Is Ewido reliable at preventing/detecting/removing keyloggers

Discussion in 'ewido anti-spyware forum' started by JRCATES, Sep 2, 2005.

Thread Status:
Not open for further replies.
  1. JRCATES

    JRCATES Registered Member

    Joined:
    Apr 7, 2005
    Posts:
    1,203
    Location:
    USA
    Can anyone testify as to how reliable ewido is at preventing/detecting/removing keyloggers....either with the real-time guard protection enabled, or through scans? I know that they've added some heuristics, but I'm curious how effective they are, and how many signatures ewido has in it's database for keyloggers.
     
    Last edited by a moderator: Sep 2, 2005
  2. chaos16

    chaos16 Registered Member

    Joined:
    Feb 14, 2005
    Posts:
    1,004
    i think thats the malaware that ewido lacks
     
  3. JRCATES

    JRCATES Registered Member

    Joined:
    Apr 7, 2005
    Posts:
    1,203
    Location:
    USA
    According to ewido's web-site, they purport to excel and/or protect against keyloggers:

    "Trojans and Keyloggers
    No chance for thieves to steal your bank data and personal sensitive information by tapped Internet connections, remote controlled webcams or secret keyboard recordings.
    "

    ....but this is an area that I haven't heard much about as far as and in terms of detection, removal and prevention goes, so anyone who uses ewido and has any experiences or data that they can share, that would be great......
     
  4. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    There may be something in this thread. https://www.wilderssecurity.com/showthread.php?t=93179&page=1&pp=25
     
  5. JRCATES

    JRCATES Registered Member

    Joined:
    Apr 7, 2005
    Posts:
    1,203
    Location:
    USA
    Thanks, Hammer. No, no mention specifically of ewido's effectiveness at dealing with keyloggers in that thread....but thanks anyway. Hopefully maybe somebody will come along soon with some definitve answers, though.

    Where's fish when we need him? :eek: :D :cool:
     
  6. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    Hi,

    I have definitely used Ewido to clean keyloggers from infected machines of people I know. However, I personally prefer the ProcessGuard preventative approach.

    Rich
     
  7. JRCATES

    JRCATES Registered Member

    Joined:
    Apr 7, 2005
    Posts:
    1,203
    Location:
    USA
    Reallly? :eek:

    Never would have guessed that :D

    Thanks, and I know.....but I'm not using PG. Hopefully Online Armor, UnHackMe, Spyware Doctor, WinPatrol and others will help aid in the prevention of....but I'm curious as to ewido's effectiveness as well (in case I decide to use it for real-time anti-malware protection)........
     
  8. muf

    muf Registered Member

    Joined:
    Dec 30, 2003
    Posts:
    926
    Location:
    Manchester, England
    Have a read through this thread.
    https://www.wilderssecurity.com/showthread.php?t=94734
    Looking at post #30 it appears that once you get to the serious 'stealth' keyloggers then you need a dedicated Anti-Keylogger. I use Spycop which excels at detecting commercial keyloggers. I also use Security Task Manager which i really rate at spotting hook based keyloggers. There are others you may want to try. Best bet is to trial a few and see which you like best.

    muf
     
  9. goodquestion

    goodquestion Guest

    Interesting thread Muf. ;) I wouldn't rely on Ewido myself for the detection of all malware. It does do a good job in many cases, but if the sigs aren't there, then chances are you won't find the keylogger, and its heuristics don't seem to be able to do the job in all cases either.

    I would do as Muf suggested here and get a good dedicated anti-keylogger, if your worried about missing some keyloggers with Ewido. Most of the anti-spyware/malware programs (like Ewido) will find many keyloggers, some more than others, but most seem to still rely on signatures for the most part.

    So if some new keylogger (kernel based or other very stealthy one) comes along you probably won't find it unless your anti-malware has the sigs for it, but you might have a chance if your anti-malware/anti-keylogger has some heuristic ability, then again maybe not. Especially if the so-called infamous Holy Father has something to do with it, not to mention all the other lowlife malware writers out there, who seem to be getting better at defeating many of our current defenses.
     
  10. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    From ewido (http://update.ewido.net/changelog.txt)
    Did you tried with the a-squared Guard that have the IDS feature?
     
  11. peter.ewido

    peter.ewido former ewido team

    Joined:
    Nov 10, 2003
    Posts:
    737
    Location:
    Brno, Czech Republic
    The keylogger rules in the current ewido heuristics were almost completely disabled due to too many false positives, we're working on it. Also, future versions will offer generic keylogger protection... :)
     
  12. JRCATES

    JRCATES Registered Member

    Joined:
    Apr 7, 2005
    Posts:
    1,203
    Location:
    USA
    Thanks, fish....knew we could count on you to get the skinny ;)

    But what exactly do you mean and will this "generic keylogger protection" include or provide (without providing too much detail)?
     
Thread Status:
Not open for further replies.