If you are looking for a program to protect your system from various threats nowadays, you'll have to pay attention so that its features include shielding from malware on external hardware devices. Of course, the most common ones that fit for an easy spread of nasties on unprotected systems are the USB drives. They can be the perfect host for a piece of malware, due to their portability and hence the high chances of being connected to more than one system.
Their autorun file is generally the one sheltering the command to release the threat on the computer, as it becomes active the moment you plug it into the computer (of course, "autorun" has to be enabled at the other end, and it usually is). But, even with customizing Windows to contain itself from responding automatically to hardware stimuli, there are still chances for the infection to spread.
USB Threat Defender has been built to give you confidence in hooking a removable device to your system and thus benefit from the portability of data and quick access to your information from any computer. Its purpose is to prevent any harm from passing from a removable device to your system and, at the same time, bring to your attention the suspicious files that may affect your privacy. The application grounds its security on its Proactive Technology and a definition-based scan.
To fully benefit from all its resources, you have to shell out $39.95, a one-time fee that includes updates for life. For testing purposes, there is a trial version available for no more than 30 days which comes with some nasty limitations: you cannot eliminate the threats from the system and not even the name of the piece of malware is shown (in some cases you get the name of the infected file).
USB Threat Defender provides an uncomplicated interface that features almost the same set of buttons arranged both vertically and horizontally. The Main Info (or Home) shares with you details on the current status of the application shield, the version number of the program, as well as the definition database. This is the place to learn the total amount of threats rejected by the application, proceed to eliminating them, or simply start scanning the system and any of the connected removable storage devices.
For real-time monitoring, you have to move to the Threat Shield tab. The application is on constant alert for threats trying to make it to your computer via a removable device and all those detected will be displayed here. After analyzing them, which is not possible with the demo version, as you are not given neither the name of the infection nor that of the file affected, you can direct the app to start disinfecting (again, a procedure restricted to the registered users).
The threat shield proved it lacked the experience and maturity necessary to make the difference between a perfectly healthy file, like a newly created BMP image or Wubi, the Ubuntu installer for Windows. Both the image file and the installer were marked as suspicious by USB Threat Defender. Also, we noticed that, as soon as the autorun.inf
file was deleted from the removable device, the application failed to report any threats, although the USB key used in the tests was crawling with latent keyloggers and rootkits that were waiting but a click away to start a monster leakage of information.
The Threat Scan tab shows all the suspicious files detected as a result of the scan. The options here are to start a new scan (OS memory, local drives, removable drives, or all three locations) and heal the selected items. The more interesting part of the application is found under the Heal System menu, a location where you get to recover the computer's functionality prior to malware attacks. Thus, the set of options present claims to revert the damage as a result of various types of infections that can render the OS ineffective to deploy WinLogon, install an antivirus piece of software, update itself, view or access installed drives, launch Task Manager/Registry Editor, etc. These healing powers are also reserved to the paying customers and are not available to the large audience via the demo version of the software.
Setting up USB Threat Defender, just like the entire handling of the application, requires little to no effort from the user. The options here permit configuring the app to start with Windows, enable alerting the user on threat detection, as well as decide how the menaces should be treated: quarantine or destroy them on the spot. Mind that quarantining allows restoring the threats to their original location and can function as a safety net.
USB Threat Defender is at the beginning of the road and does not feature the necessary tools to properly analyze all the data. Faced with real threats, it fails to detect them and focuses on what is launched via the autorun file of the removable device. However prompt in action it may be, it would be nice if all the suspicious files were sent directly to quarantine or at least prevented from being executed on the system until the user would decide otherwise.
For the time being, considering the potential of the application, it is a promising piece of software. But, considering the price, the limitations and the fact that, during our testing, it could not prevent the running of a suspicious file in any way and only alerted us of such a presence on the USB drive, the price is way too high (despite the incentive one-time pay offer).The Good
USB Threat Defender is easy to install and can be handled with no difficulty by any sort of user. It can scan both local drives, as well as removable media.
The Heal System tab shelters the appealing promises of restoring the system to its functionality prior to the damage caused by an infection. The options are varied and generally consist of making the main functions of the system work again.The Bad
It picked up as suspicious every file we set to be run automatically in an autorun.inf
file. Despite the fact that the removable drive also contained a generous set of rootkits and keyloggers, they were not interpreted as suspicious.
The only way it protected us from the data marked as suspicious was by popping up an alert. Once we clicked to run the file, everything worked without any problem.The Truth
USB Threat Defender is not yet ready for the $39.95 price or the plethora of pieces of malware that can infect computer systems directly from a removable drive, when inserted. Currently, it is at version 1.0 and looks like a promising project. At the moment, it is capable of alerting the user of executables being launched via autorun.inf
and it's a good start.
As more features are being added, you can use the demo version just for the alerts.Here are some snapshots of the application in action: