Prevx on GpCode, Stuxnet and Blackday trojans

Hi;

Lot of talking over here about Stuxnet, Blackday, GpCode trojans here and here


Are we PrevxSOL users safe using default settings?

If not is there a good setting to adapt that we may know?

What is the behavior or how will Prevx act upon presence of these trojans?


Thank you.

 

Prevx should block these without a problem Feel free to forward any samples to report@prevxresearch.com in case you aren't sure but there is nothing technically difficult about any of them that would require non-default samples.

 

Would the Free Facebook version of PSO protect these users or would they need a full License to Block? I'm assuming that's what the OP was asking but to make it clear!

TH

 

Yes I meant that. Thanks TripleHelix

Also, I do not have the samples. Aigle was the one who actually did the test. Maybe Prevx can have the same samples used through/from Aigle so we will know the results. Fans will be grateful with it

 

Thanks for the clarification - I misread it No, the free version of PSO will not block these in realtime. You will need a license key from the paid version to block them.

 

Good reason to have the paid.

 

Hi

Whilst testing it for these threads - https://www.wilderssecurity.com/showthread.php?p=1866361#post1866361 - https://www.wilderssecurity.com/showthread.php?p=1866359#post1866359

I only got alerted to this ?



Admittedly the BD detect was on opening the folder, not running either nasty, but both BD & GP were in there together. So i expected detects on both.

What gives ?

 

I have merged the threads as it's on the same subject! I have also sent the undetected file to Prevx as the OP gave me a copy!!

TH

 

So i see Sorry didn't notice the other/this thread

Good man

 

How is it possible that PrevX detected BD if CloneRanger only opend the folder

I thought PrevX is only scanning on-execution?!

 

Blocking on execution is its main strength, but it's not limited to that.

 

Yes, it,s v strange.

 

Maybe a sign of things to come.

 

I can confirm that this variant of gpcode is now detected!

TH
[FONT=&quot][/FONT]