Xyvos freeware

Discussion in 'other anti-virus software' started by J_L, Aug 29, 2011.

Thread Status:
Not open for further replies.
  1. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
  2. buckslayr

    buckslayr Registered Member

    Joined:
    Jun 1, 2009
    Posts:
    484
    Location:
    Michigan, USA
    Sounds interesting. I'm going to give it a whirl.
     
  3. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,486
    Location:
    Poland - Cracow
    Yes...it's looks ineteresting and I have installed it and I think is similar to Emmunize by using of white list. Is hard to say how is effective because it has option "allow all signed executables" and "allow all Microsoft signed executables" and many applications are allowed by definition.
    Xyvos WL works smooth and enough light

    Xyvos WL zasoby.jpg

    Below are some snapshots

    XyvosWL_a.jpg
    XyvosWL_b.jpg
    White list manager

    XyvosWL wl-manager.jpg
    alert popup

    Xyvos  WL alert.jpg
     
  4. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,069
    Please be careful.

    They have anonymized their WHOIS data.

    For the AV, Virustotal flags 5/44.

    For that whitelist thing, Virustotal flags 6/44.

    Edit: my Avira WebGuard blocked the second program. I had to disable the Webguard to upload it to Virustotal.
     
    Last edited: Aug 30, 2011
  5. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Is it an Anti-executable?
     
  6. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    Difference between the two:
    Free Antivirus provides only two more features.
    • Provides anti-rootkit protection
    • High level of USB Protection
     
  7. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,486
    Location:
    Poland - Cracow
    Yes...it looks like anti-exe.
    @Fly...it's already deinstalled/removed...I use Shadow Mode in SD :) BTW...thanks for the info :)
    I tried also Xyvox AV Free...there are two main deferences: in tab "Home" and "Settings"
    XAV detects also keyloggers
    XyvosAV.jpg
     
  8. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,486
    Location:
    Poland - Cracow
    It's true - both programms are flaged but I have another results...today's analysis

    Xyvox WL 4/44:
    eSafe 7.0.17.0 2011.08.29 Win32.TRRootkit
    F-Prot 4.6.2.117 2011.08.30 File is damaged
    PCTools 8.0.0.5 2011.08.30 Trojan.ADH
    Symantec 20111.2.0.82 2011.08.30 Trojan.ADH.2

    Xyvox AV 1/44
    F-Prot 4.6.2.117 2011.08.30 File is damaged

    I don't know what should I think o_O
    ----------------------
    edit:
    Next indication...now from Emsisoft Emergency Kit
    E:\...\XyvosWhiteListAntivirus-1.5.0.0.exe/$INSTDIR\XyvosWListAVDrv.sys detected: Trojan.Rootkit!IK
     
    Last edited: Aug 30, 2011
  9. PJC

    PJC Very Frequent Poster

    Joined:
    Feb 17, 2010
    Posts:
    2,959
    Location:
    Internet
    Oh, boy! Another...:blink:
     
  10. Cloud

    Cloud Registered Member

    Joined:
    Feb 1, 2011
    Posts:
    1,030
    Location:
    United States
    The product is not new, I have known about it since last year (found it on download.com). :)
     
  11. buckslayr

    buckslayr Registered Member

    Joined:
    Jun 1, 2009
    Posts:
    484
    Location:
    Michigan, USA
    I've downloaded it but haven't had a chance to install it yet. How is its effectiveness?
     
  12. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    How does it determine its white list? By path, md5 hash or something else?

    Has anyone tried to white list a program then update that program to see if it remains automatically white listed or needs added back to the white list once the md5 changes?
     
  13. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Intercepts procexp.exe - "Terminate and mark as untrusted" chosen. procexp.exe was added to the whitelist, which is surprising, but with "Type" as "Blocked" instead of "Whitelist".
    Renamed procexp to a sequence of A's, ending with a big filename "aaaaaa(...)".exe (*). Process Explorer ran without problems or prompts.
    Flaw number 1.

    Renamed to something.exe, and execution was intercepted with a prompt. Remember that this was already added to the 'whitelist' as a blocked process.
    This means it only checks filename/path.
    Flaw number 2.

    (*)Chris, that trick still works :D
     
  14. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    No dll loading interception.
     
  15. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    ntvdm.exe is caught when executing, but the 16-bit program is not. So, no 16-bit program blocking.

    *ty Bellgamin for that reminder on another thread.
     
  16. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Cannot say if it's a safe application or not, i don't know how to and i didn't look into it.
    But imo it's not very useful, if at all, so it doesn't really matter at this point. Unless you're an AV guy of course. *shrug*
     
  17. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,486
    Location:
    Poland - Cracow
    Latest results from VT scanning...only 2 indications o_O

    ~Removed virus total results per Policy~
     
    Last edited by a moderator: Sep 6, 2011
  18. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,486
    Location:
    Poland - Cracow
    Both programs form Xyvos Technologies are listed in "Probably the Best Free Security List in the World" on Techsupportalert.com
    Are they so realy good? :cautious:
     
Thread Status:
Not open for further replies.