: November 05, 2009, 10:34:56 PM »
Hi mkis,

The interface is also in English, you can install various languages, I like this program, let us test if it can be recommended to be used next to your resident av solution of choice. This is how it sits there on the pendrive,
see picture,

pol

Yes, exactly. Your install looks good.

bit rushed at the moment (10.30am) but more time later today. will reply post
Avast7 Free, MBAM (on demand), MVPS Hosts

Intel DG41TY, Windows 7 Ultimate, IE9, Google Chrome, 4 GB ram, Secunia PSI, ccleaner, Foxit Reader, Faststone Image viewer, MWSnap.

YoKenny

  • Guest
Re: USB
« Reply #19 on: November 05, 2009, 11:23:44 PM »
Hi malware fighters,

I did install mxone Guardian with realtime usb protection. Updater works fine, scans swiftly, a real asset.
Report more here about this Mexican security solution for peripherals...

See it sitting there...
Malwarebytes' Anti-Malware IP protection blocks download from mxone.net/en/ 174.132.148.58
http://hosts-file.net/default.asp?s=174.132.148.58

I disabled IP protection but I could not find a download link that worked.

It looks like IOBit 360 to me. 

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33519
  • malware fighter
Re: USB
« Reply #20 on: November 05, 2009, 11:35:34 PM »
Hi YoKenny,

They have delisted it: http://www.malwarebytes.org/forums/lofiversion/index.php/t17106.html

There is still a issue with uninstalling: http://ldc.mx/foro/index.php/topic,1649.msg8178/topicseen.html#new
There is uninstall program in the main program in Program files, there is an uninstall configuration settings file

But it definitely isn't a rogue or fake av - small platform but genuine....

polonus
« Last Edit: November 05, 2009, 11:40:45 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline mkis

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1618
Re: USB
« Reply #21 on: November 06, 2009, 12:19:14 AM »
below is return I received when hosts blocks access --

Blocked: ldcmx.info

Edit - yes and install problem (here) - seems issues are being attended to
« Last Edit: November 06, 2009, 01:55:51 AM by mkis »
Avast7 Free, MBAM (on demand), MVPS Hosts

Intel DG41TY, Windows 7 Ultimate, IE9, Google Chrome, 4 GB ram, Secunia PSI, ccleaner, Foxit Reader, Faststone Image viewer, MWSnap.

Offline George Yves

  • Avast Überevangelist
  • Massive Poster
  • *****
  • Posts: 4102
  • Help you I can
Re: USB
« Reply #22 on: November 06, 2009, 11:06:44 AM »
I'll continue to use Net Studio USB FireWall 1.1.3.
May the FOSS be with you!

Offline mkis

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1618
Re: USB
« Reply #23 on: November 07, 2009, 04:47:11 AM »
I am still translating docs from my mxone interface and enjoying it. Rarely ever do I spend this much time reading documentation on any program. Certainly interesting. I'm using the Bing translator. I tried using the IE8 browser to download mxone but still got the spanish page download despite being routed through a different track. I think because I am in the southern hemisphere I may be getting routed to servers that cater to South America (but I'm only guessing this). Theres only Firefox left to try now. Unfortunately I havent got that computer hooked up at the moment as I've been building a new computer. I'll try Fx later on. The new computer is built on Asrock PI65g mainboard. Always had a lot of time for this board and now I've found a home for it. I thought that since its newly set up - standard XP w/ SP3, Chrome. IE8, avast, and host protection -  I might as well give USBNoRisk a run. Here are the devices that I will plug in. I have a USB wireless modem plugged in but this should not be scanned as a rule.

F: drive -. USB Flash storage disk that I use for daily usage, for example transferring from one computer to the next or plugging into other people's computers or cyber share systems ot libraries, etc

G: drive - Flash disk MP3 player

H: drive - Samsung mobile phone

Canon  powershot camera was not scanned. although the device uses a USB slot and is picked up by the XP operating system it seems oblivious to an okay by USB host controller. I have no idea why this is so. Just runs through anyway. Also some image viewers like Faststone dont pick up Powershot either, so files need first be copied to the computer memory for viewing and editing.

Anyway here is the text file for the USBNoRisk scan.

USBNoRisk 2.5 (26 July 2009) by bobby

Started at 11/8/2009 4:25:56 AM

Searching for connected USB Mass storage...
----------------------------------------
F:  {b4997eb7-3e94-11dc-9b9b-0019666fe8e0}
G:  {c234fc7a-cb72-11de-8bec-0019666fe8e0}
H:  {c234fc7f-cb72-11de-8bec-0019666fe8e0}
========================================

Searching for other storage...
----------------------------------------
C:  {9bdd6e56-3ef9-11dc-a58c-806d6172696f}
========================================

Scanning removable storage...
----------------------------------------

No blocked files found on F:
No Autorun.inf files found on F:
Sanitized mountpoint for b4997eb7-3e94-11dc-9b9b-0019666fe8e0
No Desktop.ini files found on F:
No mimics found on drive F:
----------------------------------------

No blocked files found on G:
No Autorun.inf files found on G:
Sanitized mountpoint for c234fc7a-cb72-11de-8bec-0019666fe8e0
No Desktop.ini files found on G:
No mimics found on drive G:
----------------------------------------

No blocked files found on H:
No Autorun.inf files found on H:
Sanitized mountpoint for c234fc7f-cb72-11de-8bec-0019666fe8e0
No Desktop.ini files found on H:
No mimics found on drive H:
----------------------------------------


Scanning fixed storage...
----------------------------------------

No blocked files found on C:
No Autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for 9bdd6e56-3ef9-11dc-a58c-806d6172696f
No Desktop.ini files found on C:
----------------------------------------

========================================
Initial scan finished!
========================================
Avast7 Free, MBAM (on demand), MVPS Hosts

Intel DG41TY, Windows 7 Ultimate, IE9, Google Chrome, 4 GB ram, Secunia PSI, ccleaner, Foxit Reader, Faststone Image viewer, MWSnap.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33519
  • malware fighter
Re: USB
« Reply #24 on: November 10, 2009, 12:32:36 AM »
Hi mkis,

Another mention of Mx One AV 4.0 for USB and removable devices here:
http://www.wilderssecurity.com/showthread.php?t=236298
Funny that it found aklt.exe - leaktest.exe - DUH.vbs, uninstall.exe of Code Browser, StKeys.exe, idserve.exe and MRUBlaster that it wanted to upload for virus screening, apparently all these finds can be qualified if flagged as FP's. On the other hand some of these can be qualified as risktools, it depends who has installed the proggies/tools? But according to me the scan range is too wide or the definition pool is too scarce, either way I have to test further.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Jtaylor83

  • Guest
Re: USB
« Reply #25 on: November 10, 2009, 12:49:11 AM »
I would stay away from this product, although WOT currently has a green rating, hpHosts flags this site for distributing malware.

YoKenny

  • Guest
Re: USB
« Reply #26 on: November 10, 2009, 01:15:30 AM »
I'll stick with Autorun Eater:
http://forum.avast.com/index.php?topic=50498.msg427572#msg427572

Net Studio USB FireWall looks interesting but it is a .rar file and their is no indication of which operating systems it supports nor the Information | Contact works as links.

Offline mkis

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1618
Re: USB
« Reply #27 on: November 10, 2009, 01:35:03 AM »
I'm going to have to leave you to it Pol. One of the images in my mxone has come up as corrupted and wasn't a great download / install anyway. So I will have to jump ship, I'm afraid. Also. I think there has been some changes in the mxone links. I have only had the one USB autorun issue over the past year from what I can recall, but I still believe that this is a very important area of concern. Winter 2008 was an absolute nightmare, and I'm not sure if there is as yet an ideal security utility to cover the use of USB drives.
Avast7 Free, MBAM (on demand), MVPS Hosts

Intel DG41TY, Windows 7 Ultimate, IE9, Google Chrome, 4 GB ram, Secunia PSI, ccleaner, Foxit Reader, Faststone Image viewer, MWSnap.