Ewido 4.0 Features list ?

Discussion in 'ewido anti-spyware beta forum' started by chaos16, May 4, 2006.

Thread Status:
Not open for further replies.
  1. chaos16

    chaos16 Registered Member

    Joined:
    Feb 14, 2005
    Posts:
    1,004
    Could i have a whole list of all the new features that Ewido 4.0 has new?


    like is the scan engine much better?

    like is the realtime protection much much better etc....


    like to have the list thanks :D
     
  2. comma dor dash

    comma dor dash Registered Member

    Joined:
    Jun 5, 2005
    Posts:
    146
    I also asked for such a list (but did not receive a reply). Maybe this is considered a business secret.

    Based on the tests I performed in connection with my recent article on pre-decompression delays I conclude that the operation of the memory scanner has been significantly improved.
     
  3. chaos16

    chaos16 Registered Member

    Joined:
    Feb 14, 2005
    Posts:
    1,004
    thats the only improvment you think they have done in the scan engine? memory scanner :)
     
  4. comma dor dash

    comma dor dash Registered Member

    Joined:
    Jun 5, 2005
    Posts:
    146
    "thats the only improvment you think they have done"

    That's the only one I have noticed so far. But I could imagine that there are even more improvements. Perhaps.

    What I can also tell you (based on a preliminary analysis): the new feature which shall allow users to create rules to ignore threats during a scan and in the resident shield opens a HUGE security hole because malware can effectively exclude itself from being scanned. The same applies, for example, to A2. I will further demonstrate this but will firstly check certain other scanners as well.
     
  5. comma dor dash

    comma dor dash Registered Member

    Joined:
    Jun 5, 2005
    Posts:
    146
    Further tests have shown that:

    1.
    Malware (wrapped into an installer package like CreateInstall) can easily switch off the Ewido Guard before the guard can scan/detect the malware.

    2.
    I was unable to reliably set exclusions via the registry. Sometimes it worked, sometimes not. Maybe this is due to a further internal protection mechanism (if so I wonder why the same mechanism is not used for the guard as well). Maybe this is due to the fact that Ewido 4 is still in an early beta stage. I had some general problems with the exclusion feature after I rebooted the test machine. Anyway, I trust that the developers will read this comment and make sure that nothing goes wrong with the final version.

    3.
    I was able to reliably exclude malware via the registry from the A2 IDS (i.e., malware wrapped into an installer can effectively exclude itself from being detected by the IDS).
     
Thread Status:
Not open for further replies.