|
-
March 25th, 2004, 02:03 PM
#1
If you want to play - Part II
Some of you might like to give this one a look:
EWIDO page: http://www.ewido.net/en/?section=support .
Been using it now for a little while and it seems to be quite good. Certainly simple enough. Fast. Author very responsive to questions and quick about fixing FP's. Not vulnerable to the recent "re-basing" threat (which a lot of the OTHER A/T's can't say, unfortunately).
If you haven't taken a look at this one yet - you probably should.
From the author:
"Quote:
Besides the very big PLUS that it's free, is there anything that sets your program apart, detection-wise, from any of the pay programs?
Many things Just some examples:
Very strong binary signatures with Fuzzy Logic
Powerful unpacking engine based on emulation
Crypted database (AES 128-Bit)
Intelligent Online-Update with integrity-check
Generic-Binder-Detection
Very user-friendly Interface
...
The upcoming pro-Version will also feature a Guard running on Ring 0, a real memory Scanner (can detect e.g. armadillo copymem, api hooking), Heuristics and so on...
Quote:
How well does it "clean up" after an infection - or does it just "quarantine" stuff?
Searches for autostart/running processes and finally removes the file (with backup)... If not possible after reboot.
Quote:
Are you using any "new" types of detection processes?
Again, many (even more than KAV!)... Fuzzy signatures against patching & signature detection, immune against rebasing/OEP modifaction etc.
Quote:
How about unpackers? More than one?
More than one! We use generic emulation... So we're able to unpack e.g. upx, aspack, fsg, neolite, pepack, stones pe crypter, pklite32, morphine etc. Immune against entrypoint/stub patching..." . Pete
Last edited by StevenPeterYevchak; March 26th, 2004 at 02:07 AM.
Compaq Presario 7110US, 1.3GHz ThunderBird, 1GB RAM, 160GB HD, WinXP Pro w/SP2, TDS-3, WormGuard, Port Explorer v2.0, Process Guard v.3.150, The Cleaner Pro v.4.1 b.4252, TrojanHunter v.4.2 b.908, NOD32, XP ICF, ALL javacool programs, SBS&D, SPYCOP, Opera v.8.0 Build 7561, FireFox v1.0.4, ShadowUser v.2.5, SpyBlocker v8.7, RegDefend v1.300
-
March 25th, 2004, 05:08 PM
#2
Maybe I missed it but is there an English language section to their website? Is the program in English?
-
March 26th, 2004, 02:07 AM
#3
My apologies, fink. Link above will be fixed in a shake.
That page isn't very informative - but it IS in English. (So is the program when you get it from that d/l page there).
The page isn't finished really (one hopes he'll get to that shortly). Pete
Last edited by StevenPeterYevchak; March 26th, 2004 at 02:09 AM.
Compaq Presario 7110US, 1.3GHz ThunderBird, 1GB RAM, 160GB HD, WinXP Pro w/SP2, TDS-3, WormGuard, Port Explorer v2.0, Process Guard v.3.150, The Cleaner Pro v.4.1 b.4252, TrojanHunter v.4.2 b.908, NOD32, XP ICF, ALL javacool programs, SBS&D, SPYCOP, Opera v.8.0 Build 7561, FireFox v1.0.4, ShadowUser v.2.5, SpyBlocker v8.7, RegDefend v1.300
-
March 26th, 2004, 09:46 AM
#4
Thanks 
Looks interesting, may try it out over the weekend. I'm interested in checking it out vs Kaspersky which has always been my favorite scanner since it compares itself to KAV directly. The unpacking engine in particular is what I'd like to run through the ringer... of all the tests I've done over the years it's been viruses that have been assembled or compressed in unorthodox fashions that have given all of the scanners I've used the most difficulty.
Time to dig out my virus collection 
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
