for example, KeePass v1.32 Installer download.
Automated Cleanup Engine
Starting Cleanup at 10/01/2017 - 23:39:23 GMT
Starting Routine> Removing d:sandboxjmsfirefoxusercurrentappdatalocal empmgunkd7w.exe.part...#(PX5: 4E1A1D8FA80B8EEE72B31D68E1E08900014ED9CC - MD5: 4A8EC2B484999A6F1774A5D63A05C0A9)...
Deleting File> d:sandboxjmsfirefoxusercurrentappdatalocal empmgunkd7w.exe.part
=========================================================
Automated Cleanup Engine
Starting Cleanup at 10/01/2017 - 23:58:33 GMT
Starting Routine> Removing d:sandboxjmschromeusercurrentdesktopkeepass-1.32-setup.exe...#(PX5: 4E1A1D8FA80B8EEE72B31D68E1E08900014ED9CC - MD5: 4A8EC2B484999A6F1774A5D63A05C0A9)...
Deleting File> d:sandboxjmschromeusercurrentdesktopkeepass-1.32-setup.exe
Thanks
Solved
What's PX5: ?
Best answer by DanP
The PX5 hash is still genereated, but no longer used.
Also, I corrected the detection of the KeePass installer.
-Dan
Also, I corrected the detection of the KeePass installer.
-Dan
I was wondering if PX5 is anyway related to Prevx. Or, simply hash function I was not aware of?@ wrote:
Hi@ Take a look HERE to find out about PX5
Hope this helps.
https://www.wilderssecurity.com/threads/what-will-happen-to-limited-prevx.309159/#post-1950649
Thanks
+25I'm not quite sure let me ping @ to see what he has to say. In the meantime you may want to check this out HERE
Edited: I'm going to refer this over to@ for his feedback.
Edited: I'm going to refer this over to
+56Webroot Continues to use some data info from the Prevx days (PX5) so as you can see WSA relies on more than just MD5 Hashes! There is allot more going on behind the scenes then Webroot is willing to tell us and the Malware writers! Webroot has the most advance full cloud realtime threat intelligence engine and Database and collection and was the first to have such a thing!
Daniel
More info when Webroot Acquired Prevx back in November 1st 2010: http://www.pcmag.com/article2/0,2817,2392059,00.asp and here: https://www.webroot.com/us/en/about/press-room/releases/technology-acquisition-cloud-security
"Immense Cloud Database
One reason the local application can be so tiny is that it doesn't include any malware signatures, Morris explained. The Prevx technology relies entirely on an immense database of applications and behaviors in the cloud. This database collects and correlates an almost-unimaginable amount of information about every process ever run on any system with SecureAnywhere (or Prevx) installed. Along with the expected notes about process behavior it correlates things like the geographic location, browser version, and other elements of the sample's "habitat."
According to Morris, this database, code named ENZO, can include as many as two million database rows for a single process.
"Cybersecurity is all about information," said Morris. "We store and correlate all the factors about the process's behavior in all the places it was seen. We aim to have more information than anyone, so we can offer better protection than anyone."
Older pictures:
Daniel
More info when Webroot Acquired Prevx back in November 1st 2010: http://www.pcmag.com/article2/0,2817,2392059,00.asp and here: https://www.webroot.com/us/en/about/press-room/releases/technology-acquisition-cloud-security
"Immense Cloud Database
One reason the local application can be so tiny is that it doesn't include any malware signatures, Morris explained. The Prevx technology relies entirely on an immense database of applications and behaviors in the cloud. This database collects and correlates an almost-unimaginable amount of information about every process ever run on any system with SecureAnywhere (or Prevx) installed. Along with the expected notes about process behavior it correlates things like the geographic location, browser version, and other elements of the sample's "habitat."
According to Morris, this database, code named ENZO, can include as many as two million database rows for a single process.
"Cybersecurity is all about information," said Morris. "We store and correlate all the factors about the process's behavior in all the places it was seen. We aim to have more information than anyone, so we can offer better protection than anyone."
Older pictures:
+56And continues to be used today?@ wrote:
PX5 is a unique hash function that was used by Prevx.
-Dan
+35- OpenText Employee
- Answer
The PX5 hash is still genereated, but no longer used.
Also, I corrected the detection of the KeePass installer.
-Dan
Also, I corrected the detection of the KeePass installer.
-Dan
+56Thanks for the updated info Dan!@ wrote:
The PX5 hash is still genereated, but no longer used.
Also, I corrected the detection of the KeePass installer.
-Dan
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.