Wednesday, November 16, 2005

Ewido Security Suite Information Page.

The information in Virtual Grub Street's computer postings is the result of thousands of web searches. It can not, however, possibly be complete. The subject is vast and constantly changing. Moreover, vendor uninstall tools and other freeware removal tools do not necessarily remove all of an infection from your computer. Vendor uninstall tools, for instance, may silently leave cookies or other tracking software installed. It is suggestible to follow up a removal with one or more adware scans and/or to do an inspection using a HijackThis log. The information on the page is not guaranteed correct and any use you may choose to make of it is entirely at your own risk.


Intro: Ewido Security Suite is a trialware product to detect and remove trojans, worms, dialers, keyloggers, hijackers, spyware and other malware items. It is a product of GmbH & Co./Network Solutions. The company was recently formed by three German programmers in their early 20s. The user is provided "a free 14-day test version containing all the extensions of the plus-version will be activated. At the end of the test phase, the extensions of the plus version are deactivated and the freeware version can be used unlimited times."

Latest Version covered. 3.5.

File Size. 6.32 MB.

File Type. --

Most recent update. 3.5 (July 10, 2005).

Compatible Operating Systems: Ewido Security Suite is compatible with Windows 2000 and XP operating systems only.

vs. PokaPoka76.exe. Ewido Security Suite trialware can remove Trojan.EliteBar.a (a.k.a. pokapoka76.exe). It will not necessarily remove all files that may have been downloaded by (or in association with) the trojan (i.e. PokaPoka, YupSearch, SearchMiracle.EliteBar).

Malware Items Removed: The following is a (very) partial list of infections that can be detected and removed by this software: 1150_0.dat (WebRebates); 1150_1.dat (WebRebates); 1150_2.dat (WebRebates); 180Pack6480.exe (TrojanDownloader.Small.asf); 3z5fjog7.exe (Backdoor.Ruledor.g); 459766_3608_1648_3684_69.41.tmp (Trojan.EliteBar.c); 66726_3608_1648_3820_69.41.tmp (Trojan.EliteBar.c); 876029.exe (SaveNow); 9svjash4.exe (SAHA); A0557305.DLL (MyWebSearch); A0557308.DLL (MyWebSearch); A0557316.DLL (Wesbar); A0558199.DLL (MySearchbar); A0558209.dll (ClearSearch); A0558211.dll (ClearSearch); A0558222.dll (ClearSearch); A0558225.exe (ClearSearch); A0559222.dll (ClearSearch); A0559225.exe (ClearSearch); A0559238.exe (ClearSearch); A0560238.exe (ClearSearch); A0567589.dll (SurfSide); A0567590.dll (TotalVelocity); A0567591.exe (TotalVelocity); A0567595.exe (NewDotNet); A0569590.dll (EliteBar); A0572979.dll (EliteBar); A0573008.dll (EliteBar); A0573009.dll (EliteBar); A0573279.DLL (TrojanDownloader.FunWeb.a); A0573288.exe (eZula); A0574822.dll (EliteBar); A0574829.dll (EliteBar); A0576643.dll (EliteBar); A0576671.dll (EliteBar); A0576672.dll (EliteBar); bargains.exe (BargainBuddy); casclient.exe (CASClient); CHCON.dll (eZula); clientax.dll (180Solutions); Del12.tmp (TrojanDownloader.Small.asf); djtopr1150.exe (WebRebates); DrPMon.dll (BetterInternet, Trojan.Agent.iw); eabh.dll (eZula); all EliteBar***32.exe files; i5E.tmp (SurfSide); Trojan.Imiserv.c; jkill.exe (VX2); MediaAccC.dll (WinAD); MediaAccessInstPack.exe (WinAD); mmod.exe (eZula); msbb321.dll (180solutions); MTE2ODM6ODoxNg.exe (ISearch); Nail.exe; shawn_1.dll (EliteBar); newdotnet6_38(2).dll (NewDotNet); NN_111.tmp (NewDotNet); nsj2E.dll (HotSearchBar); oqo3v30p.dll (SAHA); pokapoka76.exe (Trojan.EliteBar.a); powerscan.exe (PowerScan); ptf_0006.exe (Pacer); qool3.exe (TrojanDropper.Agent.hl); rcverlib[3].exe (Trojan.Pakes); res6E.tmp (180Solutions);[1] (SurfAccuracy); sacc_remove[1].exe (SurfAccuracy); seng.dll (eZula); sfbho13[1].dll (SideFind); sideb[1].exe (EliteBar); sidefind13[1].dll (SideFind); sst.dll (; sst2.tmp (BetterInternet); stubinstaller5041[1].ex_ (TrojanDownloader.Small.asf); svcproc.exe (Trojan.Stervis.h); tm47653.exe (Trojan.Pakes); tmp293906.tmp (EliteBar); tmp423171.tmp (EliteBar); tmp452468.tmp (Win32.Morphine); unimt.exe (Purityscan.B); uninstall.exe (EliteBar); UNWISE.EXE (eZula); vtleaev.exe (Trojan.Agent.cp); xlmeev.exe (Trojan.Agent.cp); ysb[1].dll (YourSiteBar); !update-2524[1].0000 (

Notes: Ewido also offers a free Online Malware Scan for machines Windows 2000, Windows XP and above running Internet Explorer 5.0 or later with ActiveX enabled. The scan is presently in beta.

Ewido Security suite is often used in conjuncton with other adware & malware removal tools in order to completely remove all vestiges of an adware/malware infection.

Caution: Ewido is reputed to occasionally give "false positives".

Downloads. Ewido Security Suite can be downloaded from the following locations:

It is suggested that the user visit Ewido's download page prior to downloading the setup.exe file.

The following example instructions for Ewido Security Suite 3.5 appear at the DaniWeb forum:

  • Download and install Ewido.

  • Then run, you will receive a warning message saying "Database not found", click "OK" for this.

  • Next in the main screen, click "Update" and click "Start Update".

  • After the update process, click on the "Scanner" button in the left menu,

  • then click on the "Complete System Scan" button.

  • If ewido finds anything, it will pop up a notification.

  • [S]elect "Clean" and check the boxes "Perform action with all infections" and "Create encrypted backup" before clicking on "OK".

  • When the scan finishes, click on "Save Report". This will create a text file.

  • Other VGS Freeware/Trialware Information Pages:

    No comments: