Now What ?

And not to knock ewido, because I think that it's an excellent product. But it is more of an all-encompassing anti-malware, rather than a dedicated "anti-trojan" type software only. When I used the ewido trial version, it found and deleted about half a dozen cookies. That was all that it found on my machine, but apparently it was looking for them to remove them. TrojanHunter does not have signatures for cookies in their database and focuses on trojans and more serious forms of malware, and that may be another reason that there is such a disparity in the number of "signatures"......

 

http://www.remove-trojan.com/

 

actually I didn't think too highly of ewido (because it only seemed to find cookies for a long time) until recently when it managed to find some morphine encrypted stuff that my wife downloaded. may be a false positive but I am glad that it notified me. btw, am apaid user or ee-wee-do.

 

Hi JayTee,

As I mentioned earlier, Ewido (or BOClean) has never been tested on my machine (other than some minor malware) because KAV is so comprehensive and powerful. However, I have used it to clean machines of my friends, and I can assure you that Ewido is very powerful in its own right. The machines I cleaned had full, up-to-date versions of very popular AVs. Ewido caught a whole mess of trojans, spyware and keyloggers that were on the machines, but missed by these popular AVs. I was extremely pleased by the thoroughness of Ewido.

Hope this helps,
Rich

 

Hi Richf,

Indeed, I would have liked to see whether KAV would detect it. (Am running a trial of NOD. Feels good). Too bad its on my laptop and I was too lazy to move the detected malware there to test it out.

 

Hi JayTee,

In the above described events, I used TDS-3, Ewido, and KAV to clean out the machines - most throughly (as well as some utilities to help verify). KAV actually caught some things that Ewido's on-demand missed. Specifically, the real-time component of KAV, picked up some malware remnants (I think they were inactive, but cannot be sure) that were sitting in NTFS ADS. TDS-3 verified the findings. There is no doubt in my mind, that the above mentioned products are excellent in their capabilities.

Hope this helps,
Rich

 

Well TBH, TDS-3 had been relegated to a weekly scan since I moved to KAV mainly out of habit and familiarity and it really hasn't seemed that necessary. I have installed ewido as an alternative On-demand scanner but I think the need for a dedicated AT has gone.

I bought TDS-3 when I was running NAV 2002 and the only competition was BOClean and The Cleaner and at that time AV's hardly detected any trojans. Three years later and KAV catches a fair number of Trojans with its signatures, NOD32 can detect a fair few with its advanced heuristics setting and even NAV has improved its Trojan detection rate.

Fortunately in all the time I have had TDS-3 it has not really had to detect much other than a couple of harmless ADS streams and riskware in the creative drivers but its detailed Process Space scan gave me a sense of security at times and I have read a few things indicating that Ewido's memory scanner is actually better.

I'm sorry to see it go. Its a bit like the old neighbour who is always around for a quick hello and it is a bit sad when they are no longer there.

Morpheus

 

Life goes on, TDS3 is still a very useful program. The utilities in it still work fine. After some refelection as far as i recall my AV ( NOD32 ) has caught all the trojans i've received in email in the past year i'd say, before TDS3. I'm currently checking out A2 and Ewido, I will likely check out Trojan Hunter too. With the way AV's are getting so good at catching trojans i'm not so sure that i need a dedicated AT program anymore. I do think though that there is a good chance i will eventually purchase something along those lines just because i'd rather have ( at least ) a second layer of defense "just in case"



Mike

 

BOClean works fine for me.

 

A wise move. BoClean has done good for me too. Do not rely on AV alone not yet. If you have no choice due to tight funds. And must rely on AV for trojans. I would go with KAV and use one of the free AT scanners.

 

I use Kav (lite) as my av/at and feel safe as and obviously nod is working well for you .
If the risks are from mail perhaps its more that area you might be looking into.
. however I use a specific mail program that completely rewrites all email so as to make it totally safe. Many feel that av covers them with mail or their isp av does the job , but thats not the case at all , or at least its only part of the protection as most are relying on how efficient there sigs are or when their last update was. But looking back over the last few years nearly every av/ at failed to protect the majority of the millions who were hit with the worms etc in that critical few hours that devastated pc s around the globe.( While many were seeking that obscure trojan/ virus) the worms over a year or so effortlessly drifted through . I believe Its still true that 90% of infection comes through the mail in some form or another.
I use "Benign" as its seemingly a life time license for the price of a yearly av license , which completely makes email safe. This includes removing all the crud that av/at miss which now adays form a big part in keeping ones system clean.

 

I would like to be able to run ewido, but it slows my system down too much. In particular, scanning of applications when launched, by ewidoguard.

For more info....

https://www.wilderssecurity.com/showpost.php?p=501417&postcount=227

The author of ewido has prmised to look into this problem, with a fix maybe making it into version 3.6, but until it gets addressed it just slows my system down too much.

I am currently running a-squared, which although the scanner is not supposed to be very good, the IDS is on the other hand very good.

 

Thank you TopperID for your answer. Sorry if I didn't reply before.

I did download Ewido and installed it on my PC and I have to say I am pretty
happy with it so far. No conflicts whatever with NOD32, Counterspy, PG Wormguard and LNS.

It is using 18,530 and 1992 k of memory. So far I don't miss TDS too much.

 

Better late than never

Glad to hear it's working O.K.

 

Is my memory faulty or did Ewido used to be free for home/personal use? I was sure that it was but, when I checked yesterday, there is only a demo version, not a free one now.

patermann

 

You download the trial version and if you do not buy a licence, after 14 days (I think!), it will convert itself into the free version which has less functionality.

You can see the basic features, together with the additional features of the Plus Version, here:- http://www.ewido.net/en/features/

 

Many thanks for that. I have now found that it says that on the download page but I did not see it because I already had a copy on CD (*) and did not think to check the download page!

(*) If anyone is interested, I was trying to clean up a friend's PC that was infested with spyware. To do this, I have a toolkit of anti-spyware applications which I keep up-to-date with the latest definitions/updates etc. Every so often, I burn them onto CD so that I have known good versions of each and can disconnect the infected PC from the Internet whilst I do the initial clean-up. Also, some spyware (like that on the PC I was cleaning) prevents anti-spyware programs from downloading / updating anyway. One of the programs in my toolkit is Ewido. (I cannot run it myself because my PC at home runs Windows 98SE.)

Thanks again,
patermann

 

I cannot believe how crass that last post was - what was I thinking? Some of the foremost experts on the planet inhabit these forums and I am trying to tell people how to make an anti-spyware toolkit on CD as if no-one had thought of it before. Sheesh!

Just ignore me and maybe I'll go away. Oh, you already are - ok....

 

It`s also inhabited by lots of amatures that will appreciate your instuctions.

 

LOL, indeed, no reason to feel bad.. it's always interesting to hear what people put in their toolkits, too

I also use Ewido, and am quite content with it. It's got a great database and covers more than just trojans, which I find to be a perfect fit for what it does.

 

Hi all,

I usually put the following programs on a CD for cleaning purposes:

1) KAV trial (primary cleaning)
2) Ewido (confirmation)
3) HijackThis
4) FileMon
5) Port Explorer trial
6) TDS-3 (no longer)
7) CCleaner
8 ) Regseeker
9) Process Explorer
10) Security Task Manager
11) Adaware
12) Spybot
13) ProcessGuard for after cleaning installation
14) RootkitRevealer
15) UnHackMe

Usually this does the trick.

Cya,
Rich

 

Ewido?

 

2.53GHZ P4, 2 80 gig hard drives, 512 megs Ram

Ewido

Memory use / Virtual memory

ewidogurd.exe 22,356 / 19,676
SecuritySuite.exe 18,064 / 25,580
ewidoctrl.exe 836 / 912

Scan Time
45 minutes 490,837 objects examined


A2

a2scan.exe 17,660/ 14,384
a2start.exe 19,052 / 1208
a2guard.exe 35,884 / 17,808

Scan Time

46 minutes 197,842 objects examined

I realize that we are not comparing Red Delicious Apples to Red Delicious Apples here. Maybe comparing Granny Smiths to Winesaps. They both seemed to slow my machine down by about the same amount. Being that i usually start a full scan when i go to bed i do not consider this to be too important.
Ewido found a win32Heuristic dialer that nothing else did ( false positive ? )
both programs were set up with the most paranoid seetings available ( i'd rather get a false positive and investigate than miss something )
I'm not even sure that the discrepancy in "objects examined" is that important, how are they counted ? Does Ewido look at things that do not need looking at, or is A2 just going past things it should be looking at ? Not sure this will help anyone, i'm just trying to decide how to go right now while waiting to see what DCS comes out with.


Mike

 

Hi Mike, good thinkin'! that I am wondering too...but I've received my answer a week ago you should have too received that...

anyway .. cannot be compared .. if they would be to be compared: hence the answer you should have received if you were following the topics

sorry...nothing personal.

Take care

Inf.

 

Hi Inf.,

guess they were not following it

take care..