Prevx 3.0.5.185 terminated by zero-day POC

View previous topic View next topic Go down

Re: Prevx 3.0.5.185 terminated by zero-day POC

Post by Ruhe on 4/8/2010, 18:15

ssj100 wrote:I've had to blot out some letters due to inappropriate language
Oh dear Neutral ... we are old enough Wink
avatar
Ruhe
Valued Member
Valued Member

Posts : 261
Join date : 2010-04-16
Location : Germany

View user profile

Back to top Go down

Re: Prevx 3.0.5.185 terminated by zero-day POC

Post by ssj100 on 4/8/2010, 18:27

Ruhe wrote:
ssj100 wrote:I've had to blot out some letters due to inappropriate language
Oh dear Neutral ... we are old enough Wink

Some of us are haha.

_________________
Sandboxie + LUA + SRP + DEP + SuRun
Windows Firewall + NAT Router + IPSec (on-demand)
VirtualBox (on-demand)
Drive SnapShot (on-demand)
avatar
ssj100
Administrator
Administrator

Posts : 1389
Join date : 2010-04-14

View user profile http://ssj100.fullsubject.com

Back to top Go down

Re: Prevx 3.0.5.185 terminated by zero-day POC

Post by ssj100 on 5/8/2010, 10:05

Seems that Prevx's self-protection is not too good:
http://www.kernelmode.info/forum/viewtopic.php?f=15&t=249&start=10#p1786

Prevx released build 187 literally a couple of hours ago to specifically block the vulnerabilities discovered by "EP_X0FF", but even that build has now been bypassed. He'll release the actual exploit file in the next few days. Would be really interesting to see what Prevx thinks about this.

_________________
Sandboxie + LUA + SRP + DEP + SuRun
Windows Firewall + NAT Router + IPSec (on-demand)
VirtualBox (on-demand)
Drive SnapShot (on-demand)
avatar
ssj100
Administrator
Administrator

Posts : 1389
Join date : 2010-04-14

View user profile http://ssj100.fullsubject.com

Back to top Go down

Re: Prevx 3.0.5.185 terminated by zero-day POC

Post by languy99 on 5/8/2010, 10:21

hope they get it fixed but I have never been a fan of prevx, mainly becasue they don't give you a full trail of their product. It is like going to buy a car, being allowed to start it but not being allowed to drive it. If I ever encounter that in real life I would never buy that car. Same thing goes with software, if you don't let me try you software without restrictions I will never buy it.
avatar
languy99
Valued Member
Valued Member

Posts : 54
Join date : 2010-07-20

View user profile

Back to top Go down

Re: Prevx 3.0.5.185 terminated by zero-day POC

Post by Buster_BSA on 5/8/2010, 16:18

Ruhe wrote:
ssj100 wrote:I've had to blot out some letters due to inappropriate language
Oh dear Neutral ... we are old enough Wink

I´ld say that is more like using the broom in the middle of a desert.
avatar
Buster_BSA
Member
Member

Posts : 87
Join date : 2010-07-21

View user profile

Back to top Go down

Re: Prevx 3.0.5.185 terminated by zero-day POC

Post by ssj100 on 26/8/2010, 14:10

Prevx have (desperately) been trying to keep up with these zero-day POC's, but they've "lost" for now - the latest POC (not publically released) easily kills the latest Prevx version - 3.0.5.189 RC.

By the way, nice video review by languy99 here:
http://www.youtube.com/watch?v=zx7vlH1FJ2A

The video demonstration basically "proves" that Prevx is just another "Antivirus" product. They may advertise and cleverly market superior technology (eg. cloud detection, behaviour blocking, heuristics detection), but at the end of the day, it will never be good enough against zero-day malware (unless they implement some form of HIPS or default-deny protection like BluePoint Security has).

_________________
Sandboxie + LUA + SRP + DEP + SuRun
Windows Firewall + NAT Router + IPSec (on-demand)
VirtualBox (on-demand)
Drive SnapShot (on-demand)
avatar
ssj100
Administrator
Administrator

Posts : 1389
Join date : 2010-04-14

View user profile http://ssj100.fullsubject.com

Back to top Go down

Re: Prevx 3.0.5.185 terminated by zero-day POC

Post by languy99 on 26/8/2010, 22:48

thanks I just try to make the best reviews I can. I see that at other forums say I stole Prevx, funny. But I didn't. They just really like to question everything I did and say how I cheated here and there. But in the end I did not cheat and I know I did not. This finally proves to me Prevx is nothing special, they are all marketing.
avatar
languy99
Valued Member
Valued Member

Posts : 54
Join date : 2010-07-20

View user profile

Back to top Go down

Re: Prevx 3.0.5.185 terminated by zero-day POC

Post by ssj100 on 27/8/2010, 00:24

I wouldn't listen to them. Your tests are easily reproducible by simply running fresh malware links. I did a quick test of Prevx a few months ago (using pretty much the same method as you) and I got similar results - Prevx is just another "Antivirus" and will frequently fail against zero-day malware. Also, in the short time I was testing Prevx, it picked up more false positives than actual malware! But I think they've improved that aspect now.

_________________
Sandboxie + LUA + SRP + DEP + SuRun
Windows Firewall + NAT Router + IPSec (on-demand)
VirtualBox (on-demand)
Drive SnapShot (on-demand)
avatar
ssj100
Administrator
Administrator

Posts : 1389
Join date : 2010-04-14

View user profile http://ssj100.fullsubject.com

Back to top Go down

Re: Prevx 3.0.5.185 terminated by zero-day POC

Post by ssj100 on 27/8/2010, 10:15

By the way languy99, just to re-emphasise that you should ignore those (extremely) negative (and arguably insulting) comments.

Many of the negative comments that I've read clearly lack constructive criticism. See here for more examples:
http://ssj100.fullsubject.com/comodo-f12/the-sad-state-of-constructive-criticism-t51.htm#226

One always needs to be careful when interpreting anything they see or read in the news, internet, or research article etc. Your methods of testing aren't exactly scientific or Nobel prize winning, but they give a good general feel of the product/program.

Again, your video once again demonstrates that Prevx is no where near adequate at protecting a system from zero-day malware (fact is, it got bypassed by several malware and even failed to detect an active malware running in memory). Whether it can adequately protect the "average" user from the "average" malware infection is debatable (and your video certainly doesn't help much in solving that question).

_________________
Sandboxie + LUA + SRP + DEP + SuRun
Windows Firewall + NAT Router + IPSec (on-demand)
VirtualBox (on-demand)
Drive SnapShot (on-demand)
avatar
ssj100
Administrator
Administrator

Posts : 1389
Join date : 2010-04-14

View user profile http://ssj100.fullsubject.com

Back to top Go down

Re: Prevx 3.0.5.185 terminated by zero-day POC

Post by Sponsored content


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum