ewido online scanner beta

Discussion in 'ewido anti-spyware beta forum' started by peter.ewido, Jul 26, 2005.

Thread Status:
Not open for further replies.
  1. ravin

    ravin Registered Member

    Joined:
    May 2, 2003
    Posts:
    241
    Location:
    South Carolina
    thanks sonya - but what you need to do now is click the process tab then pick on view and check next to pid. this will show the pid# beside the processes. then look for the numbers [340] & [2376]. you really didn't need to post the screenshots and can edit and remove them.

    if those two pid's are in the list after you check on view and pid then yes you are infected with the swizzor.bo trojandownlader.

    it appears from your scan logs that they reside in your documents and settings application folder as you posted please check to see if they are there as well.

    from what I read and understand about this trojandownloader is that when you connect to the internet it downloads certain spyware etc. which would explain the 22 hits you get when connected.

    I believe when can get this outta there for ya. please be patient as I'm trying to verify what your scan log showed. It said that it had quarantined the trojan but could not clean it. I think because it could not close the running processes.

    I hope I'm being clear. let me know what you discover.
     
  2. SonyaM32

    SonyaM32 Registered Member

    Joined:
    Dec 23, 2004
    Posts:
    718
    Nope, there isn't a 340 or 2376. I just leaned something new :D well sorta :D
     
  3. ravin

    ravin Registered Member

    Joined:
    May 2, 2003
    Posts:
    241
    Location:
    South Carolina
    ok. good, and by the way your doing well with my directions:)

    now I need for you to open your ewido and select the quarantine tab and see if the offending file is in there. I believe it was DoesFour?
     
  4. SonyaM32

    SonyaM32 Registered Member

    Joined:
    Dec 23, 2004
    Posts:
    718
    Ok, the only 2 high risk ones I see are the swizzor, and market score. I held my mouse pointer over the swizzor so I could read more of it, and it didn't show the whole entire name, so I didn't see does four, but it is the trojan downloader.
     
  5. ravin

    ravin Registered Member

    Joined:
    May 2, 2003
    Posts:
    241
    Location:
    South Carolina
    great, it did make it to quarantine. you can select it I believe by picking it once and then select remove finally.

    and also i would do a search for the DoesFour.exe file and if found delete it as it was the infected file.

    let me know how it goes from there.
     
  6. dan_maran

    dan_maran Registered Member

    Joined:
    Aug 30, 2004
    Posts:
    1,053
    Location:
    98031
    I don't mean to revive an older thread, but I just tried the online scan with FF and since it has no ActiveX, it offered a minimal version of Ewido, Ewido_Micro, when executed it downloads the latest signature and then offeres up the normal scanning options from Ewido. This is a great little app.

    A question for Fish,
    Is it ok to put Ewido Micro on a USB stick/Bootable CD's(WinPE) for cleaning out infected PC's that have issues, i.e. Malware infestations?
     
  7. peter.ewido

    peter.ewido former ewido team

    Joined:
    Nov 10, 2003
    Posts:
    737
    Location:
    Brno, Czech Republic
    Yes, that's ok :)

    The only problem is that it needs internet access for downloading the signatures...
     
  8. dan_maran

    dan_maran Registered Member

    Joined:
    Aug 30, 2004
    Posts:
    1,053
    Location:
    98031
    Thanks Peter,
    This solves my issues with spyware cleanup from WinPE. Now I can save $400 from purchasing an AVAST BARTCD simply for Malware and "junk files". Thanks alot. :)
     
    Last edited: Dec 17, 2005
  9. Wolfe

    Wolfe Registered Member

    Joined:
    Jan 23, 2005
    Posts:
    160
    Splendid alternative! big thanks for this, ewido :cool:
     
  10. sosaiso

    sosaiso Registered Member

    Joined:
    Nov 12, 2005
    Posts:
    601
    Impressive scanning speed too. :D
     
  11. TouchuvGrey

    TouchuvGrey Registered Member

    Joined:
    Jul 17, 2004
    Posts:
    441
    Location:
    Gold Coast Queensland Australia
    Any plans to make it work with Frefox ? ( i try and avoid opening IE if at all possible )



    Mike
     
  12. peter.ewido

    peter.ewido former ewido team

    Joined:
    Nov 10, 2003
    Posts:
    737
    Location:
    Brno, Czech Republic
    Not at the moment, that's why we have ewido_micro.exe... :)
     
  13. TouchuvGrey

    TouchuvGrey Registered Member

    Joined:
    Jul 17, 2004
    Posts:
    441
    Location:
    Gold Coast Queensland Australia
    awesome tacular, i've downloaded it and am running it now.



    Mike
     
  14. Smokey

    Smokey Registered Member

    Joined:
    Apr 1, 2002
    Posts:
    1,514
    Location:
    Annie's Pub
  15. TouchuvGrey

    TouchuvGrey Registered Member

    Joined:
    Jul 17, 2004
    Posts:
    441
    Location:
    Gold Coast Queensland Australia
    Does Maxathon use the IE Engine ?


    Mike
     
  16. Rainwalker

    Rainwalker Registered Member

    Joined:
    May 18, 2003
    Posts:
    2,567
    Location:
    USA
  17. Dan.........

    Dan......... Guest

    I can't run the scan due to the ActiveX not being installed... Windows will not allow me to install it.. I recieve this error: 'Windows has blocked this software because it can't verify the publisher'. I have XP SP2 installed.. So when it blocks the ActiveX installation, and then I opt to install it, it still won't install, and gives me the above error message :(
     
  18. peter.ewido

    peter.ewido former ewido team

    Joined:
    Nov 10, 2003
    Posts:
    737
    Location:
    Brno, Czech Republic
    Sorry... fixed :)
     
  19. Dan........

    Dan........ Guest

    Thanks man. Works like a charm :)
     
  20. pbbt

    pbbt Registered Member

    Joined:
    Jan 21, 2006
    Posts:
    2
    Downloaded and ran your Anti Malware program V3.5 today to try out. Love it. It was finally able to rid my computer of cpbrkpie.ocx, something that no other program I have has even found. Thanks!:D (Haven't tried the online scanner yet will do so shortly)
     
  21. Greven

    Greven Guest

    Is there a way you can make it use the dat and dll file if they located in the same folder as it?
     
  22. Adric

    Adric Registered Member

    Joined:
    Feb 1, 2006
    Posts:
    1,306
    Yes, that does pose a problem trying to scan from a Windows boot CD (XPE) when there is no internet access available. Any chance of downloading the sigs so they can be later used with ewido_micro.exe on the CD?

    I.e. if no network connection, look for sigs in the ewido_micro.exe directory. Would really be nice for offline scanning. I know .. it's an online scanner :)

    Also, if the ewido_micro.exe were able to the scan system registry files on other partitions, that would be a real plus. As far as I can tell, it only scans the registry of the active partition, which doesn't help much when booting from CD.

    Thanks for listening .. Ciao Al
     
  23. Greven

    Greven Guest

    Using the Mirco scanner offline would be awesome.......
     
  24. dan_maran

    dan_maran Registered Member

    Joined:
    Aug 30, 2004
    Posts:
    1,053
    Location:
    98031
    The only thing I have fidgured out how to do about this is to decrease the download time by manually (With a batch file) copy the program and older signatures from a thumb drive to the directories needed, this is helpful for dialup users.
     
  25. ovidian

    ovidian Registered Member

    Joined:
    Jan 18, 2005
    Posts:
    1
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.