Update July 27, 2007: Ewido was purchased by Grisoft, makers of AVG Anti-Virus and Anti-Spyware, after this review was public. By downloading AVG Anti-Spyware at http://free.grisoft.com/ you are receiving the same powerful scanning engine from Ewido included in the AVG program.

These days anti-spyware apps are a dime a dozen, but the PCMech forum members frequently recommend Ewido, in addition to AVG, Ad-Aware, and Spybot. So, for this week’s FreewareFrenzy, I will be looking at Ewido Anti-spyware 4.0.
The initial setup explains that you receive the full version for 30 days. After that time, the full version extensions expire but the free version will continue. After Ewido installs a start menu entry and desktop icon (without asking), the program will startup automatically, along with a system tray icon indicating that the resident shield is now active.
The Status page shows if the auto-update and shield are on, your last update and scan date, and statistics on recently found malware. Because this is the first time opening Ewido, my computer is “at Risk” and I should scan immediately. There is also a large box reminding me that I only have 30 days until the full version expires. Since I, and everyone who downloads Ewido, have the full product for a month, this review will cover all that Ewido has to offer. Remember that after the month is up, the “freeware” version will lose: scheduled scans, real time system monitoring, Memory scan (for active threats) and automatic updates. But the freeware is still a very fully featured suite.

I’ll scan in a moment, but lets run through Ewido’s other offerings first by exploring the buttons along the top of the program.
Update is fairly straight forward, simply click on the button after the auto-updates expire. Right now you can configure the auto-update timings, but they will be useless in thirty days. Proxy settings are also available.
Scanner types are: Complete, Fast, Registry, Memory, and Custom. The settings tab lets you scan for certain malware types, certain file types by extension, and change scan methods. All options are checked by default for the most thorough scan. I chose to Quarantine anything that was found; you can also ignore or delete. The Scheduling tab lets you setup a custom scan that runs on your schedule. You can choose not only what to scan; registry, memory or folders, but you can also setup an exact time or amount of time after setup. There is also a handy option to not scan if a full screen app, such as a game, is running.

Shield sits in the system tray to scan files and your memory as files are opened. Suspicious apps are stopped until you approve them. I did not notice Ewido interfering with any of my frequently used apps, so don’t worry about Ewido being obtrusive.
Infections and Reports are useful after scanning to examine what you had, what is quarantined and any exceptions that were allowed.
Analysis is similar to HijackThis, see my review for more. It displays and lets you terminate running processes, active connections, your auto start apps, browser plug-ins and a listing of LSPs. Layered Service Providers hook into your network and are capable of monitoring network traffic, so it’s important to check these if you suspect a hijacker.
Tools include miscellaneous settings for disabling error reporting, or preventing WMP from auto connecting for licenses and metadata. The Shredder tab lets you destroy files by overwriting them once, four or even ten times if you need to remove sensitive data. Be careful though, anything overwritten cannot be recovered.
The Help is very well done, with plenty of screenshots and all options explained thoroughly. Options in the program even have helpful descriptions.
So now that its time to scan, I created my custom profile, choosing to scan the registry, memory and C: drive. It took Ewido 22 minutes to scan approximately 340,000 objects. It found only one object; a Save.Now adware object. Interestingly, the file was uncovered from the quarantine file of Windows Defender. I wanted to compare Ewido with my other favorite, Ad-Aware SE, so I fired that up and did a complete scan. Ad-Aware scanned only 200,000 objects in about 15 minutes. Ad-Aware found 3 tracking cookies that Ewido did not, even though it, Ewido, was set to search for cookies. This further proves the importance of using multiple scanning programs to protect your system.

While my system was too clean to fully test Ewido, the combination of thorough scanning (140,000 more files in Complete mode) and plethora of extra options and tools, make it a handy addition to any anti-spyware suite. I recommend anyone to try it along with their current programs. You can download it here: http://www.ewido.net/en/