To Customer Support To Customer Support
Solved

What's PX5: ?

  • 11 January 2017
  • 9 replies
  • 88 views
B
Rank
for example, KeePass v1.32 Installer download.

Automated Cleanup Engine
Starting Cleanup at 10/01/2017 - 23:39:23 GMT
Starting Routine> Removing d:sandboxjmsfirefoxusercurrentappdatalocal empmgunkd7w.exe.part...#(PX5: 4E1A1D8FA80B8EEE72B31D68E1E08900014ED9CC - MD5: 4A8EC2B484999A6F1774A5D63A05C0A9)...
Deleting File> d:sandboxjmsfirefoxusercurrentappdatalocal empmgunkd7w.exe.part

=========================================================
Automated Cleanup Engine
Starting Cleanup at 10/01/2017 - 23:58:33 GMT
Starting Routine> Removing d:sandboxjmschromeusercurrentdesktopkeepass-1.32-setup.exe...#(PX5: 4E1A1D8FA80B8EEE72B31D68E1E08900014ED9CC - MD5: 4A8EC2B484999A6F1774A5D63A05C0A9)...
Deleting File> d:sandboxjmschromeusercurrentdesktopkeepass-1.32-setup.exe
 
Thanks
icon

Best answer by DanP 11 January 2017, 16:21

View original

9 replies

Yankeelady2015
Rank
Userlevel 7
Badge +25
Hi @  Take a look HERE to find out about PX5
 
Hope this helps.
·.·´¯`·.· Julie ·.·´¯`·.·? "You tried all the rest, now experience the Best, WEBROOT SECURE ANYWHERE"!
B
Rank
@ wrote:
Hi @  Take a look HERE to find out about PX5
 
Hope this helps.
I was wondering if PX5 is anyway related to Prevx.   Or, simply hash function I was not aware of?
https://www.wilderssecurity.com/threads/what-will-happen-to-limited-prevx.309159/#post-1950649
 
Thanks
 
Yankeelady2015
Rank
Userlevel 7
Badge +25
I'm not quite sure let me ping @  to see what he has to say.  In the meantime you may want to check this out HERE
 
Edited:  I'm going to refer this over to @ for his feedback.
·.·´¯`·.· Julie ·.·´¯`·.·? "You tried all the rest, now experience the Best, WEBROOT SECURE ANYWHERE"!
RetiredTripleHelix
Rank
Userlevel 7
Badge +56
Webroot Continues to use some data info from the Prevx days (PX5) so as you can see WSA relies on more than just MD5 Hashes! There is allot more going on behind the scenes then Webroot is willing to tell us and the Malware writers! Webroot has the most advance full cloud realtime threat intelligence engine and Database and collection and was the first to have such a thing!
 
Daniel
 
More info when Webroot Acquired Prevx back in November 1st 2010: http://www.pcmag.com/article2/0,2817,2392059,00.asp and here: https://www.webroot.com/us/en/about/press-room/releases/technology-acquisition-cloud-security
 
 
"Immense Cloud Database
 One reason the local application can be so tiny is that it doesn't include any malware signatures, Morris explained. The Prevx technology relies entirely on an immense database of applications and behaviors in the cloud. This database collects and correlates an almost-unimaginable amount of information about every process ever run on any system with SecureAnywhere (or Prevx) installed. Along with the expected notes about process behavior it correlates things like the geographic location, browser version, and other elements of the sample's "habitat."
According to Morris, this database, code named ENZO, can include as many as two million database rows for a single process.
"Cybersecurity is all about information," said Morris. "We store and correlate all the factors about the process's behavior in all the places it was seen. We aim to have more information than anyone, so we can offer better protection than anyone."
 
 
Older pictures:
 


 
 

DanP
Rank
Userlevel 7
Badge +35
PX5 is a unique hash function that was used by Prevx.
 
-Dan
Webroot Threat Research
RetiredTripleHelix
Rank
Userlevel 7
Badge +56
@ wrote:
PX5 is a unique hash function that was used by Prevx.
 
-Dan
And continues to be used today?
DanP
Rank
Userlevel 7
Badge +35
The PX5 hash is still genereated, but no longer used.
 
Also, I corrected the detection of the KeePass installer.
 
-Dan
Webroot Threat Research
RetiredTripleHelix
Rank
Userlevel 7
Badge +56
@ wrote:
The PX5 hash is still genereated, but no longer used.
 
Also, I corrected the detection of the KeePass installer.
 
-Dan
Thanks for the updated info Dan!
B
Rank
PX5 hash is still genereated with 9.0.17.24
 
Thanks

Reply


Terms & Conditions

© 2004 - Webroot Inc.

We have recently updated our Privacy Policies. We encourage you to read the full terms here.