Ewido update

I am getting to like Ewido as every minute passes

 

There is a website that contains near 1000 different trojans for download that I use to test detection ability and how the prog responds to threats. I've downloaded about 100 random trojans and Ewido's picked them all up so far. It has nailed 95% of them before I can choose a place to save the trojans when downloading. Upon detection, the alert screen pops up and asks what action to take and there's a checkbox to keep an encrypted backup in quarentine. Is there a way have that checkbox unchecked by default? If I haven't even downloaded the trojan yet, there's no point in filling the quarentine with temp files (or is there?). Also it frequently says that to complete cleaning I need to reboot. What's that about?

Couldn't say it any better...

 

Has anyone noticed any conflicts with Ewido's guard and other AT's resident protection (TDS execution protection, Trojan Hunter's resident guard, BOClean etc)? I know they are mentioned as being compatible in ewido's compatibility list, but I was wondering if this is one of those things where it isnt good to run 2 at the same time (like AV's and software firewalls) or if it is effective in providing any more protection than say the AT's i mentioned.

Some more questions and comments...

Will you be bringing back some of those extra features like eraser and antispy?

Any plans for home licenses like the one used with BOClean or the one offered by DiamondCS' PG/CS?

I also agree that the security bar is rather confusing.

 

Currently running it along with KAV 5.0.142 and Tiny Firewall 6.0.100 with no problems. Also had it on a test machine with F-Prot 3.15 and all was good there. Will probably test with Avast tonight.

 

To everyone from Firefighter!

Just compared Ewido to DrWeb 4.31b and NOD32 2.000.11b upd 1.834 with AH (= beta) against my 568 trojan like malwares and 457 worms, total 1025 nasties.


Ewido

811 [441 trl (345 bkd&trj, 24 exp, 15 tdl, 40 tdp, 17 tjs) + 370 wrm]


DrWeb 4.31b

868 [439 trl (312 bkd&trj, 30 exp, 22 tdl, 59 tdp, 16 tjs) + 429 wrm]


NOD32 2.000.11b upd 1.834 with AH (= beta)

794 [420 trl (308 bkd&trj, 26 exp, 21 tdl, 54 tdp, 11 tjs) + 374 wrm]



where

trl = trojan like malware

bkd&trj = backdoors & trojans

exp = exploits

tdl = trojandownloaders

tdp = trojandroppers

tjs = trojanspy

wrm = I-, IRC-, P2P-, Win32- and mIRC-Worms


Not bad at all with Ewido in trojans compared to DrWeb 4.31b and NOD. Against worms Ewido is even close to NOD with AH.


Best regards,
Firefighter!

 

Excellent question. I was wondering the same thing.

Also, might be a good idea to bring back that feature chart, assuming you were able to implement everything.

 

As soon as all current bugs are fixed we're going to rework the tools and release some new ones which will replace the old tools. Also a feature table will be available shortly but currently hasn't high priority

 

Here's a bug for you fish. Installed and ran Ewido, might have run into a conflict so I disabled File Monitoring, Hijacker Protection and Automatic Updates. Re-ran and decided to uninstall so I could figure out what was going on.

Reinstalled today and those 3 options on status are disabled (actually they say n/a) and cannot be re-enabled.

 

Jup, it's bug and will be fixed with the next setup.

 

I run CWS lastnight and my macine stuck. I needed 2 fresh starts to settle everything. Any connection to Ewido?

 

I have the same problem!

 

Does it look similar to the following error? 4th post from the top of this link..

https://www.wilderssecurity.com/showthread.php?t=42450&page=1

 

Fish, on e additional thing worth adding is whether or not "scan with ewido" is added to the right click context menu.

 

Already on our list

 

hi fish: I am pleased with this new prog. No conflicts whatsoever with all the security on my machine and it found 1 tracking cookie.

 

Yes, this is the same fault. I am well a new member of the club there.

I apologize for my bad English. I use a translation program.

 

No worries. I'm a native English speaker and mine is horrible.

Fish, one other thing I've noticed... since installing, with and without the guard enabled is a 1-2 second hesitation on all operations.

 

With and without enabled? Very interesting!
What are your system specs? What additional software have you got installed?
Which filesystem? Thanks a lot!

 

I work on my problem just in the Rokop forum.
http://www.rokop-security.de/board/index.php?showtopic=4405&st=60

 

There is a new version of ewido. It solves my problem.

 

New Version? Version 2?

It would be a help if the recent program version (and database version ) appeared BOTH on the website and in the main GUI.

How do we know when a new version is available, as opposed to a patch or a 'threat' upgrade?.

At the present time I have database version # 614 and 58022 known threats in database so I presume I am up to-date?

Does the Updater install just definitions or engine upgrades as well?

Eventually, related to the above, it would be nice to see some sort of log-file where we can see what has been updated during a particular update session.

 

Same behavior on 2 comps:

Desktop: P4 @ 3.6G, 1GB RAM, WD Raptors Raid 0, XP Pro SP1 fully patched, ZA Pro 4.5, NOD32

Laptop
P4M 1.8G, 768MZB RAM, 5400RPM 40GB HD, XP Pro SP2 RC2, ZA Pro 4.5, NOD32

Had SpySweeper 3.0 Installed but uninstalled before installing Ewido.

 

Yep, it's gone here too

 

Well whatever it was that was trying to shut ewido down the last update seems to have cured. Since installing the update I haven't received that pop up anymore.

Altho it really would have been nice to know what it was.
I hate it when things fix themselves, they useually turn out to be not fixed at all and come back to bite ya in the butt later.

 

We simply removed the message as it produced too many "false positives".
Unfortunately some programs (like for example CWShredder) want to have kill-access to ALL running applications (don't know why)... Anyway the ewido guard can't be killed so I don't think it's a problem