ZeroVulnerabilityLabs ExploitShield

Discussion in 'other anti-malware software' started by sbwhiteman, Sep 28, 2012.

Thread Status:
Not open for further replies.
  1. jdsandbe

    jdsandbe Registered Member

    Joined:
    Feb 13, 2011
    Posts:
    13
    I cannot find how to do that. I think I don't have enough posts.

    JDS
     
  2. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    Can you PM me the contents (at least the last couple of hundred entries) of your %ProgramFiles%\ZeroVulnerabilityLabs\ExploitShield\exploitshield.log file?

    Also please PM me the value of the following:
    HKLM\SOFTWARE\ZeroVulnerabilityLabs\ExploitShield\ClientID
     
  3. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    I just PM'ed you instructions on how to submit it by email.
    Thanks!
     
  4. jdsandbe

    jdsandbe Registered Member

    Joined:
    Feb 13, 2011
    Posts:
    13
    Just sent the requested data.

    JDS
     
  5. crapbag

    crapbag Registered Member

    Joined:
    Mar 14, 2011
    Posts:
    145
    Hi,

    Won't be doing any detection testing-there's folk on here way more capable than I :) - but I'm interested in seeing how useable the software is.

    I currently run AppGuard and Sandboxie. I've read on here that whilst not clashing with Sandboxie it wouldn't be neccessary to run both.

    How does the software compare with what AppGuard offers? I don't want to know which is better or anything. To my knowledge AppGuard provides amongst other things protection from zero-day and drive-by malware. Does ExploitShield offer similar protection but in a different way?

    I installed ExploitShield and ran it for a bit and it seemed light and unobtrusive. If it offers another layer of protection when updating or installing software-when AppGuard protection is lowered-then I would be pretty interested in it.
     
  6. RejZoR

    RejZoR Lurker

    Joined:
    May 31, 2004
    Posts:
    6,426
    Are there any plans to include update checking inside the program itself? If nothing else, at least a popup that new update is available, even if it's not an auto updater. Just so you don't have to constantly check webpage for updates...
     
  7. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    Yes there are plans for that. As it stands you will get a popup message when version 0.7 (beta1) expires and there's a version 0.8 (beta2) available so you won't have to constantly check our website. Also for future versions we will implement an upgrade mechanism.
     
  8. RejZoR

    RejZoR Lurker

    Joined:
    May 31, 2004
    Posts:
    6,426
    Also, it says "Files quarantined" in the main menu. But i can't seem to find any quarantine anywhere. Is that planned or shoudl be this entry renamed to "Files deleted" ?
     
  9. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    Quarantine is located in the drive:
    %ProgramFiles%\ZeroVulnerabilityLabs\ExploitShield\Quarantine
     
  10. RejZoR

    RejZoR Lurker

    Joined:
    May 31, 2004
    Posts:
    6,426
    It would be nice if you could access it through the interface. Either as stand alone main menu "menu" or just as a link that would open the quarantine folder. So you don't have to dig it on your own through folders...
     
  11. harshisthere

    harshisthere Registered Member

    Joined:
    Aug 8, 2011
    Posts:
    84
    Probable bug or incompatibility

    Today when I was downloading a media file via Jdownloader software I recently installed. The software is build in Java. I use Java Runtime Environment 8. On completion of download exploitshield gave a warning.Also some errors where seen in the log .I am using VLC latest version 64bit for playing the media file which is in mkv format. I am attaching a picture.http://i.imgur.com/XspFx.pnghttp://i.imgur.com/2qbyi.png
     
  12. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    Re: Probable bug or incompatibility

    This is already fixed in the internal beta2 which we are currently testing. Please stay tuned for release date soon and simply install beta2 version 0.8 on top of beta1 version 0.7.
     
  13. guest

    guest Guest

    It's compatible with EMET?
     
  14. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    Yes it is!
     
  15. TomAZ

    TomAZ Registered Member

    Joined:
    Feb 27, 2010
    Posts:
    1,131
    Location:
    USA
    Just wondering when we might expect the next beta release?
     
  16. constantine76

    constantine76 Registered Member

    Joined:
    Dec 18, 2010
    Posts:
    191
  17. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    Stay tuned... in the next 24-48 hours max we'll publish version 0.8 (beta2). We'll announce it at our blog.
     
  18. dlimanov

    dlimanov Registered Member

    Joined:
    Jun 10, 2009
    Posts:
    204
    I've been running ExploitShield for good few months now, side-by-side with EMET on Win7 x64 and also in a VM where most of malware analysis taken place. This combination has been rock-solid and detected every single exploit kit I threw at it. While a targeted dedicated attack may bypass it somehow via something truly elaborate, it sure has its place and merit, especially as an additional layer of defense.
    I am interested in the corporate version and when it will become available. Are there any dates and roadmap details on that?
    Thanks!
     
  19. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    Many thanks for the comments dlimanov and even more thanks for testing ExploitShield. Tomorrow's version 0.8 of ExploitShield Browser Edition has many engine improvements focused on even better exploit detection and improved FP prevention, especially around Java which is a world of its own. Also it will work under non-admin accounts.

    The Corporate Edition will be much more resilient to targeted attacks and potential bypasses since it will hook even lower in the system. We are keeping this private for now for companies only. If you are an ITSec admin at a company simply send us an email to info at zerovulnerabilitylabs dot com and we will include you in the private beta once it is available in Q1 2013 (requests from gmail, etc will be ignored).
     
  20. BrandiCandi

    BrandiCandi Guest

    @ZeroVulnLabs: Given the limited functionality of the free Browser Edition, I would highly encourage you to be more explicit on your website regarding the software's limitations. The name "ExploitShield" sounds like it would defend against all exploits. But it only protects against drive-bys. That's not clear at all on your website currently. I'm sure you don't mean to mislead consumers, but there is high potential for that.
     
  21. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    That's the reason we called it "Browser Edition", to make it clear that this version protects "browsers". Also we've tried to make it clear in the main ExploitShield webpage where you can find a detailed description of what each version protects against:
    http://www.zerovulnerabilitylabs.com/home/exploitshield/
     
  22. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,164
    Location:
    UK / Pakistan
    Hi, I wonder why the Exploits URLs section on forums is not updated. It will be nice to add few live exploit sites once or twice in a week so that we can test these stes.

    Thanks
     
  23. dlimanov

    dlimanov Registered Member

    Joined:
    Jun 10, 2009
    Posts:
    204
    Sent.
     
  24. DBone

    DBone Registered Member

    Joined:
    Nov 24, 2010
    Posts:
    1,041
    Location:
    SoCal USA
    Will tomorrows update support Comodo Dragon?
     
  25. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    No, we haven't added any new shields or GUI tweaks in this release. Most improvements were focused on the engine itself.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.