ewido security suite 3.5 beta

Discussion in 'other anti-trojan software' started by quexx88, May 27, 2005.

Thread Status:
Not open for further replies.
  1. quexx88

    quexx88 Registered Member

    Joined:
    Nov 26, 2004
    Posts:
    235
    Location:
    Radnor, Pennsylvania
    Awesome, I knew ewido was a great purchase. Now I'm just waiting on 3.5 ;) :p
     
    Last edited by a moderator: May 29, 2005
  2. peter.ewido

    peter.ewido former ewido team

    Joined:
    Nov 10, 2003
    Posts:
    737
    Location:
    Brno, Czech Republic
    If all goes well... Public beta this weekend :)
     
    Last edited by a moderator: May 29, 2005
  3. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    Great Fish :) :)
     
    Last edited by a moderator: May 29, 2005
  4. blablablabla

    blablablabla Guest

    "If all goes well... Public beta this weekend"

    How about a change log? Are there any significant improvements re signature strength/scan engine/emulation? Has the "secret" sig dumper feature been removed? Can malware still disable the guard by setting a simple registry entry? Will certain filesplitters be "blocked"? How about z0mbie's code pervertor and rebased malware? Does 3.5 feature heuristics?

    Cheers, ntl
     
    Last edited by a moderator: May 29, 2005
  5. peter.ewido

    peter.ewido former ewido team

    Joined:
    Nov 10, 2003
    Posts:
    737
    Location:
    Brno, Czech Republic
    There will be one when the beta is public :)

    Yes...

    Once again... Yes... :)

    The guard will be completely reworked in 3.6...

    We tried several things but haven't found a perfect solution yet...

    Should be no problem anymore :)

    Yes, however not yet tuned to the max as an ignore list is still to be included.
     
    Last edited by a moderator: May 29, 2005
  6. iwod

    iwod Registered Member

    Joined:
    Jun 25, 2004
    Posts:
    708
    My god...........AT competition heating up. Since A square 2 isn't so far away from public beta as well.

    Anyway thx again fish
     
    Last edited by a moderator: May 29, 2005
  7. @fish: Kewl. Looking forward to inspect it ;-)
     
    Last edited by a moderator: May 29, 2005
  8. Vikorr

    Vikorr Registered Member

    Joined:
    May 1, 2005
    Posts:
    662
    they need to , AT's that is. AS's are including more and more trojans in their databases, or so I've noticed.

    Good to see that many improvements are being made :)
     
    Last edited by a moderator: May 29, 2005
  9. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    Any hour to release the beta?
     
    Last edited by a moderator: May 29, 2005
  10. peter.ewido

    peter.ewido former ewido team

    Joined:
    Nov 10, 2003
    Posts:
    737
    Location:
    Brno, Czech Republic
    Last edited by a moderator: May 29, 2005
  11. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,748
    Location:
    The Netherlands
    one screenshot:
     

    Attached Files:

    Last edited by a moderator: May 29, 2005
  12. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    Very nice! Thanks.

    Rich
     
    Last edited by a moderator: May 29, 2005
  13. Florian: See @ ... you know where for preliminary comments re beta bugs.
     
    Last edited by a moderator: May 29, 2005
  14. FORUMBUG

    FORUMBUG Guest

    This is a forum bug. I wrote Peter ... ;-)
     
    Last edited by a moderator: May 29, 2005
  15. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    4,449
    Location:
    North Carolina, USA
    I like it so far. I had three false positives all involving heuristics...

    ---------------------------------------------------------
    ewido security suite - Scan report
    ---------------------------------------------------------

    + Created on: 7:42:22 PM, 05/29/2005
    + Report-Checksum: 182E3CDA

    + Scan result:

    C:\Program Files\abelhadigital.com\HostsMan\hm.exe -> Heuristic.Win32.Backdoor
    C:\Program Files\JetAudio\jetUpdate.exe -> Heuristic.Win32.Dialer
    C:\Program Files\Lavalys\EVEREST Home Edition\everest.bin -> Heuristic.Win32.Backdoor


    ::Report End
     
    Last edited by a moderator: May 29, 2005
  16. peachtreecity

    peachtreecity Registered Member

    Joined:
    Mar 24, 2004
    Posts:
    15
    Location:
    Georgia, USA
    I tried to install the 3.5 beta multiple times and get the following error (see attachment below). I'm running a P4 3.2, XP Home, Nod32, Process Guard (disabled during install), and Safe 'n' Sec (no warnings given). Please advise. Thanks.
     

    Attached Files:

  17. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    4,449
    Location:
    North Carolina, USA
    I had the same problem. I uninstalled version 3 first, rebooted and tried to install version 3.5. I got the same error as you. So I then uninstalled 3.5, rebooted, and then installed version 3 again. I then rebooted and installed version 3.5 on top of version 3.

    It seems, at least in my case, that you have to install version 3.5 on top of version 3 to get it to install. If you do a clean install, you get the error above.

    I do not know if this will help you, but it is what ended up working for me...
     
  18. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    Same here, but I don't use Safe 'n' Sec...
     
  19. se7engreen

    se7engreen Registered Member

    Joined:
    Feb 6, 2004
    Posts:
    369
    Location:
    USA
    I like it very much as well. Heuristics detected the Outpost firewall installation package along with PCFlank's WhoEasy install package as threats. I don't use either anymore, so I let Ewido remove them, but it's something to be aware of. I'm also noticing higher than usual mem useage with ewidoguard, roughly 45 Mb.

    The scanner is insanely fast compared to before, full system scan in around 6 minutes.
     
  20. se7engreen

    se7engreen Registered Member

    Joined:
    Feb 6, 2004
    Posts:
    369
    Location:
    USA
    Same here too. I had already uninstalled v3, rebooted, and installed 3.5 beta. Had that same error but I did not uninstall the beta, just started the prog from my programs list and installed the guard from inside ewido and rebooted.
     
  21. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    The new options are great and it have a great speed improvement :D

    I made a "Complete System Scan" with the default settings and these are the results, with a lot of false positives I think... :(

    Scan report_20050530.txt
     
    Last edited: May 29, 2005
  22. feddup

    feddup Registered Member

    Joined:
    Oct 30, 2004
    Posts:
    160
    Installed over 3.0 without problems. Seems much improved. Found some cookies that were iffy. Much faster!
     
  23. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    Perfect Fish and Ewido Crew...just found out at work...Congratulations.
     
  24. rothko

    rothko Registered Member

    Joined:
    Jan 12, 2005
    Posts:
    579
    Location:
    UK
    looks very nice so far - noticeably quicker scan times.

    seems that heurustics pick up a few false positives though:

    C:\Program Files\Agnitum\Outpost Firewall\outpost.exe -> Heuristic.Win32.AVKiller
    C:\Program Files\Common Files\Agnitum Shared\aupdate\Downloaded Files\outpost_drivers.20050419_1413.zip/outpost.exe -> Heuristic.Win32.AVKiller
    C:\Program Files\GlobalSCAPE\CuteFTP 7 Home\cuteftp.exe -> Heuristic.Win32.Backdoor
    C:\Program Files\MSN Messenger\msnmsgr.exe -> Heuristic.Win32.Backdoor


    but i understand that this is just a beta product at the moment - and i will submit the FPs for analysis (if they want this). I'd rather just run Ewido with signatures and leave heuristics to nod32.

    I'll see how the beta goes, but i can see myself choosing Ewido as my anti-trojan application, as i dont use one at the moment.

    thanks, lee
     
  25. Edwin024

    Edwin024 Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    1,000
    I have loads of false positives too.. Ewido now considers lots of normal programs as heuristic nasties...not good.

    And I do not like the much grown RAM consumption of the guard.

    What a pity.

    EDIT: I have seen something else that shocked me while using Ewido's full scan:

    first the memory use of all programs with a Ewido full scan working:
     

    Attached Files:

    Last edited: May 30, 2005
Thread Status:
Not open for further replies.