Skip to main content
for example, KeePass v1.32 Installer download.



Automated Cleanup Engine

Starting Cleanup at 10/01/2017 - 23:39:23 GMT

Starting Routine> Removing d:sandboxjmsfirefoxusercurrentappdatalocal empmgunkd7w.exe.part...#(PX5: 4E1A1D8FA80B8EEE72B31D68E1E08900014ED9CC - MD5: 4A8EC2B484999A6F1774A5D63A05C0A9)...

Deleting File> d:sandboxjmsfirefoxusercurrentappdatalocal empmgunkd7w.exe.part



=========================================================

Automated Cleanup Engine

Starting Cleanup at 10/01/2017 - 23:58:33 GMT

Starting Routine> Removing d:sandboxjmschromeusercurrentdesktopkeepass-1.32-setup.exe...#(PX5: 4E1A1D8FA80B8EEE72B31D68E1E08900014ED9CC - MD5: 4A8EC2B484999A6F1774A5D63A05C0A9)...

Deleting File> d:sandboxjmschromeusercurrentdesktopkeepass-1.32-setup.exe

 

Thanks
Hi @  Take a look HERE to find out about PX5

 

Hope this helps.
@ wrote:

Hi @  Take a look HERE to find out about PX5

 

Hope this helps.

I was wondering if PX5 is anyway related to Prevx.   Or, simply hash function I was not aware of?

https://www.wilderssecurity.com/threads/what-will-happen-to-limited-prevx.309159/#post-1950649

 

Thanks

 
I'm not quite sure let me ping @  to see what he has to say.  In the meantime you may want to check this out HERE

 

Edited:  I'm going to refer this over to @ for his feedback.
Webroot Continues to use some data info from the Prevx days (PX5) so as you can see WSA relies on more than just MD5 Hashes! There is allot more going on behind the scenes then Webroot is willing to tell us and the Malware writers! Webroot has the most advance full cloud realtime threat intelligence engine and Database and collection and was the first to have such a thing!

 

Daniel

 

More info when Webroot Acquired Prevx back in November 1st 2010: http://www.pcmag.com/article2/0,2817,2392059,00.asp and here: https://www.webroot.com/us/en/about/press-room/releases/technology-acquisition-cloud-security

 

 

"Immense Cloud Database

One reason the local application can be so tiny is that it doesn't include any malware signatures, Morris explained. The Prevx technology relies entirely on an immense database of applications and behaviors in the cloud. This database collects and correlates an almost-unimaginable amount of information about every process ever run on any system with SecureAnywhere (or Prevx) installed. Along with the expected notes about process behavior it correlates things like the geographic location, browser version, and other elements of the sample's "habitat."

According to Morris, this database, code named ENZO, can include as many as two million database rows for a single process.

"Cybersecurity is all about information," said Morris. "We store and correlate all the factors about the process's behavior in all the places it was seen. We aim to have more information than anyone, so we can offer better protection than anyone."

 

 

Older pictures:

 



 

 


PX5 is a unique hash function that was used by Prevx.

 

-Dan
@ wrote:

PX5 is a unique hash function that was used by Prevx.

 

-Dan

And continues to be used today?
The PX5 hash is still genereated, but no longer used.

 

Also, I corrected the detection of the KeePass installer.

 

-Dan
@ wrote:

The PX5 hash is still genereated, but no longer used.

 

Also, I corrected the detection of the KeePass installer.

 

-Dan

Thanks for the updated info Dan!
PX5 hash is still genereated with 9.0.17.24

 

Thanks

Reply