Protection offered by ewido-guard ?

Discussion in 'ewido anti-spyware forum' started by Defenestration, Mar 23, 2006.

Thread Status:
Not open for further replies.
  1. Defenestration

    Defenestration Registered Member

    Joined:
    Jul 17, 2004
    Posts:
    1,086
    I still deciding which AT/AM solution to go for, and wanted confirmation of exactly what ewido-guard does. I know that it scans files exe files when launched, but does ewido-guard do...

    1) Memory scanning for detecting any modified variant of a particular build of a trojan ?

    2) Registry scanning for detecting traces of trojans in the registry ?

    3) Inifile scanning for detecting traces of trojans in configuration files ?

    4) Port scanning for detecting open trojan ports ?

    5) Anything else it does in real-time ?
     
  2. Defenestration

    Defenestration Registered Member

    Joined:
    Jul 17, 2004
    Posts:
    1,086
    After reading the features page of the ewido website (which I didn't do before cos I was being lazy :) ), I discovered that it definitely does (1) and probably does (2) in real-time, but may not do (3) and (4).

    How often does the ewido guard check the memory and registry ?
     
  3. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    p.s. that means all new processes too (active memory, processes ..) ...

    I do think that Ewido protects against active registry remnants like "malware startup objects" and their traces .. but only if Ewido has sigs for those traces .. which is quite normal afaik .. being Ewido sig scanner ..
     
  4. Defenestration

    Defenestration Registered Member

    Joined:
    Jul 17, 2004
    Posts:
    1,086
    Thanks Infinity. I found that bit myself on the technology page after a bit more reading.

    I would like still like someone from ewido to confirm exactly what ewido guard does though, when they've got a free moment. :)
     
Thread Status:
Not open for further replies.