Hello all,
I'm pleased to post the first public download to new users of the new Prevx RC:

32bit: http://info.prevx.com/download.asp?grab=edgebeta (ignore the "edgebeta" part of the URL - this download is RC1 :))
64bit: http://info.prevx.com/download.asp?grab=edgebeta64 (the web security functionality is not 64bit compatible yet but there are significant improvements "under-the-hood" of Prevx for 64bit still)

We had Immunity Inc. review the technical proficiency of the secured browsing provided by Prevx in this document: http://pxnow.prevx.com/zeroL/SecureBrowserWhitePaper.pdf

You "can" upgrade your existing installation to this build but it will automatically disable the new browser security features so it may be best to uninstall and the install this build fresh to get a better feel for the functionality right out-of-the-box.

You will need to close/restart open browser instances to receive the full protection benefits (which will be outlined in some third party whitepapers coming soon.

Current known issues/incompatibilities are:
- Incompatibility with Opera v10
- Incompatibility with Sandboxie
- Some issues with cookie cleaners
- Incomplete Safari support
- An intermittent issue loading PDF files in Adobe Reader on Windows 7
- Incompatibility with KeyScrambler because of similar technology being used
- Tab positioning issues on some Firefox installations
- Some logical issues adding protection/removing protection
- Partial incompatibility with KeePass/KeeForm
- Browser protection will be merged with the Stop Protection in Prevx to allow the user to take screenshots if wanted
- Incompatibility with BS Player PRO
- Conceptual incompatibility with screen readers

Running smooth here in my VM XP. Good stuff.

{QUOTE-> Running smooth here in my VM XP. Good stuff. <-QUOTE}

As a quick test, could you click the browser dropdown tab and see if it says: "Hypervisor Detected - Your browsing may be monitored" below the "Add Protection" button?

We have generic reporting in place to alert users if they may be compromised by a hypervisor rootkit (or intentionally using a product like VMWare/VirtualPC).

Thanks! :)

{QUOTE-> As a quick test, could you click the browser dropdown tab and see if it says: "Hypervisor Detected - Your browsing may be monitored" below the "Add Protection" button?

We have generic reporting in place to alert users if they may be compromised by a hypervisor rootkit (or intentionally using a product like VMWare/VirtualPC).

Thanks! :) <-QUOTE}

What browser dropdown tab?

{QUOTE-> What browser dropdown tab? <-QUOTE}

In IE/FF/Opera/Chrome, Prevx 3.0.4.183 will show a small tab above the address bar if you have the feature "Web Browser Security" enabled on the front screen of Prevx (you'll see it with a green checkmark, if not, click "Configure", then double click "Basic Configuration" and select "Enable the Prevx Secure Browser" and "Block phishing and known malicious websites" and then click "Save").

Let me know if you see anything behave differently than this and I'll investigate further :)

One initial observation is that the positioning of the Prevx Tab (shown if selected) seems a little random and where it appears in both IE & FF is a bit of a nuisance. Any way of selecting its placement or could it appear as a mre regular button in the task bar...that would be most helpful. ;)

{QUOTE-> One initial observation is that the positioning of the Prevx Tab (shown if selected) seems a little random and where it appears in both IE & FF is a bit of a nuisance. Any way of selecting its placement or could it appear as a mre regular button in the task bar...that would be most helpful. ;) <-QUOTE}

We currently don't have the ability to configure the placement of the tab. It should sit either directly above the address bar or within the title bar of the window.

We're very open to any suggestions, however. Would you prefer if the tab itself floated outside of the window, attached at the top or do you think it would work better within the window title bar always?

The tab actually is not a browser component (we don't use any BHOs or inherently browser-dependent technology in our web security) so we can't integrate directly with the browser buttons which is why we have looked for a different position to put it in, and above the address bar seemed like the best place in our focus group tests.

{QUOTE-> In IE/FF/Opera/Chrome, Prevx 3.0.4.183 will show a small tab above the address bar if you have the feature "Web Browser Security" enabled on the front screen of Prevx (you'll see it with a green checkmark, if not, click "Configure", then double click "Basic Configuration" and select "Enable the Prevx Secure Browser" and "Block phishing and known malicious websites" and then click "Save").

Let me know if you see anything behave differently than this and I'll investigate further :) <-QUOTE}

I see what you mean now, and yes, I can see "Hypervisor detected - Your browsing may be monitored". Interesting feature mate.

By the way, "Basic Configuration" doesn't have an option to enable or diable the Prevx Secure Browser.

By the way, "enable protection" in the browser is a bit strange? You've got to enable it for each individual web-site? Why not just enable it for whatever web-site you visit?

{QUOTE-> I see what you mean now, and yes, I can see "Hypervisor detected - Your browsing may be monitored". Interesting feature mate.

By the way, "Basic Configuration" doesn't have an option to enable or diable the Prevx Secure Browser. <-QUOTE}

You should be able to untick the "Enable the Prevx Secure Browser" box and "Block phishing and known malicious websites" box to disable the protection (the checkmark will turn into a red X).

It is admittedly not the most elegant configuration option and we will work on making a much easier: "it is on/it is off" button :)

{QUOTE-> You should be able to untick the "Enable the Prevx Secure Browser" box and "Block phishing and known malicious websites" box to disable the protection (the checkmark will turn into a red X).

It is admittedly not the most elegant configuration option and we will work on making a much easier: "it is on/it is off" button :) <-QUOTE}

Thanks found it mate.

{QUOTE-> We currently don't have the ability to configure the placement of the tab. It should sit either directly above the address bar or within the title bar of the window. <-QUOTE}

Understood, except given what else I have installed in FF it sits way over to the right just next to (rather than above) the Google search bar whilst the address bar is way over to the left? Funnily enough in IE it seems to be position above the Address bar

{QUOTE-> We're very open to any suggestions, however. Would you prefer if the tab itself floated outside of the window, attached at the top or do you think it would work better within the window title bar always? <-QUOTE}

Not sure what you mean by this but I think it should be situated or float where it is unlikely to get the way or obscure other features...perhaps floating above the navigation bar...which generally does not have more that File, Edit, View, History, Bookmarks, etc. in it which are all way over to the left?

{QUOTE-> The tab actually is not a browser component (we don't use any BHOs or inherently browser-dependent technology in our web security) so we can't integrate directly with the browser buttons which is why we have looked for a different position to put it in, and above the address bar seemed like the best place in our focus group tests. <-QUOTE}

Understand.

;D

{QUOTE-> Understood, except given what else I have installed in FF it sits way over to the right just next to (rather than above) the Google search bar whilst the address bar is way over to the left? Funnily enough in IE it seems to be position above the Address bar <-QUOTE}

Could you possibly post/send me a screen shot? I suspect this is an actual bug in the processing of tab placement rather than something we're intentionally doing as it does sound quite odd! Thanks :)

211854

I'm using v2.0.0.20 of firefox!

In Firefox mine is sitting pretty much in the Google search box.

{QUOTE-> I'm using v2.0.0.20 of firefox! <-QUOTE}

Yours is appearing there intentionally - we put it in the browser title bar if we can't find where to put it within the window (there isn't a way to tell Firefox to just put something on top of the address bar so we have to do some odd things to actually -find- the address bar in the window ;D). Non-standard skins can throw this off which is why we just put it in a known-reliable place.

The protection will still work exactly the same, just the tab is a bit oddly placed. Let me know your thoughts on this and if you have any other suggestions!

Here is IE8!

I was too late for version 3.0.4.182. ;)

Here are some screenshots of the upgrade install monitored by my HIPS.

I am using Opera 10 Alpha in this snapshot.

It's fine for me as is!

Opera 10!

Here's a pic of Firefox with Prevx browser bar.

211863

Prevx is showing the Secure Browser is running, but I cannot get it to respond to the the click on Configure as per the attached screenshot.

Joe...any ideas? :)

{QUOTE-> Prevx is showing the Secure Browser is running, but I cannot get it to respond to the the click on Configure as per the attached screenshot.

Joe...any ideas? :) <-QUOTE}

Hi Tarnak,

Did you read the first post?

{QUOTE-> You "can" upgrade your existing installation to this build but it will automatically disable the new browser security features so it may be best to uninstall and the install this build fresh to get a better feel for the functionality right out-of-the-box. <-QUOTE}

TH

Looks ok to me and i've got a lot tweaked:

{QUOTE-> Here's a pic of Firefox with Prevx browser bar. <-QUOTE}

That's quite ugly! I'll see what we can do to fix that :) Could you let me know what build of Firefox/OS/Firefox skin/(OS skin?) you have so I can replicate it here to fix it?

Thanks! :)

{QUOTE-> Hi Tarnak,

Did you read the first post?


TH <-QUOTE}

Hi Triple Helix,

No, as usual I dived straight in. ::)

I will now uninstall and install this build fresh.;)

Thanks. :)

Firefox build 3.5.2 OS is XP Pro SP3 Firefox in screenie is using the default skin. I have tried it in a couple others and the same thing. Prevx bar laying back in the Google box.

{QUOTE-> Hi Triple Helix,

No, as usual I dived straight in. ::)

I will now uninstall and install this build fresh.;)

Thanks. :) <-QUOTE}

Great :thumb:

{QUOTE-> Firefox build 3.5.2 OS is XP Pro SP3 Firefox in screenie is using the default skin. I have tried it in a couple others and the same thing. Prevx bar laying back in the Google box. <-QUOTE}

Thank you for the information! I think the root issue is actually caused from your OS skin (your start button/taskbar looks very... halloween ;D) Could you let me know what the name of the visual style you have installed is?

Thanks! :)

{QUOTE-> Here's a pic of Firefox with Prevx browser bar.

211863 <-QUOTE}
Hi Joe

Apologies for the delay in getting back but Threedog's screenshot is almost identical to what I would have sent...so +1 here. I am running FF3.5.2 with the default skin...no changes.

Funnily enough in IE 7 the positioning is perfect...stuck to the top right of the address bar.

Cheers


Balders ;)

How do I uninstall? It has been a long time since I last did it. :o

I am still showing Prevx Edge in START > Programs. Prevx Edge is no more.

Joe, is there an uninstall tool or uninstall using CMD ? I don't want go through Add/Remove via Control Panel.;)

{QUOTE-> Thank you for the information! I think the root issue is actually caused from your OS skin (your start button/taskbar looks very... halloween ;D) Could you let me know what the name of the visual style you have installed is?

Thanks! :) <-QUOTE}

Microsoft Zune Theme. I don't have any visual styles installed. I will try the default and see what happens and post back with my findings.

Hi Joe, there seems to be an incompatibility issue with Keyscrambler. The issue arises whenever I type anything into my browser :)

Example:

%z666ettms3ehxb[7=(0jl8v6iv'gyfvp

(With Keyscrambler on I am unable to talk) ;D

Now I am losing my marbles. Last time I restarted FF3 it appeared in the right place, vertically, ie, above address bar if it where not too far over to the right of the panel. I then minimised the panel and when i maximised it again it ad dropped back to where it was in Threedog's screenshot...weird one that.

Hop;D e that this helps?

Ok. Tried with XP default theme, Classic theme, Royale theme. All with Firefox running the default theme. Same positioning for the Prevx bar.

{QUOTE-> How do I uninstall? It has been a long time since I last did it. :o

I am still showing Prevx Edge in START > Programs. Prevx Edge is no more.

Joe, is there an uninstall tool or uninstall using CMD ? I don't want go through Add/Remove via Control Panel.;) <-QUOTE}

Add/Remove via the Control Panel is the default way (and all that it does is run our uninstall command) but you can run:

"c:\program files\prevx\prevx.exe" /prop UNINSTALL=AUTO

from CMD or Start - Run and that will let you uninstall Prevx without using the Control Panel. It may be worth mentioning that we've added back the "Uninstall Prevx" link in the start menu in v3.0.4.183 which should make everyone's life a bit easier when uninstalling/reinstalling :) (the link will not be retroactively added to existing installs yet but we may end up adding this to existing users on upgrade anyway to reduce the support complaints about being unable to uninstall).

Let me know if you have any problems with this! :)

Good idea adding back the "Uninstall Prevx" option. Not that I would ever use it.

{QUOTE-> Hi Joe, there seems to be an incompatibility issue with Keyscrambler. The issue arises whenever I type anything into my browser :)

Example:

%z666ettms3ehxb[7=(0jl8v6iv'gyfvp

(With Keyscrambler on I am unable to talk) ;D <-QUOTE}

Prevx uses a similar technology to KeyScrambler which could potentially cause problems although we haven't seen them in testing.

Could you let me know if you're typing into a Prevx Secured website at the time of it not working or does it happen on any website? (the Prevx tab will be green when typing into a secured website and blue when in an insecured website).

Thanks! :)

Went back to my Zune theme and tried Firefox with some assorted themes. Prevx Bar still sitting in Search box on every one of them.

{QUOTE-> Add/Remove via the Control Panel is the default way (and all that it does is run our uninstall command) but you can run:

"c:\program files\prevx\prevx.exe" /prop UNINSTALL=AUTO

from CMD or Start - Run and that will let you uninstall Prevx without using the Control Panel. It may be worth mentioning that we've added back the "Uninstall Prevx" link in the start menu in v3.0.4.183 which should make everyone's life a bit easier when uninstalling/reinstalling :) (the link will not be retroactively added to existing installs yet but we may end up adding this to existing users on upgrade anyway to reduce the support complaints about being unable to uninstall).

Let me know if you have any problems with this! :) <-QUOTE}

Great I'm glad it's back!

{QUOTE-> Went back to my Zune theme and tried Firefox with some assorted themes. Prevx Bar still sitting in Search box on every one of them. <-QUOTE}

Thanks for the information Threedog and Baldrick (and we aren't trying to cause you to loose your marbles! ;D). I'll work on reproducing this locally and if I can't, I'll forward it onto QA who should be able to reproduce it easier.

On a default install of XP SP3 here I don't experience the problems but your issues being reproducible will be a big help to get this fixed swiftly :)

{QUOTE-> Prevx uses a similar technology to KeyScrambler which could potentially cause problems although we haven't seen them in testing.

Could you let me know if you're typing into a Prevx Secured website at the time of it not working or does it happen on any website? (the Prevx tab will be green when typing into a secured website and blue when in an insecured website).

Thanks! :) <-QUOTE}

It happens on any given website. :lurking:

{QUOTE-> It happens on any given website. :lurking: <-QUOTE}

Thanks for the information - we'll definitely see what we can do to get around this automatically with minimal interference on the user's experience :) I'll let you know or update the thread as soon as we have further information.

Get some rest, Joe. This is only hour 2 of the beta being out and I am off work for the next 3 days so I may find more work for ya. :shifty:

{QUOTE-> Add/Remove via the Control Panel is the default way (and all that it does is run our uninstall command) but you can run:

"c:\program files\prevx\prevx.exe" /prop UNINSTALL=AUTO

from CMD or Start - Run and that will let you uninstall Prevx without using the Control Panel. It may be worth mentioning that we've added back the "Uninstall Prevx" link in the start menu in v3.0.4.183 which should make everyone's life a bit easier when uninstalling/reinstalling :) (the link will not be retroactively added to existing installs yet but we may end up adding this to existing users on upgrade anyway to reduce the support complaints about being unable to uninstall).

Let me know if you have any problems with this! :) <-QUOTE}

Joe, I have started a session in dial up, so if following your instructions necessitates a reboot I will save the uninstall for later. I don't like wasting money, considering I pay enough for dial up as it is. ;) :)

{QUOTE-> Joe, I have started a session in dial up, so if following your instructions necessitates a reboot I will save the uninstall for later. I don't like wasting money, considering I pay enough for dial up as it is. ;) :) <-QUOTE}

The uninstall/reinstall does not require a reboot so you should be fine :)

{QUOTE-> The uninstall/reinstall does not require a reboot so you should be fine :) <-QUOTE}

Uninstalled. Thanks.:)

I will save the reinstall for later....I have other things to do, now.;)

I never noticed this behavior before on 3.0 but with the Beta if you mouse over an exe it will throw up a scan on it. Just went thru my download folder and it worked on every exe file.

{QUOTE-> I never noticed this behavior before on 3.0 but with the Beta if you mouse over an exe it will throw up a scan on it. Just went thru my download folder and it worked on every exe file. <-QUOTE}

This is related to the new protection engine - we've made significant changes throughout the protection engine to improve compatibility with some troublesome AVs. The side effect is that Prevx will sometimes scan extra files when browsing through folders of files in Explorer (on XP in particular) but it does provide significantly improved reliability and shouldn't be too much of a drag when browsing through the system.

No noticed drag here with it at all. I like the feature. :thumb:

Nice alert window! Joe are the list updated daily?

{QUOTE-> Nice alert window! Joe are the list updated daily? <-QUOTE}

It is based on an automated system, updated in realtime as we receive reports (from a number of organizations, our own harvesting, and a heuristic-based analysis system for checking new URLs and scoring them with levels of suspicious characteristics, similar to our antimalware techniques).

On a similar note, if anyone finds any false positives in the URL detection, let me know directly - we have the agent side implementation complete for reporting "Ignore" requests but have yet to hook up the centralized reporting/manual verification of submitted FP URLs so for now I will manually forward them to the research team if any arise :)

I just noticed that sometimes when opening a new program I get an "Invalid Handle" error. I hit OK then open it again and Prevx does a scan and then it runs. I never had this before the beta so I am suspecting that Prevx is blocking the initial opening and then allowing the secondary one. Once the program has been scanned by Prevx there is no further invalid handle errors.

There seems to be problem with Prevx new browser security.

When you open it (click on Prevx icon in browser) and then press Win key + D, then it hides taskbar.

Win XP SP3 all updates installed :)


-
There seems to be problem with Prevx positioning on FF 3.5.3 (Skin: Gradient iCool 1.0.9)

{QUOTE-> No noticed drag here with it at all. I like the feature. :thumb: <-QUOTE}
Yup, very cool and very reassuring! :thumb:

{QUOTE-> We had Immunity Inc. review the technical proficiency of the secured browsing provided by Prevx in this document: http://pxnow.prevx.com/zeroL/SecureBrowserWhitePaper.pdf
<-QUOTE}

Hi Joe

Had a good read of the article and its findings re. impressive in terms of what the review covered but one small question; I noticed the following:

CANVAS:

Without v3.5 - Was able to get screenshots, keylog data
With v3.5 - Was unable to do so unless PrevX configuration modified to non-default Medium setting.

I run with the setting at Minimum. Is there any need for me to change that to Medium or are there plans afoot to make the detection work with the Minimum setting (if that is technically possible)?

Cheers


Baldrick ;)

Hi Joe

Apologies for the bombardment but just another little question; the beta comes set up with protection for https://* protection, and I can see why given that it is mainly on those sites that one might be entering something via a website that a miscreatant program might consider stealing. However, in your opinion is there any point protecting http://*, ie, all non secure sites, other than for reasons of paranoia?

I have set this latter setting up for testing purposes as it allows the best interaction between test material and Prevx. I have seen no ill affects so far...and as far as I can see from initial tects browsing speed is not perceptively affected...so it may be a keeper in terms of fuller protection...but is sensible to do.

Just interested in your learned view...as ever ;D

Back to the testing.

Cheers again


Balders

Hi Joe

Another observation and possible conflict...but I can see why it might happen. I use KeePass to store my logon credentials, amongst other things, and by using an add on app called KeeForm which is extension for KeePass that can launch web sites, scan for user name and password fields, and fill in that information for you automatically:

More info on the app from here: http://keeform.sourceforge.net/

I have it set up to carry out this fucntion for a couple of secure websites and since the start of my use of the Secure Web Browsing feature in Prevx the whole process does not complete successfully or KeeForm gives me an error message mid process. Nothing serious that cannot be handled manually without too much trouble but neverthe less an incompatibility that I thought it would be worth reporting.

Whilst KeeForm can still call up the web page, scan for user name and password fields, and fill in that information for you automatically previously it was able to automatically adavnce to the next web page where information MUST be entered manually. But now the auto advance (which is configured in the partameters of the command that is run by KeePass when requested) is now blocked...or so the message from KeeForm indicates that.

As I said at the beginning, I can understand why this might occur, given what the Secure Web Browsing feature is designed to do, and it is no big deal but it would be nice if there was some way to resolve this.

I am sure that KeePass/KeeForm is not the only Password Manger that offers ths sort of functionality and so if it affects other similarly might it be possible to consider some sort of coud-based White List for these sort of applications so tha what they do is not intrefered with? Just a thought but, and this is my personal view, if such a feature would compromise overall security/cause a drag on Prevx's performance (whch is superb ;) ) then lets forget the idea.

Your humbly


Baldrick

1. IMO the Blacklisted Domain-alert should have a checkbox saying something like "I know the risk involved and want to proceed" and that the user has to check this one before being able to push the Ignore-button.

2. What about HTTP and other protocols, like FTP, etc.? I would definitely want protection for any other protocol than HTTPS as well - just logging into forums comes to mind straight away.

3. Can I add other applications to be protected - non-browser applications, that's? Games for example?

{QUOTE-> 1. IMO the Blacklisted Domain-alert should have a checkbox saying something like "I know the risk involved and want to proceed" and that the user has to check this one before being able to push the Ignore-button.

2. What about HTTP and other protocols, like FTP, etc.? I would definitely want protection for any other protocol than HTTPS as well - just logging into forums comes to mind straight away.

3. Can I add other applications to be protected - non-browser applications, that's? Games for example? <-QUOTE}

Raven, HTTP, FTP etc can be added. However, the user must configure it.

{QUOTE-> Raven, HTTP, FTP etc can be added. However, the user must configure it. <-QUOTE}

... :P

Indeed they can and I think that it would be useful for some expert (and I am not such a person) either in the forum or from Prevx...to kindly offer some guidance or even some template settings for http and ftp, I have currently got a user defined entry set up to cater for all http, ie, http://*, which I have based on the default https:// provided.

Any takes out there? ;)

Hopefully, as I get a little more au fait with the functionality I will be able to tweak this user defined entry appropriately.

And I suspect that I can most probably get round the issue I posted earlier, ie, with KeeForm running under Prevx, by setting up a URL-specific entry for the URLs where I am likely to use KeeForm...but that will take some experimenting.

Hi Joe

Don't know if this is bugette but the Secure Web Browsing-related tab does not seem to allow/reflect the status of the expanded dialog especially when IP Verification Status is 'IP to be verified...' which is yellow/amber in the expanded dialog but still shows as Green & Ticked in the tab. It does change to the right colour/symbol once verifications has been carried out based on whatever the verification fids...as far a I can see...but it is possible for someone to see Green/Tick initially and then not notice the change to Blue/Exclamation Mark (which does not seem to generate a popup...is that correct?).

As I said, don't know if that is important but my suggestion would be that for site not yet verified the tab starts as Blue/Exclamation Mark or perhaps Yellow/ a 'V' to indicate verification is in progress.

Just a thought!

Cheers



Balders ;D

Prevx 3.0.4.183 crashes often 'out of the blue' here, sure it 'repairs' itself after that coming back with green light, but I thought I'd let you know. This WinXP Pro SP3 screen was captured with Hypersnap TextSnap function, normal screenshot didn't work (because of that blocking function of Prevx I believe .. screen was black for the program.)

{QUOTE-> Prevx 3.0
Problemsignatur
szAppName : prevx.exe szAppVer : 3.0.4.183 szModName : msvcr71.dll
szModVer : 7.10.3052.4 offset : 000121f9

Berichten von Details
Ihr Problembericht enthält Folgendes: Informationen über den Zustand von Prevx 3.0 zum Zeitpunkt, als
das Problem auftrat; die Betriebssystemversion und verwendete Computerhardware; die digitale Product
ID, die zum Identifizieren der Lizenz verwendet werden kann; die Internetprotokolladresse (IP) des
Computers.

Wir beabsichtigen nicht, Ihren Namen sowie Ihre Adresse, E-Mail-Adresse oder sonstige persönliche
Daten zu ermitteln. Es kann aber vorkommen, dass der Fehlerbericht kundenspezifische Informationen
enthält, wie z.B. Daten aus geöffneten Dateien. Diese Informationen, falls vorhanden, könnten zum
Feststellen Ihrer Identität verwendet werden.

Die ermittelten Daten werden jedoch nur zur Problembehebung verwendet. Falls weitere Informationen
vorliegen, werden wir Sie zum Zeitpunkt Ihrer Problemmeldung darüber informieren. Die Informationen
werden in einer sicheren Datenbank mit eingeschränktem Zugriff gespeichert. Ihr Bericht wird nicht zu
Werbezwecken verwendet.

Um technische Informationen zu dem Problembericht zu sehen, klicken Sie hier.
Um unsere Datensammlungsrichtlinien im Web zu sehen, klicken Sie hier. Schließen
<-QUOTE}

Hi Joe.

Why do i have to add protection for each singel website? What about a checkbox to do that for every website?

I have some issues here. System is Vista Home with FF 3.5.2.

I installed the Beta over the existing version.

First i tested the Secure Browser with sandboxed FF. Everything works fine. The quick scan was started bevor i could login.
After that i tried it on another site. The quick scan starts as normal. I hit "stop scan" and logged myself in.

After that i tried it with normal FF without sandboxie. It works (shows the PrevX tab) but the quick scan is not running but the config for that site says it should be.

Now i do not get the PrevX Tab in sandboxed FF. Only in normal FF but the quick scan does not work.

{QUOTE-> First i tested the Secure Browser with sandboxed FF. Everything works fine. The quick scan was started bevor i could login.
After that i tried it on another site. The quick scan starts as normal. I hit "stop scan" and logged myself in.

After that i tried it with normal FF without sandboxie. It works (shows the PrevX tab) but the quick scan is not running but the config for that site says it should be. <-QUOTE}

This is a "feature" (:P not trying to be annoying but it is intentional ;D) - if you abort a scan, we won't try and rescan the next time around. However, I think this may be confusing to users who are expecting the scan to start - I'll see what changes we can make for this :)

{QUOTE-> Now i do not get the PrevX Tab in sandboxed FF. Only in normal FF but the quick scan does not work. <-QUOTE}

I suspect there are some issues when dealing with sandboxed browsers. It is our goal to eventually support them but there are many areas which need to be handled quite differently.

{QUOTE-> Hi Joe.

Why do i have to add protection for each singel website? What about a checkbox to do that for every website? <-QUOTE}

By default, https websites are protected. HTTP websites are inherently far less secure than https because of the lack of security on the data coming from the client PC to the server, which is why we don't show a Green tab by default or automatically protect http.

You can configure it to protect all http websites, however, by clicking the tab, click Configure, All Websites, type http://* and then click Add and tick the boxes as desired.

You can also protect a single website on-demand by clicking the Tab and then clicking Add Protection, which will immediately load protection over that website.

Let me know if you have any other questions! :)

{QUOTE-> Prevx 3.0.4.183 crashes often 'out of the blue' here, sure it 'repairs' itself after that coming back with green light, but I thought I'd let you know. This WinXP Pro SP3 screen was captured with Hypersnap TextSnap function, normal screenshot didn't work (because of that blocking function of Prevx I believe .. screen was black for the program.) <-QUOTE}

Thank you for the information - we'll try and investigate this from the crash offset provided but if it does occur more frequently or can be reproduced on demand, please let us know and we'll work on how to diagnose it further with you.

{QUOTE-> Hi Joe

Don't know if this is bugette but the Secure Web Browsing-related tab does not seem to allows reflect the staus of the expanded dialog especially when Ip Verification Status is 'IP to be verified...' which is yellow/amber in the expanded dialog but still shows as Green & Ticked in the tab. It does change to the right colour/symbol once verifications has been carried out based on whatever the verfication fids...as far s I can see...but it is possible for someone to see Green/Tick initially and then not notice the change to Blue/Exclamation Mark (which does not seem to generate a popup...is that correct?).

As I said, don't know if that is important but my suggestion would be that for site not yet verified the tab starts as Blue/Exclamation Mark or perhaps Yellow/ a 'V' to indicate verification is in progress.

Just a thought! <-QUOTE}

I agree - I think that is a good feature to have in. The IP address verification will take a minute or so to complete (possibly longer for some webites like GMail). If the IP Address Verification were to fail (saying that the website is malicious), a black "block" screen will show immediately which should be a good deterrent :)

{QUOTE-> 1. IMO the Blacklisted Domain-alert should have a checkbox saying something like "I know the risk involved and want to proceed" and that the user has to check this one before being able to push the Ignore-button. <-QUOTE}

:thumb: Definitely agreed.

{QUOTE-> 2. What about HTTP and other protocols, like FTP, etc.? I would definitely want protection for any other protocol than HTTPS as well - just logging into forums comes to mind straight away. <-QUOTE}

Just replied to that one here: http://www.wilderssecurity.com/showpost.php?p=1536653&postcount=68

{QUOTE-> 3. Can I add other applications to be protected - non-browser applications, that's? Games for example? <-QUOTE}

Currently no, but we technically can add this protection as the core of the protection does not exist within the browser, but in kernel mode. We've focused on the browsers currently as they are the primary target for fraud/theft but are planning a version to cover a wider scope of applications later down the roadmap :)

{QUOTE->
I am sure that KeePass/KeeForm is not the only Password Manger that offers ths sort of functionality and so if it affects other similarly might it be possible to consider some sort of coud-based White List for these sort of applications so tha what they do is not intrefered with? Just a thought but, and this is my personal view, if such a feature would compromise overall security/cause a drag on Prevx's performance (whch is superb ;) ) then lets forget the idea. <-QUOTE}

I think it is a very good addition - we currently have some techniques in place to allow a key manager to write to the screen but not read from the screen and I suspect we're bugging up KeePass/KeeForm somewhere along the line in its process as we block browser access pretty tightly :)

I'll add them to the list of known issues and will definitely be seeing how we can implement a system to securely allow them to still function properly!

{QUOTE-> Hi Joe

Apologies for the bombardment but just another little question; <-QUOTE}

Bombardment is recommended and encouraged! :)

{QUOTE-> the beta comes set up with protection for https://* protection, and I can see why given that it is mainly on those sites that one might be entering something via a website that a miscreatant program might consider stealing. However, in your opinion is there any point protecting http://*, ie, all non secure sites, other than for reasons of paranoia?

I have set this latter setting up for testing purposes as it allows the best interaction between test material and Prevx. I have seen no ill affects so far...and as far as I can see from initial tects browsing speed is not perceptively affected...so it may be a keeper in terms of fuller protection...but is sensible to do.

Just interested in your learned view...as ever ;D <-QUOTE}

I've replied partially here: http://www.wilderssecurity.com/showpost.php?p=1536653&postcount=68 and should add another point that we also block screen capturing and it could get a bit annoying if you do take many screenshots.

We've had requests for http:// protection from other places as well but for now we're still holding off on it, mostly to limit the scope of issues for the initial release, but we can definitely add it in if everything clears fine.

{QUOTE-> I run with the setting at Minimum. Is there any need for me to change that to Medium or are there plans afoot to make the detection work with the Minimum setting (if that is technically possible)? <-QUOTE}

In the new version (if you uninstall and reinstall), it will automatically set up the protection to Maximum. We've re-engineered the self protection engine to be much more compatible across the system and with other security products so you shouldn't encounter any problems when using it on Maximum.

One note, however, is that their testing was related to directly attacking Prevx and using it to then attack the system. While this is definitely a good area to lock down, the risk is relatively low as a threat would have to be Prevx-aware and focus primarily on injecting itself into Prevx, which is (essentially) impossible to do on Maximum.

{QUOTE-> I just noticed that sometimes when opening a new program I get an "Invalid Handle" error. I hit OK then open it again and Prevx does a scan and then it runs. I never had this before the beta so I am suspecting that Prevx is blocking the initial opening and then allowing the secondary one. Once the program has been scanned by Prevx there is no further invalid handle errors. <-QUOTE}

That's quite interesting - could you let me know what programs you're opening that you receive this warning on? "Invalid Handle" is the warning which Prevx produces when a program tries to terminate it or access its memory so its possible that this is related to the self protection and memory protection put in place over the browser.

Thanks! :)

{QUOTE-> There seems to be problem with Prevx new browser security.

When you open it (click on Prevx icon in browser) and then press Win key + D, then it hides taskbar.

Win XP SP3 all updates installed :) <-QUOTE}

I didn't immediately reproduce this but indeed it sounds like an issue which can be caused by Prevx - I'll add it to the list and we'll get it fixed hopefully in the next release :)

{QUOTE-> There seems to be problem with Prevx positioning on FF 3.5.3 (Skin: Gradient iCool 1.0.9) <-QUOTE}

That tab positioning looks relatively accurate for that skin. Where would you like the tab to appear in this case?

{QUOTE-> In the new version (if you uninstall and reinstall), it will automatically set up the protection to Maximum. We've re-engineered the self protection engine to be much more compatible across the system and with other security products so you shouldn't encounter any problems when using it on Maximum.

One note, however, is that their testing was related to directly attacking Prevx and using it to then attack the system. While this is definitely a good area to lock down, the risk is relatively low as a threat would have to be Prevx-aware and focus primarily on injecting itself into Prevx, which is (essentially) impossible to do on Maximum. <-QUOTE}
OK, cheers for the response...will up the protection level to Medium and see how it interacts withthe SYstem & KIS 2010.

Will post back if I detect any issues.

;D

{QUOTE-> OK, cheers for the response...will up the protection level to Medium and see how it interacts withthe SYstem & KIS 2010.

Will post back if I detect any issues. <-QUOTE}

We haven't tested with KIS 2010 yet but have tested with KIS 2009 and it all works fine :) Let me know what you find!

{QUOTE-> By default, https websites are protected. HTTP websites are inherently far less secure than https because of the lack of security on the data coming from the client PC to the server, which is why we don't show a Green tab by default or automatically protect http.

You can configure it to protect all http websites, however, by clicking the tab, click Configure, All Websites, type http://* and then click Add and tick the boxes as desired.

You can also protect a single website on-demand by clicking the Tab and then clicking Add Protection, which will immediately load protection over that website.

Let me know if you have any other questions! :) <-QUOTE}


1. I guess there must be some drawback with this new feature since otherwise it would be a feature that scales over the whole system and your activities?

2. If I add a particular website, it gets added to the list of protected items, right? (In other words it's not just temporarily for that session or so?)

{QUOTE->
I've replied partially here: http://www.wilderssecurity.com/showpost.php?p=1536653&postcount=68 and should add another point that we also block screen capturing and it could get a bit annoying if you do take many screenshots.
<-QUOTE}

I have just had this problem when trying to use Screenshot Captor so I will not raise seperately but I think that Whitelisting this sort of applciation either locally or in the cloud might pay dividend in terms of usability...if it does not impact performance in which case I would just turn off protection temporarily, capture the screen & then switch abck on.

;D

{QUOTE-> I agree - I think that is a good feature to have in. The IP address verification will take a minute or so to complete (possibly longer for some webites like GMail). If the IP Address Verification were to fail (saying that the website is malicious), a black "block" screen will show immediately which should be a good deterrent :) <-QUOTE}

Interestingly enough this forum comes up as Exclamation Mark/Blue even though I have a generic http://* rule set (the expanded dialog does say Verified by Prevx re. the IP address) and will only go Green/Tick if I set up a specific site entry via the dialog's Add Protection option.

But even more strangely if I then go into the newly created entry (using the Configure option in the expanded dialog) and click Cancel I am returned to the web page with the dialog now should Amber/Padlock (despite the expanded dialog stating SSL Status = Insecure HTTP Traffic & IP Verification = Verified by Prevx)...hmmmmmmm...something not right there. ???

{QUOTE-> We haven't tested with KIS 2010 yet but have tested with KIS 2009 and it all works fine :) Let me know what you find! <-QUOTE}
Will most certainly do that...but I do not expect to find anything given past history!

{QUOTE-> Interestingly enough this forum comes up as Exclamation Mark/Blue even though I have a generic http://* rule set (the expanded dialog does say Verified by Prevx re. the IP address) and will only go Green/Tick if I set up a specific site entry via the dialog's Add Protection option.

But even more strangely if I then go into the newly created entry (using the Configure option in the expanded dialog) and click Cancel I am returned to the web page with the dialog now should Amber/Padlock (despite the expanded dialog stating SSL Status = Insecure HTTP Traffic & IP Verification = Verified by Prevx)...hmmmmmmm...something not right there. ??? <-QUOTE}

Hmmm... something definitely not right. I suspect this is an issue updating the status - I just added an http://* entry here and ticked all of the boxes down the side and Wilders went green immediately but that sounds like something where we aren't immediately applying the status. It may be worth closing the browser and reopening it to see if it refreshes the status correctly when adding a new http://* rule.

I'll dig deeper into this to see what may be going wrong :) Thanks for the information!

{QUOTE-> I didn't immediately reproduce this but indeed it sounds like an issue which can be caused by Prevx - I'll add it to the list and we'll get it fixed hopefully in the next release :) <-QUOTE}

Thanks!
I will try again when I get home (just to be sure)

{QUOTE-> That tab positioning looks relatively accurate for that skin. Where would you like the tab to appear in this case? <-QUOTE}
A little bit right = perfect ;D

{QUOTE-> I have just had this problem when trying to use Screenshot Captor so I will not raise seperately but I think that Whitelisting this sort of applciation either locally or in the cloud might pay dividend in terms of usability...if it does not impact performance in which case I would just turn off protection temporarily, capture the screen & then switch abck on. <-QUOTE}

That is probably the best way for now. We are a bit "draconian" when it comes to screen protection. We're going to be opening it up to be able to be disabled easier by the user but right now you may want to just use the PrntScrn button on your keyboard: we detect that and then allow it through if the user agrees.

There are a few other programs which won't be able to capture screenshots currently, like the program SnagIt and malware ;D Our concern with allowing specific programs to see the screen if the user runs them is that malware could potentially hijack legitimate copies of those programs and then steal screen contents by-proxy with them.

Therefore, we will probably leave the protection to be disabled on demand, which should be the safest way. There "may" be an issue disabling the protection for screen contents without restarting your browser currently which is probably the largest annoyance for protecting http://* websites but we will be making this easier for the user, possibly with a dedicated button to "Suspend Protection" (or working off of the normal Prevx Realtime Protection from the tray icon to suspend browser protection also).

{QUOTE-> 1. I guess there must be some drawback with this new feature since otherwise it would be a feature that scales over the whole system and your activities? <-QUOTE}

The real drawback is the unknown - I think we'll feel much more confident with the cross-compatibility once we have more public testing on strange setups (Wilders is indeed famous for these :)) but right now the main annoyances are custom screen capture tools (requires disabling/restarting the browser) and some password managers.

Some other programs may also run into problems if we were to protect the entire system - one being multi-computer setups with a shared keyboard/mouse that require transmitting the keyboard data across the network. They are all somewhat stray cases but our goal is to make this protection absolutely transparent and I think we just need some wider public exposure to get a handle on where the potential clash points are.

{QUOTE-> 2. If I add a particular website, it gets added to the list of protected items, right? (In other words it's not just temporarily for that session or so?) <-QUOTE}

Correct - it is always protected then, including cross-browser (i.e. Opera/Firefox/IE/Chrome all use the same, shared settings so you don't have to add it individually for each) :)

{QUOTE-> Hmmm... something definitely not right. I suspect this is an issue updating the status - I just added an http://* entry here and ticked all of the boxes down the side and Wilders went green immediately but that sounds like something where we aren't immediately applying the status. It may be worth closing the browser and reopening it to see if it refreshes the status correctly when adding a new http://* rule.

I'll dig deeper into this to see what may be going wrong :) Thanks for the information! <-QUOTE}
OK, tried it again by clicking on the link in the email notifying me of your response. Thread appears in IE with the Prevx Tab = GREEN. Opened the dialog and all is well. Clicked Add Protection to set up a specific entry and got the Web Site Protected/Green remaining. Then clicked Configure to get at the details and in there clicked Remove (which asked for a Confirm to which I said Yes) and expanded dialog closed/Tab turned Exclamation Mark/Blue.

If I go back into the expanded dialog and click Add Protection the tab turns back toTick/Green.

I think that the issue is that when specific site protection is removed Prevx does not check to see if there is a generic rule, ie, http://* in the list for it to use/refer to...just a guess mind.

Will keep checking. ;D

{QUOTE-> That is probably the best way for now. We are a bit "draconian" when it comes to screen protection. We're going to be opening it up to be able to be disabled easier by the user but right now you may want to just use the PrntScrn button on your keyboard: we detect that and then allow it through if the user agrees. <-QUOTE}

Keep being draconian...I am all for it as the basis for going forward! :thumb:

{QUOTE-> Therefore, we will probably leave the protection to be disabled on demand, which should be the safest way. There "may" be an issue disabling the protection for screen contents without restarting your browser currently which is probably the largest annoyance for protecting http://* websites but we will be making this easier for the user, possibly with a dedicated button to "Suspend Protection" (or working off of the normal Prevx Realtime Protection from the tray icon to suspend browser protection also). <-QUOTE}

Sounds like a plan and I believe that the future apparaoch suggested will be a very good compromise between security & usability. ;D

{QUOTE->
I thinkthat the issue is that when specific site protection is removed Prevx does not check to see if there is a generic rule, ie, http://* in the list for it to use/refer to...just a guess mind. <-QUOTE}

:thumb: :thumb: That is precisely what the issue is ;D I've reproduced it here by clicking Add Protection, adding an http://* rule, then opening config and clicking "Remove" - the tab stays blue and doesn't recover :)

Very nice find and definitely a good logic issue to get fixed!

{QUOTE-> Very nice find and definitely a good logic issue to get fixed! <-QUOTE}

Excellent! Will keep giving it some wellie. ;D ;D

I have just run the initial scan after a fresh install. It shows one detection.

A subsequent scan a few minutes later showed 18 detections. Obviously, FPs in both these scans. Relevant scan log as follows:

Prevx Scan Log - Version v3.0.4.183
Log Generated: 5/9/2009 22:49, Type: 1,8192
Windows XP Professional Service Pack 2 (Build 2600) 32bit|1033
Hostname: kris-d101a3c30d
Some non-malicious files are not included in this log.
Heuristics Settings: Age: 1, Pop: 1, Heu: 2 (Dir: 1)
Last Scan: Sat 2009-09-05 22:27:37 E. Australia Standard Time. Number of Scans: 2. Last Scan Duration: 5 minutes 36 seconds.
[B] (ACTIVE) c:\program files\ewido\security suite\lang.dll [PX5: 68090E204011E827600A00CF08357800F55AC95E] Malware Group: Medium Risk Malware
[B] c:\$isr\5\utilities\copy of usb key-damaged\ewido backup\ewido\security suite\lang.dll [PX5: 68090E204011E827600A00CF08357800F55AC95E] Malware Group: Medium Risk Malware
[B] c:\$isr\6\copy of external\today 061207\backups\program files\ewido\security suite\lang.dll [PX5: 68090E204011E827600A00CF08357800F55AC95E] Malware Group: Medium Risk Malware
[B] c:\$isr\6\program files\ewido\security suite\lang.dll [PX5: 68090E204011E827600A00CF08357800F55AC95E] Malware Group: Medium Risk Malware
[B] c:\$isr\6\copy of external\today 061207\ewido backup\ewido\security suite\lang.dll [PX5: 68090E204011E827600A00CF08357800F55AC95E] Malware Group: Medium Risk Malware
[B] c:\$isr\6\utilities\copy of usb key-damaged\ewido backup\ewido\security suite\lang.dll [PX5: 68090E204011E827600A00CF08357800F55AC95E] Malware Group: Medium Risk Malware
[B] c:\$isr\6\utilities\copy of usb key-damaged\ewido backup\ewido security suite 3.5 copy 2\ewido\security suite\lang.dll [PX5: 68090E204011E827600A00CF08357800F55AC95E] Malware Group: Medium Risk Malware
[B] c:\$isr\6\copy of external\today 061207\ewido backup\ewido security suite 3.5 copy 2\ewido\security suite\lang.dll [PX5: 68090E204011E827600A00CF08357800F55AC95E] Malware Group: Medium Risk Malware
[B] c:\$isr\1\utilities\copy of usb key-damaged\ewido backup\ewido\security suite\lang.dll [PX5: 68090E204011E827600A00CF08357800F55AC95E] Malware Group: Medium Risk Malware
[B] c:\$isr\1\utilities\copy of usb key-damaged\ewido backup\ewido security suite 3.5 copy 2\ewido\security suite\lang.dll [PX5: 68090E204011E827600A00CF08357800F55AC95E] Malware Group: Medium Risk Malware
[B] c:\$isr\5\program files\ewido\security suite\lang.dll [PX5: 68090E204011E827600A00CF08357800F55AC95E] Malware Group: Medium Risk Malware
[B] c:\$isr\5\utilities\copy of usb key-damaged\ewido backup\ewido security suite 3.5 copy 2\ewido\security suite\lang.dll [PX5: 68090E204011E827600A00CF08357800F55AC95E] Malware Group: Medium Risk Malware
[B] c:\$isr\5\copy of external\today 061207\ewido backup\ewido\security suite\lang.dll [PX5: 68090E204011E827600A00CF08357800F55AC95E] Malware Group: Medium Risk Malware
[B] c:\$isr\5\copy of external\today 061207\ewido backup\ewido security suite 3.5 copy 2\ewido\security suite\lang.dll [PX5: 68090E204011E827600A00CF08357800F55AC95E] Malware Group: Medium Risk Malware
[B] c:\$isr\5\copy of external\today 061207\backups\program files\ewido\security suite\lang.dll [PX5: 68090E204011E827600A00CF08357800F55AC95E] Malware Group: Medium Risk Malware
[B] c:\utilities\copy of usb key-damaged\ewido backup\ewido\security suite\lang.dll [PX5: 68090E204011E827600A00CF08357800F55AC95E] Malware Group: Medium Risk Malware
[B] c:\utilities\copy of usb key-damaged\ewido backup\ewido security suite 3.5 copy 2\ewido\security suite\lang.dll [PX5: 68090E204011E827600A00CF08357800F55AC95E] Malware Group: Medium Risk Malware
[B] c:\$isr\1\program files\ewido\security suite\lang.dll [PX5: 68090E204011E827600A00CF08357800F55AC95E] Malware Group: Medium Risk Malware

See screenshots attached.

Seems like RED--Scan--Cancel scan--Prevx turns on green icon is still here :P
Same with "Scan required"
When you hit Scan, and after that Cancel, then it turns into green. But scan hasn't been finished :D

Upgraded to 3.0.4.183 and now doesn't detect notpad.exe or badpx5.rar again. Will try an uninstall and reinstall, but permanent fix does not seem to work.

Looks like I was sleeping. Nice build

{QUOTE-> I have just run the initial scan after a fresh install. It shows one detection.

A subsequent scan a few minutes later showed 18 detections. Obviously, FPs in both these scans. Relevant scan log as follows: <-QUOTE}

Fixed, thanks :) The 18 detections are all detections of copies of the one FP (Prevx scans for duplicate files across your entire system when it finds one malicious program).

{QUOTE-> Seems like RED--Scan--Cancel scan--Prevx turns on green icon is still here :P
Same with "Scan required"
When you hit Scan, and after that Cancel, then it turns into green. But scan hasn't been finished :D <-QUOTE}

We still need to have a "Scan required" tray icon state - we will be adding this into one of the next builds as a blue circle in the center instead of a green one :)

Thanks for the suggestion!

{QUOTE-> Upgraded to 3.0.4.183 and now doesn't detect notpad.exe or badpx5.rar again. Will try an uninstall and reinstall, but permanent fix does not seem to work. <-QUOTE}

:-\ If you haven't uninstalled/reinstalled yet, could you send us the files in C:\Documents and Settings\All Users\Application Data\PrevxCSI\ (on XP or C:\ProgramData\PrevxCSI\ on Vista/7) to report@prevxresearch.com?

Across about a dozen users, the new 3.0.4.x builds have corrected the detection problems and we haven't had any further reports of similar problems. Could you let me know what type of scan you were running (right click/normal scan/realtime scan?)

(Also, is your current setup still what is in your signature?)

(Also also - can you try running (from a command prompt): sc query pxrts and let me know what the state of that service is?)

Already uninstalled, reinstalled but am trying a direct install of the beta instead of an upgrade from 65. Will let you know how it turns out.

Suggestion:

On Web Browser Security configuration (inside Prevx) there is no button for exit except Cancel which may be little confusing (Did it save my settings or not...:shifty: )
Maybe add a button "Close"

{QUOTE-> Suggestion:

On Web Browser Security configuration (inside Prevx) there is no button for exit except Cancel which may be little confusing (Did it save my settings or not...:shifty: )
Maybe add a button "Close" <-QUOTE}

Good suggestion - to clarify the current behavior:

Changing tickboxes in a configuration screen will not save the changes unless you click Save.

Changing tickboxes and clicking the X or "All Websites" link within that configuration page will ignore the changes you've made.

Clicking "Configure" to add a password to be protected will save the password as soon as you click Add (even if you click Cancel on the next screen).

Clicking "Reset" reverts to the configuration you had set before you made changes, not the default configuration.

Clicking "Remove" removes all configuration for that domain or policy immediately (after prompting).

Also a small note: we've posted this beta without much instruction whatsoever partially as an experiment to see where the usability quirks lie and how to make it as seamless as possible for the end user. We will have a full userguide made when it is officially released but for now, please let us know if you have any other questions like this one :)

{QUOTE-> Hello all,
I'm pleased to post the first public download to new users of the new Prevx RC:

32bit: http://info.prevx.com/download.asp?grab=edgebeta (ignore the "edgebeta" part of the URL - this download is RC1 :))
64bit: http://info.prevx.com/download.asp?grab=edgebeta64 (the web security functionality is not 64bit compatible yet but there are significant improvements "under-the-hood" of Prevx for 64bit still)

We had Immunity Inc. review the technical proficiency of the secured browsing provided by Prevx in this document: http://pxnow.prevx.com/zeroL/SecureBrowserWhitePaper.pdf

You "can" upgrade your existing installation to this build but it will automatically disable the new browser security features so it may be best to uninstall and the install this build fresh to get a better feel for the functionality right out-of-the-box.

You will need to close/restart open browser instances to receive the full protection benefits (which will be outlined in some third party whitepapers coming soon.

Current known issues/incompatibilities are:
- Incompatibility with Opera v10
- Incompatibility with Sandboxie
- Some issues with cookie cleaners
- Incomplete Safari support
- An intermittent issue loading PDF files in Adobe Reader on Windows 7
- Incompatibility with KeyScrambler because of similar technology being used
- Tab positioning issues on some Firefox installations
- Some logical issues adding protection/removing protection
- Partial incompatibility with KeePass/KeeForm
- Browser protection will be merged with the Stop Protection in Prevx to allow the user to take screenshots if wanted <-QUOTE}
Nod 32 detecting 32bit dl as Trojan "genetik" any ideas?

{QUOTE-> Nod 32 detecting 32bit dl as Trojan "genetik" any ideas? <-QUOTE}

This is a known false positive from them - nothing to worry about as the software is clean but you may want to locally trust the download just to prevent any issues between the two :)

Had to uninstall Prevx TC 3.0.4.183 now because it crashed much to often here. Last time I started an opera10 session with very much topen tabs. Prevx was using then 50 % of my X2 4850e cpu and I couldn't cancel a scan which was hanging at 99% - obviously the reason for that. - I removed Prevx for the time being and maybe try it again when it isn't beta anymore. In my experience this version is no way RC (secure browser function). Much to unstable yet. If it crashes and you can't kill it via taskmanager (because of it's self protection I guess?) you have to reboot all the time and that's no fun. At least not for me. ;)

{QUOTE-> Had to uninstall Prevx TC 3.0.4.183 now because it crashed much to often here. Last time I started an opera10 session with very much topen tabs. Prevx was using then 50 % of my X2 4850e cpu and I couldn't cancel a scan which was hanging at 99% - obviously the reason for that. - I removed Prevx for the time being and maybe try it again when it isn't beta anymore. In my experience this version is no way RC (secure browser function). Much to unstable yet. If it crashes and you can't kill it via taskmanager (because of it's self protection I guess?) you have to reboot all the time and that's no fun. At least not for me. ;) <-QUOTE}

Hello,
Sorry for the poor experience :-[ The issues you have experienced are known issues - we not fully compatible with Opera v10 at the moment but will be improving this compatibility in the next update.

I recommend reverting back to the live, v3.0.1.65 version for now without the secure browser functionality until we correct these issues.

Just noticed - another thing is working again after I *uninstalled* Prevx:

I am *now* able again to watch .avi with BS Player PRO in foreground (small window, always in front) while at the same time surfing with IE8 / Firefox 3.5.3. Using scroll bars etc. No problem at all.

When I had Prevx 3.0.4.183 running I often (not always, it seemed to repair itself a few times) couldnt' scroll etc. because the browser windows were not 'accessible' somehow. Like dead or crashed. I had this never before running the new Prevx version and after uninstalling it's back to normal. So I guess this is no coincidence? ;)

{QUOTE-> Just noticed - another thing is working again after I *uninstalled* Prevx:

I am *now* able again to watch .avi with BS Player PRO in foreground (small window, always in front) while at the same time surfing with IE8 / Firefox 3.5.3. Using scroll bars etc. No problem at all.

When I had Prevx 3.0.4.183 running I often (not always, it seemed to repair itself a few times) couldnt' scroll etc. because the browser windows were not 'accessible' somehow. Like dead or crashed. I had this never before running the new Prevx version and after uninstalling it's back to normal. So I guess this is no coincidence? ;) <-QUOTE}

I suspect this is not a coincidence :) Prevx isolates the browser so a program like this may introduce some difficulty. I've added it to the "incompatible" list. Thank you for the information!

since this is in beta is it free? or will it install as a trial. reason i ask is im definatly gonna buy prevx as soon as i can afford it extra lol.

{QUOTE-> since this is in beta is it free? or will it install as a trial. reason i ask is im definatly gonna buy prevx as soon as i can afford it extra lol. <-QUOTE}

The release candidate is free and the secure browsing functionality will remain free after the testing is complete. The antimalware (cleanup/protection) will still be pay-for features but you will still be able to detect threats and browse with added security with the free version of Prevx when it is released :)

Hi Joe
Regarding the invalid handle issue. It seemed to be any program which I hadn't used yet on this new image. Paint, Photoshop, and Seagate utilities were three of them for sure. I hadn't put two and two togeather on it until later on. But once you restart these programs and prevx does it's scan there is no further problems. I might restore another image later on today when I get some time and install the Beta to see if I can reproduce it.

{QUOTE->

Also a small note: we've posted this beta without much instruction whatsoever partially as an experiment to see where the usability quirks lie and how to make it as seamless as possible for the end user. We will have a full userguide made when it is officially released but for now, please let us know if you have any other questions like this one :) <-QUOTE}
Yes, yes, yes...8) A concise description of what the various protection features are, what they do, and how and what each setting affects with respect to protection/performance. Preferrably done in a "Betty Crocker" pictorial and text format so that one can understand the relationship between your nomenclature and a particular setting and/or dialog box...:blink:...:argh:

Not to be critical but, at the moment, it is rather difficult for one to interpret what protection one will gain, what one has, or how to go about anything other than the default settings...

galileo

Joe,
On the Configuration page under 'Credential Protection' you have the option 'Protect my credit card details' and a empty tick box - I cannot get it to accept a tick in there no matter if I am in a protected site or not.
How exactly is this used and activated?

Another question, does anyone have this Beta running with DefenseWall without problems.
Did you try running it against DefenseWall in your testing for compatibilities at all Joe.

Just thought I would ask and possibly save myself some problems ;D

I installed a new image and the beta and then tried to reproduce the invalid handle problem without success. Maybe it was just an isolated event on the other install. Will post back if it re-occours.

{QUOTE-> Joe,
On the Configuration page under 'Credential Protection' you have the option 'Protect my credit card details' and a empty tick box - I cannot get it to accept a tick in there no matter if I am in a protected site or not.
How exactly is this used and activated? <-QUOTE}

Currently this feature isn't switched on - we're still deciding on how to integrate it without giving the users a false sense of insecurity. By default, Prevx will protect all data entered in the browser and received from the browser so there isn't much of a need to further protect specific credentials. The real "protection" provided by securing credentials like this would just be to warn the user if they try to enter them outside of an HTTPS website.

However, because the user would have had to manually configure the credentials to be protected they would most likely already have a pretty good handle on security and wouldn't mistakenly enter their credit card details on an HTTP website so the feature may actually never provide any benefit for anyone who actually uses it.

Therefore, we are still debating its usefulness :) That checkbox may end up being removed in the next build but we should have more details soon as to the fate of it :)

{QUOTE-> Another question, does anyone have this Beta running with DefenseWall without problems.
Did you try running it against DefenseWall in your testing for compatibilities at all Joe.

Just thought I would ask and possibly save myself some problems ;D <-QUOTE}

We have not tested it with DefenseWall at all. The antimalware components should still be fully compatible but it is possible that the secure browser may have some incompatibilities with DefenseWall (some users have reported incompatibilities with Sandboxie already so there may be some overlapping issues).

{QUOTE-> We have not tested it with DefenseWall at all. The antimalware components should still be fully compatible but it is possible that the secure browser may have some incompatibilities with DefenseWall (some users have reported incompatibilities with Sandboxie already so there may be some overlapping issues). <-QUOTE}

Defensewall guy here preparing to take the plunge, will report back in a couple of days.


Mike

{QUOTE-> Currently this feature isn't switched on - we're still deciding on how to integrate it without giving the users a false sense of insecurity. By default, Prevx will protect all data entered in the browser and received from the browser so there isn't much of a need to further protect specific credentials. The real "protection" provided by securing credentials like this would just be to warn the user if they try to enter them outside of an HTTPS website.

However, because the user would have had to manually configure the credentials to be protected they would most likely already have a pretty good handle on security and wouldn't mistakenly enter their credit card details on an HTTP website so the feature may actually never provide any benefit for anyone who actually uses it.

Therefore, we are still debating its usefulness :) That checkbox may end up being removed in the next build but we should have more details soon as to the fate of it :) <-QUOTE}
Thanks for the reply Joe. I suspected that it was not enabled but wanted to make sure and see your reasoning about its usefulness.

{QUOTE-> Defensewall guy here preparing to take the plunge, will report back in a couple of days.


Mike <-QUOTE}
Thanks Mike :thumb:

Quote:Originally Posted by Heco
Site loading in FF or IE or Opera has become slower.
Can't use my registry cleaners any more (Ace Utilities or RegMechanic for example).

PrevxHelp wrote :
There should be no impact on browsing speed - our interception happens outside of the normal chain of website loading so we don't drag down any aspect of browsing.

Blocking cookie cleaners, however, is a known issue (we protect cookies to prevent them from being stolen by malware which indirectly may block cookie cleanup tools).

Thank you for the feedback!
-----------------------------------------------------------------------------
Hello PrevxHelp :-),

There is a misunderstanding somewhere LOL!
I was not referring to the cookie cleaner but the REGISTRY cleaner integrated in ACE Utilities...
I like this module that many members of the Wilders Community use to get rid of leftovers after the bad uninstallation of a software.
Last night i did a full clean uninstall of RC 3.0.4.182 and then used the REG cleaner module of ACE (this time it worked like a charm...as before) before installing Prevx RC 3.0.4.183. Afterwards, i ran Ace and once again it kept scanning my registry in vain...
IMHO, there is an incompatibility with ACE but not with TuneUP Utilities or CCleaner!
Would you mind investigating and checking why Ace or its clone "System TuneUP" doesn't play fair with PrevX RC?
Thanks.

Cheers,
Herve:P

{QUOTE-> Quote:Originally Posted by Heco
Site loading in FF or IE or Opera has become slower.
Can't use my registry cleaners any more (Ace Utilities or RegMechanic for example).

PrevxHelp wrote :
There should be no impact on browsing speed - our interception happens outside of the normal chain of website loading so we don't drag down any aspect of browsing.

Blocking cookie cleaners, however, is a known issue (we protect cookies to prevent them from being stolen by malware which indirectly may block cookie cleanup tools).

Thank you for the feedback!
-----------------------------------------------------------------------------
Hello PrevxHelp :-),

There is a misunderstanding somewhere LOL!
I was not referring to the cookie cleaner but the REGISTRY cleaner integrated in ACE Utilities...
I like this module that many members of the Wilders Community use to get rid of leftovers after the bad uninstallation of a software.
Last night i did a full clean uninstall of RC 3.0.4.182 and then used the REG cleaner module of ACE (this time it worked like a charm...as before) before installing Prevx RC 3.0.4.183. Afterwards, i ran Ace and once again it kept scanning my registry in vain...
IMHO, there is an incompatibility with ACE but not with TuneUP Utilities or CCleaner!
Would you mind investigating and checking why Ace or its clone "System TuneUP" doesn't play fair with PrevX RC?
Thanks.

Cheers,
Herve:P <-QUOTE}

Ah good catch ;D Indeed I misinterpreted your post! I'll get our internal QA onto testing System TuneUp/ACE's Reg cleaner are unable to function properly ASAP :)

Thanks for the clarification!

Thanks to YOU, PrevxHelp!:D

I decided to see how Defensewall plays with Prevx Beta. I haven't run into any issues yet. Using Firefox and IE8 for browsers.

{QUOTE-> I decided to see how Defensewall plays with Prevx Beta. I haven't run into any issues yet. Using Firefox and IE8 for browsers. <-QUOTE}

Great! I've received a couple reports of possible issues with DefenseWall, could you do a quick test and visit http://www.citicards.com and see if it changes to a green browser tab automatically on FF/IE8? DefenseWall's protection may be blocking this data in some cases (still investigating it, however :))

Quick update to all testers: We've reproduced the crashes a few of you have experienced and will have them fixed in the next build.

We've also reproduced the high-CPU issues with Opera v10 and they are definitely fixable.

There have been a handful of reports about some incompatibilities with other similar protection tools like Zemana/Mamutu/KeyScrambler and we are working to correct these as quickly as possible to prevent any chance of system instability. We have had no complaints of incompatibility between Prevx 3.0.4.183 and conventional security products so far but please keep the reports (positive and negative!) coming :)

Thank you all again for the invaluable testing. One of the difficulties in designing security software is trying to anticipate the billions of possible setups out in the real world and that is where Wilders excels!

I would like to see the ability to do a Right Click Scan on a group of files instead of single files but I see you can scan groups of folders or a single folder with the files in it.

Hi Joe

You and the Team keep producing them and we here at Wilders will keep testing them...especially when they are as good as Prevx 3.0. ;D

{QUOTE-> I would like to see the ability to do a Right Click Scan on a group of files instead of single files but I see you can scan groups of Folders or a single folder with the files in it. <-QUOTE}

I just tried a right click scan on three .exe files on my desktop and it scanned them correctly - could you let me know what filetypes you're trying to scan?

{QUOTE-> I just tried a right click scan on three .exe files on my desktop and it scanned them correctly - could you let me know what filetypes you're trying to scan? <-QUOTE}
Hi Joe

I just tried that and instead of a scan I got repeaseted dialogs for the standard 'Copy To' & 'Move To' Windows dialog repeatedly. Will try a more controlled test. ???

{QUOTE-> Hi Joe

I just tried that and instead of a scan I got repeaseted dialogs for the standard 'Copy To' & 'Move To' Windows dialog repeatedly. Will try a more controlled test. ??? <-QUOTE}

Works just fine here.
Go to Settings - uncheck "Enable 'Right Click...' and Save.
After that, re-enable it and try again.

{QUOTE-> I just tried a right click scan on three .exe files on my desktop and it scanned them correctly - could you let me know what filetypes you're trying to scan? <-QUOTE}

Ok I had a .rar file in there but if I remove it, it scans fine sorry!

Edit: One file is infected and I click on clean up and it goes right to another scan not the clean up window?

{QUOTE->
Edit: One file is infected and I click on clean up and it goes right to another scan not the clean up window? <-QUOTE}

The right click scanner doesn't take into account the possibility for the file being registered in the registry or embedded in another critical process (as it is just a quick check on the individual file(s)) which is why we require a rescan after a detection in the right click scanner.

It isn't a perfect situation for usability but it does improve the consistency and reliability of the cleanup process by requiring a rescan in some cases.

{QUOTE-> Great! I've received a couple reports of possible issues with DefenseWall, could you do a quick test and visit http://www.citicards.com and see if it changes to a green browser tab automatically on FF/IE8? DefenseWall's protection may be blocking this data in some cases (still investigating it, however :)) <-QUOTE}

Green tab coming up on both here, Joe. I tried it out on a couple of banking sites that I use and no issues there either.

{QUOTE-> Green tab coming up on both here, Joe. I tried it out on a couple of banking sites that I use and no issues there either. <-QUOTE}

Great, thank you! :)

{QUOTE-> The right click scanner doesn't take into account the possibility for the file being registered in the registry or embedded in another critical process (as it is just a quick check on the individual file(s)) which is why we require a rescan after a detection in the right click scanner.

It isn't a perfect situation for usability but it does improve the consistency and reliability of the cleanup process by requiring a rescan in some cases. <-QUOTE}

It's fine with me thanks for the explanation.

I might add that the only other security apps I have active at the present besides the Beta are Defensewall and Returnil. No conflicts to report with this setup so far. Last nite I had Avira Premium and SAS Pro active with it and wasn't running into any issues.

Now Joe, what would make you think that us Wilderites would have any different set ups than 99% of the rest of the web community? :P

{QUOTE-> Great! I've received a couple reports of possible issues with DefenseWall, could you do a quick test and visit http://www.citicards.com and see if it changes to a green browser tab automatically on FF/IE8? DefenseWall's protection may be blocking this data in some cases (still investigating it, however :)) <-QUOTE}
Have now installed DefenseWall and working OK on the citicards link you gave, browser tab goes green in both FF and IE7 - however, I notice that with any secure site while the Prevx browser tab is green and I am on the site concerned the top blue bar on the browser screen shows (DefenseWall Status: Untrusted) but when I exit the site the (DefenseWall Status: Untrusted) disappears although the DW icon in the system tray shows 1 untrusted process running which is FF. So although the DW status disappears off the top bar it appears that it is in fact still running FF untrusted :-\
Same situation with IE.

Strangely enough this build just detects a malware sample the regular version did not detect

{QUOTE-> Strangely enough this build just detects a malware sample the regular version did not detect <-QUOTE}

There is a new detection/protection engine in v3.0.4.183 which will improve both components. If you have any doubts in the detection (i.e. if it may be a FP), feel free to send it over to report@prevxresearch.com and we will analyze it there and report back :)

{QUOTE-> Have now installed DefenseWall and working OK on the citicards link you gave, browser tab goes green in both FF and IE7 - however, I notice that with any secure site while the Prevx browser tab is green and I am on the site concerned the top blue bar on the browser screen shows (DefenseWall Status: Untrusted) but when I exit the site the (DefenseWall Status: Untrusted) disappears although the DW icon in the system tray shows 1 untrusted process running which is FF. So although the DW status disappears off the top bar it appears that it is in fact still running FF untrusted :-\
Same situation with IE. <-QUOTE}

After closing the window, could you see if the process still exists within Task Manager? It is possible that the method DefenseWall is using to look into the process is blocked by Prevx which could be where the issues are stemming from.

{QUOTE-> Have now installed DefenseWall and working OK on the citicards link you gave, browser tab goes green in both FF and IE7 - however, I notice that with any secure site while the Prevx browser tab is green and I am on the site concerned the top blue bar on the browser screen shows (DefenseWall Status: Untrusted) but when I exit the site the (DefenseWall Status: Untrusted) disappears although the DW icon in the system tray shows 1 untrusted process running which is FF. So although the DW status disappears off the top bar it appears that it is in fact still running FF untrusted :-\
Same situation with IE. <-QUOTE}

Confirmed here too. Never noticed it the first time I checked the sites. Good catch. Browsers still showing up as untrusted in Defensewall tho. Just no status posted at the top of the browsers.

Just did another test with it. Downloaded a couple files and they were untrusted so Defensewall is working, just the banner at the top of the browser isn't indicating it.

Here's what process monitor is showing Joe.

211906

{QUOTE-> Just did another test with it. Downloaded a couple files and they were untrusted so Defensewall is working, just the banner at the top of the browser isn't indicating it.

Here's what process monitor is showing Joe.

211906 <-QUOTE}

That looks like Firefox is freezing/hung in the background - was the instance of Firefox actually doing anything at that point or was this after it was "closed"?

No firefox was working normally.

BTW check your PM's.

{QUOTE-> That looks like Firefox is freezing/hung in the background - was the instance of Firefox actually doing anything at that point or was this after it was "closed"? <-QUOTE}
Same findings as Threedog Joe.
Both FF and DW seem to working OK except for the status issue at the top of the browser.

I've done some testing with the Defensewall issue. After looking at the Defensewall logs I see it as the untrusted browser trying to manipulate the trusted Prevx. I tried excluding it but it wouldn't work. Ilya should be able to supply a fix once Prevx gets done tweaking. Browser is running as untrusted and anything downloaded is inheriting the "Untrusted" status. It's just not showing up in the title bar that the browser is running as untrusted. Other than that small niggle they have been getting along great.

I have seen a some postings regarding Prevx/DefenseWall combination. You will see from my screenies posted here - http://www.wilderssecurity.com/showpost.php?p=1536701&postcount=91 that I am using DefenseWall.

I can that say that I have not see any issues with the combination.

Also, I have had no issues with CPU usage in Opera 10(Alpha). I will be installing Prevx into another snapshot later today which has the final release of Opera 10 that came came out a few days ago.

{QUOTE-> I've done some testing with the Defensewall issue. ..... Browser is running as untrusted and anything downloaded is inheriting the "Untrusted" status. It's just not showing up in the title bar that the browser is running as untrusted. Other than that small niggle they have been getting along great. <-QUOTE}


See screenshot showing (Defensewall: Untrusted) status, which is showing as it should. :)

Prevx stopped detecting anything again, at least notpad.exe and badpx5.rar, even with fresh install of 3.0.4.183. Sent files in C:/Program Data/PrevxCSI as requested. But THE FIX DOES NOT WORK RELIABLY!!!

{QUOTE-> Prevx stopped detecting anything again, at least notpad.exe and badpx5.rar, even with fresh install of 3.0.4.183. Sent files in C:/Program Data/PrevxCSI as requested. But THE FIX DOES NOT WORK RELIABLY!!! <-QUOTE}

Replied by PM with a request for remote support to help diagnose the root of the problem.

The installer bug when installing to non default folder is still present (ie. it always installs to C:\Program Files\Prevx even if you specify something different)

http://www.wilderssecurity.com/showpost.php?p=1528971&postcount=15

{QUOTE-> The installer bug when installing to non default folder is still present (ie. it always installs to C:\Program Files\Prevx even if you specify something different)

http://www.wilderssecurity.com/showpost.php?p=1528971&postcount=15 <-QUOTE}

Hi Defenestration,

I was wondering for myself why would you not let it install into the default folder?

TH

Tarnak, try going to a site that's protected, or you could just click the add protection on the prevx bar for this site and then restart your browser, go to a protected site, then go to an unprotected site and see if the Defensewall banner is still there and let us know.

Thanks

{QUOTE-> Tarnak, try going to a site that's protected, or you could just click the add protection on the prevx bar for this site and then restart your browser, go to a protected site, then go to an unprotected site and see if the Defensewall banner is still there and let us know.

Thanks <-QUOTE}
Hi Threedog

I don't see any problem.....perhaps the following screenshots will make things clearer.:)

Maybe where you are using Opera the processess are manipulated different. I don't see in the screenies where Defensewall is listing it as untrusted tho.

{QUOTE-> Maybe where you are using Opera the processess are manipulated different. I don't see in the screenies where Defensewall is listing it as untrusted tho. <-QUOTE}

Now, would I lie to you...;D

Edit: Sorry, I forgot the screenie

Sorry, again, but the edit didn't work.....here is the screenie ;) Fingers crossed!;)

Edit: I don't know what is going, but now I can't post a screenshot. I will try to post one in testing.

Looked at the one in Testing. I am stumped now. Maybe it's just a firefox and IE thing. Oh well, Joe can sort it out. ;D

{QUOTE-> Hi Defenestration,

I was wondering for myself why would you not let it install into the default folder?

TH <-QUOTE}I prefer to group apps together under certain folders. Also, not installing to the default folder can aid in security due to some malware being hardcoded with default app folders for detection/attack purposes.

{QUOTE-> I prefer to group apps together under certain folders. Also, not installing to the default folder can aid in security due to some malware being hardcoded with default app folders for detection/attack purposes. <-QUOTE}

That's what I was thinking!

Thanks ;)

{QUOTE-> Sorry, again, but the edit didn't work.....here is the screenie ;) Fingers crossed!;)

Edit: I don't know what is going, but now I can't post a screenshot. I will try to post one in testing. <-QUOTE}

I had that problem also all I had to do was clear the cookies!

Just curious if anyone has tested this with OA ++ yet and if so were there any issues with OA web shield?

I just wanted to give it a go with the new McAfee beta. On install McAfee tells me to uninstall Prevx because it is incompatible

Am i the only one with this problem? win7, prevx standalone (well not a serious problem though :)):

{QUOTE-> Am i the only one with this problem? win7, prevx standalone (well not a serious problem though :)): <-QUOTE}

Prevx, without a license, does not integrate into the security center because that would technically not be correct as the trial doesn't prevent malware from installing.

As soon as you put in a license, however, it will turn on the security center integration :)

Also worth mentioning regarding this: if anyone has the "Prevx is reporting to the security center using a format which is not supported" message in their Vista SP2 or Windows 7 Action Center, uninstall and reinstall the beta directly - we've worked with Microsoft to now be reporting using the supported methods :)

{QUOTE-> I just wanted to give it a go with the new McAfee beta. On install McAfee tells me to uninstall Prevx because it is incompatible <-QUOTE}

??? Good to know... We'll contact McAfee on this one. We actually are compatible, you may want to try uninstalling Prevx, installing McAfee, and then installing Prevx on top which should allow you to get around their warning.

Quick question.
Shouldnt the new "Web browser Security" block websites listed on Phishtank for example?
Or am i understanding something wrong about the new feature? Thx

{QUOTE-> The installer bug when installing to non default folder is still present (ie. it always installs to C:\Program Files\Prevx even if you specify something different)

http://www.wilderssecurity.com/showpost.php?p=1528971&postcount=15 <-QUOTE}

I thought we fixed this :) Could you let me know what directory you're trying to install it to/is it a local harddrive?

{QUOTE-> ??? Good to know... We'll contact McAfee on this one. We actually are compatible, you may want to try uninstalling Prevx, installing McAfee, and then installing Prevx on top which should allow you to get around their warning. <-QUOTE}
I'm affraid it is useless at this moment.
McAfee v2010 is too buggie

{QUOTE-> Quick question.
Shouldnt the new "Web browser Security" block websites listed on Phishtank for example?
Or am i understanding something wrong about the new feature? Thx <-QUOTE}

We're still working on building our databases of malicious websites. If you'd like to test the malicious website protection, try visiting:

http://bigbucksbank.onlinebankingoperations.com

This is a fake phishing website which we've created as a demo to show what the protection will look like when fully implemented.

Let me know if you have any questions :)

Wow thats nice. Thank you. Good to see it in action.

{QUOTE-> I thought we fixed this :) Could you let me know what directory you're trying to install it to/is it a local harddrive? <-QUOTE}On Win 7 x64 RTM. I'm running as Admin, but with default UAC settings enabled. I get asked for elevation confirmation during installation.

Installing to local hard drive on system partition (ie. C: ) in folder. For example, C:\Program Files\Protection\Prevx\

{QUOTE-> We're still working on building our databases of malicious websites. If you'd like to test the malicious website protection, try visiting:

http://bigbucksbank.onlinebankingoperations.com

This is a fake phishing website which we've created as a demo to show what the protection will look like when fully implemented.

Let me know if you have any questions :) <-QUOTE}
Hi Joe

I think that there may be a potential problem with the antiphising protection or rather the result of it. I browse using FF with a number of tabs and I opened another when trying out the abobve url. The protection duly kicked in and I had the option to Cancel or Ignore and took Cancel...which duly closed down FF entirely rather than just the tab under which I was trying to access the questionable url.

Is this correct behaviour (i.e., and purposely draconian ;D ) or is this a glitch? I would have thought that if possible just the closing of the specific tab concerned would have sufficedd especially as I was not even given the usual option to remember the web pages opened (but again I suspect that this is part of the plan).

Your enlightenment on this would be much appreciated...as always! ;)

Balders

{QUOTE-> Hi Joe

I think that there may be a potential problem with the antiphising protection or rather the result of it. I browse using FF with a number of tabs and I opened another when trying out the abobve url. The protection duly kicked in and I had the option to Cancel or Ignore and took Cancel...which duly closed down FF entirely rather than just the tab under which I was trying to access the questionable url.

Is this correct behaviour (i.e., and purposely draconian ;D ) or is this a glitch? I would have thought that if possible just the closing of the specific tab concerned would have sufficedd especially as I was not even given the usual option to remember the web pages opened (but again I suspect that this is part of the plan).

Your enlightenment on this would be much appreciated...as always! ;)

Balders <-QUOTE}

This is intentionally draconian (although of course possible to be changed). The buttons given to the user are labeled "Close" and "Ignore". Our concern is that if a user has just clicked on a link which brought them to a malicious website, it is likely that both open websites are therefore malicious (one possibly coming from a web-email which we wouldn't scan through until they try and click on the link).

It is a bit of an impediment to the end user to close all of their tabs but we feel that it is the most secure way possible as there is always the possibility that the URL itself could have an exploit which may have affected other open browser tabs on the first visitation (like http://securitytracker.com/alerts/2009/Aug/1022755.html for instance).

We have some level of justification with this behavior by saying that the non-technical users that are most likely to get caught by malicious websites will tend not to browse with multiple tabs open (I fall back to the example of my parents who don't even know what a tab is, let alone how to browse using multiple ones :))

Again, let me know your thoughts on this. It isn't terribly difficult to modify this behavior and we're very open for changes :)

{QUOTE-> We're still working on building our databases of malicious websites. If you'd like to test the malicious website protection, try visiting:

http://bigbucksbank.onlinebankingoperations.com

This is a fake phishing website which we've created as a demo to show what the protection will look like when fully implemented.

Let me know if you have any questions :) <-QUOTE}

I think it might be hard to understand what does "Close" mean.
Does it mean closing warning message or ...
Maybe "Block this threat" or "Get out!" :D

{QUOTE-> ??? Good to know... We'll contact McAfee on this one. We actually are compatible, you may want to try uninstalling Prevx, installing McAfee, and then installing Prevx on top which should allow you to get around their warning. <-QUOTE}

It does - I uninstalled my original Prevx and then installed the RC and it works with McAfee TP 2010 fine.

{QUOTE-> This is intentionally draconian (although of course possible to be changed)...We have some level of justification with this behavior by saying that the non-technical users that are most likely to get caught by malicious websites will tend not to browse with multiple tabs open (I fall back to the example of my parents who don't even know what a tab is, let alone how to browse using multiple ones :))

Again, let me know your thoughts on this. It isn't terribly difficult to modify this behavior and we're very open for changes :) <-QUOTE}

Hi Joe

I thought as much ;) but just thought that I would check it out to confirm. I have no particular issues with the approach (better draconian and fully protected rather than convenient & less so) and I suspect that adding options in setting which can defined whether the user has advanced options or not will probably out to bloat.

However, as ever I am happy to make a suggestion; what about a further button on the popup entitled 'Advanced' which then gives the user some more discrete options such as 'Close phising source tab ONLY', etc. plus any other that you technical gurus think is best. ;)

As I said I am happy with the way it works now...inconvenience is worth the security. ;D

Cheers


Balders

Hi all
I've just downloaded PREVX 3.0.4 RC and installed on my desktop PC running XP PRO SP 3 (32 bit).
Other security software installed are:

1) Avira AntiVir Premium 9.0
2) MalwareBytes' AntiMalware 1.40 (full)
3) Agnitum Outpost 6.5.1 - 2009 free
4) SUPERAntiSpyware free 4.28.1010
5) JavaCool SpywareBlaster 4.2
6) RETURNIL premium 2.1 - 2008

Main browser Firerfox 3.5.2

Everything seems to work fine except for these possible false positive detections

Uninstaller related to PERFECT UTILITIES seems to be infected by "medium risk malware"





As far as I know PERFECT UTILITIES is clean


~snip~ VirusTotal link removed as per-forum policy

File Info

Report generated: 6.9.2009 at 18.37.04 (GMT 1)
Filename: uninst.exe
File size: 55 KB
MD5 Hash: 1650e9b52255e98de13a2185fc78f04e
SHA1 Hash: 61736CF1ED07FDB1060CFD16D23B2C286977FFD6
Self-Extract Archive: Nothing found
Binder Detector: Nothing found
Detection rate: 0 on 22

Detections

a-squared - -
Avira AntiVir - -
Avast - -
AVG - -
BitDefender - -
ClamAV - -
Comodo - -
Dr.Web - -
Ewido - -
F-PROT6 - -
Ikarus T3 - -
Kaspersky - -
McAfee - -
NOD32 v3 - -
Norman - -
Panda - -
QuickHeal - -
Solo Antivirus - -
Sophos - -
TrendMicro - -
VBA32 - -
VirusBuster - -

Scan report generated by
NoVirusThanks.org (http://novirusthanks.org)

More info about PERFECT UTILITIES

http://www.putils.com/

I scanned my computer with MalwareBytes' AntiMalware and SUPERAntiSpyware too which found no malware.

Thank you

[EDIT to say] sorry, I do not know why I cannot display screenshosts, maybe because of PRIVOXY?

(EDIT: We have fixed the FP from Perfect Utilities :) Thank you for the report!)

{QUOTE-> This is intentionally draconian (although of course possible to be changed). The buttons given to the user are labeled "Close" and "Ignore". Our concern is that if a user has just clicked on a link which brought them to a malicious website, it is likely that both open websites are therefore malicious (one possibly coming from a web-email which we wouldn't scan through until they try and click on the link).

It is a bit of an impediment to the end user to close all of their tabs but we feel that it is the most secure way possible as there is always the possibility that the URL itself could have an exploit which may have affected other open browser tabs on the first visitation (like http://securitytracker.com/alerts/2009/Aug/1022755.html for instance).

We have some level of justification with this behavior by saying that the non-technical users that are most likely to get caught by malicious websites will tend not to browse with multiple tabs open (I fall back to the example of my parents who don't even know what a tab is, let alone how to browse using multiple ones :))

Again, let me know your thoughts on this. It isn't terribly difficult to modify this behavior and we're very open for changes :) <-QUOTE}
Personal opinion - only one choice "Terminate", draconian? possibly, but safe.
Perhaps a warning for the user above the terminate button that the browser, tabs etc will all be closed.

{QUOTE-> (EDIT: We have fixed the FP from Perfect Utilities :) Thank you for the report!) <-QUOTE}


You're welcome,
and thank you for you quick reply;)

Just a couple questions: is it possible that MalwareBytes' AntiMalware IP Bloker would conflict with PREVX R.C?

I Noticed a strange behavior when I try to access my own Local Area Network, according to PREVX RC my LAN settings could be dangerous (I do not use any proxy server, I've just removed PRIVOXY)
I do not use WiFi, my LAN is Cabled (I Hope my english is correct and understandable), my router/modem has a hardware firewal built in and I'm the only person who know the password.

I also noticed that I have to configure manually every single web site I visit and log in to via PREVX RC web shield options and PREVX also blocks every attempts to use WinSnap (I know that has a keylogger capability, but WinSnap doesn't send any data through the web): the most of snapshots I take are blank, as a matter of fatcs.

Even if I disable keylogger detection, nothing change and "PREVX web shield" seems not to change too (I cannot save my setting I mean) and reverts back to the previous settings


Now for example I cannot reach h t t p://imageshack.us/ but I'm connected to the net (my default browser is Firefox 3.5.2)

Thanks in advance and sorry for my english

Is there a problem with Windows Defender? Its the second time i have a big constant cpu hit out of nothing with svchost.exe. If i right click on it and choose "Go to service(s)" it shows WinDefend - Windows Defender - Running - secsvcs. Prevx standalone.
Only solution is to restart. Thx

I rebooted twice and now it seems all ok.
Sorry for my previuos post, I didn't notice that:

"- Browser protection will be merged with the Stop Protection in Prevx to allow the user to take screenshots if wanted";D

However I still wonder if there are some incompatibility issues with MalwareBytes' AntiMalware Ip Blocker.

Cheers

I have uninstalled Prevx and installed RC 3.0.4.183 (Trial Version). Web Browser is enabled with all Defaults...no custom user settings. When attempting to use IE8's InPrivate Browsing - it simply will not start...the cursor waiting icon appears and then after ~10-15 seconds the cursor returns to normal but, the private browsing window never starts/appears.

Would this be a feature or a possible bug or more likely, a user error....?...;D

Edit: InPrivate Browsing works when Web Browser Security is turned OFF....ya might want ta reconsider this one guys...

galileo

Hi Joe

Update for you. Been testing 183 with KIS 2010 and so far I have noticed no clashes or incompabilities so far...which is good news.;D

Will keep going and check a little wider with some of the other security apps that I run on-demand only.

Cheers



Balders

{QUOTE-> I have uninstalled Prevx and installed RC 3.0.4.183 (Trial Version). Web Browser is enabled with all Defaults...no custom user settings. When attempting to use IE8's InPrivate Browsing - it simply will not start...the cursor waiting icon appears and then after ~10-15 seconds the cursor returns to normal but, the private browsing window never starts/appears.

Would this be a feature or a possible bug or more likely, a user error....?...;D

Edit: InPrivate Browsing works when Web Browser Security is turned OFF....ya might want ta reconsider this one guys...

galileo <-QUOTE}

I'm quite confident this is not user error and is a software bug :) Could you please click Tools > Save Scan Results and send a scan log to report@prevxresearch.com?

This will hopefully let us diagnose the cause of the problem (I've tried here on IE8 and it did not block it but there may be some different factor in your setup which is breaking it).

Thanks! :)

One quick and possibly silly question, as a licensed Prevx user can I just go ahead and download this or is some registration process involved and will my key work? (oops 2 questions). I love new toys,,,:o ;D

{QUOTE-> I rebooted twice and now it seems all ok.
Sorry for my previuos post, I didn't notice that:

"- Browser protection will be merged with the Stop Protection in Prevx to allow the user to take screenshots if wanted";D

However I still wonder if there are some incompatibility issues with MalwareBytes' AntiMalware Ip Blocker.

Cheers <-QUOTE}

There may indeed be an issue between MalwareBytes and Prevx RC. We are still working through testing all of the major vendors and will be moving onto smaller vendors like MalwareBytes in the next phase of testing.

Thank you for the information and we'll let you know as soon as we have something updated for retesting against MBAM :)

{QUOTE-> Is there a problem with Windows Defender? Its the second time i have a big constant cpu hit out of nothing with svchost.exe. If i right click on it and choose "Go to service(s)" it shows WinDefend - Windows Defender - Running - secsvcs. Prevx standalone.
Only solution is to restart. Thx <-QUOTE}

Could you try uninstalling Prevx and going back to v3.0.1.65 from http://info.prevx.com/downloadcsi.asp to see if this is a newly introduced issue or if something else has caused it to happen across the standard Prevx installation also?

Thanks! :)

{QUOTE-> One quick and possibly silly question, as a licensed Prevx user can I just go ahead and download this or is some registration process involved and will my key work? (oops 2 questions). I love new toys,,,:o ;D <-QUOTE}

Yes you can and make sure it is from scratch and have your key ready!

TH

{QUOTE-> One quick and possibly silly question, as a licensed Prevx user can I just go ahead and download this or is some registration process involved and will my key work? (oops 2 questions). I love new toys,,,:o ;D <-QUOTE}

You can just go ahead and download it :) All existing license keys will work still!

Let me know if you have any further questions :)

{QUOTE-> Yes you can and make sure it is from scratch and have your key ready! <-QUOTE}

Always beating me with your fast responses :dry: ;D

{QUOTE-> Update for you. Been testing 183 with KIS 2010 and so far I have noticed no clashes or incompabilities so far...which is good news.

Will keep going and check a little wider with some of the other security apps that I run on-demand only. <-QUOTE}

Great! :) Let me know if you run into anything!

Joe, here are two screenshots taken a few minutes apart showing outgoing traffic continuing back to the the prevx server. As can been seen, I had just completed a manual scan.

I am curious as to why the incoming/outgoing traffic continued for several minutes, even though the scan of my system was finished. ;)

{QUOTE-> Yes you can and make sure it is from scratch and have your key ready!

TH <-QUOTE}

Great, I'll give it a go here in a little while...:thumb: and thanks also to Prexhhelp.

{QUOTE-> I am curious as to why the incoming/outgoing traffic continued for several minutes, even though the scan of my system was finished. ;) <-QUOTE}

I suspect it is our database returning a flag to watch specific programs more carefully. You may periodically see traffic from Prevx when submitting behaviors/analyzing data with the cloud but it isn't anything to worry about :)

{QUOTE-> I suspect it is our database returning a flag to watch specific programs more carefully. You may periodically see traffic from Prevx when submitting behaviors/analyzing data with the cloud but it isn't anything to worry about :) <-QUOTE}

OK!...just so long as I am not assimilated(aka The Borg Collective). :) ;D

{QUOTE-> There may indeed be an issue between MalwareBytes and Prevx RC. We are still working through testing all of the major vendors and will be moving onto smaller vendors like MalwareBytes in the next phase of testing.

Thank you for the information and we'll let you know as soon as we have something updated for retesting against MBAM :) <-QUOTE}


Thank you so much:)

I noticed that disabling MBAM Ip protection, issue seems to vanish.
I also put MBAM into PREVX RC ignore list 'cause MalwareBytes' AntiMalware takes too long to run a quick scan.

Another thing: I've read that some cleaners can create problems, I noticed that when I open CCleaner, OS freeze for a while, same when I try to destroy files with Glary Utilities free.

Cheers

P.S thanks for uploading screenshost in my behalf:thumb:

{QUOTE-> I'm quite confident this is not user error and is a software bug :) Could you please click Tools > Save Scan Results and send a scan log to report@prevxresearch.com?

This will hopefully let us diagnose the cause of the problem (I've tried here on IE8 and it did not block it but there may be some different factor in your setup which is breaking it).

Thanks! :) <-QUOTE}
Hmmm, after re-booting and turning off (unchecking) and then turning back on (checking) "Enable the Prevx Secure Browser", the InPrivate Browsing (IPB) function is now working. Strange, there may be a minor issue regarding your installation that requires - or at least "benefits" from - a re-boot. At any rate, the IPB function works even after several more on/off scenarios...so, I don't really have an issue to debug any more....:blink:

galileo

{QUOTE-> Could you try uninstalling Prevx and going back to v3.0.1.65 from http://info.prevx.com/downloadcsi.asp to see if this is a newly introduced issue or if something else has caused it to happen across the standard Prevx installation also?

Thanks! :) <-QUOTE}
I used the 3.0.1.65 all day without high cpu from svchost.exe (Windows Defender). I´m going to install the RC again to be sure its the from the RC.

I like this little tidbit! It has a Lock when the Browser is open and Check mark when it is closed!

{QUOTE-> I like this little tidbit! It has a Lock when the Browser is open and Check mark when it is closed! <-QUOTE}

If you open up the main Prevx interface it will update to the Lock/checkmark in realtime ;D

Sometimes we get a bit eccentric on minor details :)

{QUOTE-> OK!...just so long as I am not assimilated(aka The Borg Collective). :) ;D <-QUOTE}
Resistance is (in some case) futile ;) ;)

Running Prevx 183, DefenseWall on XP Home SP3, FF 3.5.2 browser

See the GMail Manager FF add-on icon at bottom right of screenshot above taskbar.
I have had this happen several times in three days. Uninstall Prevx and it stops.
I cannot reproduce this at will and the only way to get rid of it is to reboot.
Anyone else seeing this?

{QUOTE-> Running Prevx 183, DefenseWall on XP Home SP3, FF 3.5.2 browser

See the GMail Manager FF add-on icon at bottom right of screenshot above taskbar.
I have had this happen several times in three days. Uninstall Prevx and it stops.
I cannot reproduce this at will and the only way to get rid of it is to reboot.
Anyone else seeing this? <-QUOTE}

Hello,
Could you please try sending me a Tools > Save Scan Results scan log to report@prevxresearch.com? It very well may be an issue with Prevx blocking the addon from viewing the web contents if it is untrusted.

If not, there are other things which we can analyze which the scan log will hopefully show :)

Thanks!

I've noticed a peculiarity - If I have my web browser (Firefox) window visible, then switch to my file manager (ie. so browser window is placed just behind file manager window), select a few files in file manager and scan with Prevx (from right click context menu), the web browser window is brought to the front at the end of the scan.

Running Win 7 x64 RTM.

{QUOTE-> I've noticed a peculiarity - If I have my web browser (Firefox) window visible, then switch to my file manager (ie. so browser window is placed just behind file manager window), select a few files in file manager and scan with Prevx (from right click context menu), the web browser window is brought to the front at the end of the scan.

Running Win 7 x64 RTM. <-QUOTE}

Could you let me know what file manager you're using (or is it just Windows Explorer?) Also are you on a secured website or just a normal "blue" website?

Thanks! :)

{QUOTE-> If you open up the main Prevx interface it will update to the Lock/checkmark in realtime ;D

Sometimes we get a bit eccentric on minor details :) <-QUOTE}

Yes I did notice that :thumb: ;D

{QUOTE-> Looks ok to me and i've got a lot tweaked: <-QUOTE}

if i may ask, what FF skin is that?

and another question, to use this beta full functional do u need a license, or does the beta come fully working? and 2nd, is browser protection going to be included in the free version or no?

{QUOTE-> and another question, to use this beta full functional do u need a license, or does the beta come fully working? and 2nd, is browser protection going to be included in the free version or no? <-QUOTE}

You do not need a license for the test version (just download and go :)) and currently we are planning on including the browser protection for free along with malware detection and adware/MBR rootkit cleanup :)

{QUOTE-> if i may ask, what FF skin is that? <-QUOTE}

There are two very similar around (the authors even work together):

http://spewboy.deviantart.com/art/Strata40-Beta-v0-3-132191373?offset=430

http://boneyardbrew.deviantart.com/art/Firefox-3-7-Mockup-Redux-2-5-130502568

Im using the first one.

{QUOTE-> Hello,
Could you please try sending me a Tools > Save Scan Results scan log to report@prevxresearch.com? It very well may be an issue with Prevx blocking the addon from viewing the web contents if it is untrusted.

If not, there are other things which we can analyze which the scan log will hopefully show :)

Thanks! <-QUOTE}

Have now sent a scan log which I did about midnight. Sorry for the delay, real life got in the way >:( ;D

Have just had the GMail Manager icon change from default red to grey with a red exclamation mark in the centre. The Prevx Web Browser tab has also disappeared and if I try to connect to any site on the web I just get an "Unable to connect" window in the browser. Have done a scan and saved the log. The fact I was able to do the scan indicates that the computer is able to connect to the Prevx servers which would suggest a possible conflict involving the FF browser?
Just closed and reopened the browser and everything is now OK.
Do you want me to send this second scan log as well?

{QUOTE-> You do not need a license for the test version (just download and go :)) and currently we are planning on including the browser protection for free along with malware detection and adware/MBR rootkit cleanup :) <-QUOTE}

wuld browser protection be fully functional in the free version or limited?

{QUOTE-> Have just had the GMail Manager icon change from default red to grey with a red exclamation mark in the centre. The Prevx Web Browser tab has also disappeared and if I try to connect to any site on the web I just get an "Unable to connect" window in the browser. Have done a scan and saved the log. The fact I was able to do the scan indicates that the computer is able to connect to the Prevx servers which would suggest a possible conflict involving the FF browser?
Just closed and reopened the browser and everything is now OK.
Do you want me to send this second scan log as well? <-QUOTE}

I'm afraid we didn't find much in your scan log. We're going to work on reproducing this locally with the GMail Manager and will report back with what our results are as soon as we get together the next release :)

{QUOTE-> wuld browser protection be fully functional in the free version or limited? <-QUOTE}

The protection will be fully functional in the free version :)

I have run into a strange glitch here with the RC. Any website I visit in Firefox that uses Java animation seems to have trouble loading. I try loading radar animation in the Nat'l Weather service site and the player loads but nothing happens. It works fine with IE8 though. Now if I use the latest full release of Prevx (3.0.1.65) everything works fine...odd eh..:o ::) ??? :)

{QUOTE-> The protection will be fully functional in the free version :) <-QUOTE}

Wow! Really!? That's awesome! :D

{QUOTE-> The protection will be fully functional in the free version :) <-QUOTE}

wow that sounds great, so free version will have alert ability but no removal still but its awesome that the browser protection will work just like the paid one :)

so that means anything caught by browser protection will be removed/blocked correct?

Seems like there is a incompatibility with NIS 2010 17.0.0.136
When I enable https:// protection under web prot. then Firefox 3.5.3 crashes when browsing to web pages with https (www.hansa.ee for example)
So I think it's bug. When I remove https:// protection, then it won't crash.

Definitely worth to check out :)

{QUOTE-> wow that sounds great, so free version will have alert ability but no removal still but its awesome that the browser protection will work just like the paid one :)

so that means anything caught by browser protection will be removed/blocked correct? <-QUOTE}

It will be avoided. The goal of the browser protection is to allow the user to use their computer safely without exposing their data to active threats. Because no product is perfect, Prevx 3.0 included, we've designed the browser protection as a complement to the protection and detection provided by Prevx 3.0, significantly improving its ability to prevent infections from doing harm to your data or identity. So, in the chance that Prevx 3.0 were to miss a threat, the browser protection may not necessarily say that "x file is a threat", but it will prevent the file from reading/stealing your data or even knowing it exists on the system.

Also, the browser protection offers proactive prevention of malicious content - blocking phishing websites, malicious websites, and other bad content which can infect your computer, reducing your risk even if you aren't using the paid-for version of Prevx.

I hope that helps clarify what the browser protection provides :) Let me know if you have any questions!

Also, for more information at a technical level, take a look at thus whitepaper which should help explain some of the potential of the secure browser :) http://www.wilderssecurity.com/showthread.php?t=252664

{QUOTE-> Seems like there is a incompatibility with NIS 2010 17.0.0.136
When I enable https:// protection under web prot. then Firefox 3.5.3 crashes when browsing to web pages with https (www.hansa.ee for example)
So I think it's bug. When I remove https:// protection, then it won't crash.

Definitely worth to check out :) <-QUOTE}

Thank you for the information :) I've added this to our "to test with" list and will report back as soon as we have an answer to the issue!

{QUOTE-> I have run into a strange glitch here with the RC. Any website I visit in Firefox that uses Java animation seems to have trouble loading. I try loading radar animation in the Nat'l Weather service site and the player loads but nothing happens. It works fine with IE8 though. Now if I use the latest full release of Prevx (3.0.1.65) everything works fine...odd eh..:o ::) ??? :) <-QUOTE}

That definitely sounds like something which could break - could you let me know what OS you're using (and if you have any other security installed than what is in your signature?)

Thanks! :)

{QUOTE-> It will be avoided. The goal of the browser protection is to allow the user to use their computer safely without exposing their data to active threats. Because no product is perfect, Prevx 3.0 included, we've designed the browser protection as a complement to the protection and detection provided by Prevx 3.0, significantly improving its ability to prevent infections from doing harm to your data or identity. So, in the chance that Prevx 3.0 were to miss a threat, the browser protection may not necessarily say that "x file is a threat", but it will prevent the file from reading/stealing your data or even knowing it exists on the system.

Also, the browser protection offers proactive prevention of malicious content - blocking phishing websites, malicious websites, and other bad content which can infect your computer, reducing your risk even if you aren't using the paid-for version of Prevx.

I hope that helps clarify what the browser protection provides :) Let me know if you have any questions!

Also, for more information at a technical level, take a look at thus whitepaper which should help explain some of the potential of the secure browser :) http://www.wilderssecurity.com/showthread.php?t=252664 <-QUOTE}

so is it similar to like keyscrambler?

{QUOTE-> so is it similar to like keyscrambler? <-QUOTE}

We have KeyScrambler-esque functionality built in as one component (except we don't scramble the keystrokes, we just tell the operating system that they don't exist and erase them ;D). On top of that are another 50+ discrete protection engines to handle the other threats to system/user data :)

Prevx and KeyScrambler free would be a very good choice.

{QUOTE-> We have KeyScrambler-esque functionality built in as one component (except we don't scramble the keystrokes, we just tell the operating system that they don't exist and erase them ;D). On top of that are another 50+ discrete protection engines to handle the other threats to system/user data :) <-QUOTE}

sounds awesome and since it will be included in free version, im definetly adding this to my windows 7 setup, it does work with windows 7 right?

{QUOTE-> Prevx and KeyScrambler free would be a very good choice. <-QUOTE}

sounds like too much overlaping functionality.

{QUOTE-> sounds awesome and since it will be included in free version, im definetly adding this to my windows 7 setup, it does work with windows 7 right? <-QUOTE}

Yes it does :)

{QUOTE-> sounds like too much overlaping functionality. <-QUOTE}

We are now compatible with KeyScrambler but indeed it is a lot of overlapping functionality (as we do everything that they do for the browser - the piece which KeyScrambler has that we don't is protection of other programs). For the browser or for other programs, however, you can use Prevx RC1 + KeyScrambler but there isn't any benefit to use KeyScrambler for the browser protection on top of Prevx.

{QUOTE-> Yes it does :)



We are now compatible with KeyScrambler but indeed it is a lot of overlapping functionality (as we do everything that they do for the browser - the piece which KeyScrambler has that we don't is protection of other programs). For the browser or for other programs, however, you can use Prevx RC1 + KeyScrambler but there isn't any benefit to use KeyScrambler for the browser protection on top of Prevx. <-QUOTE}

nice clarification, ur support is always top notch :thumb: but one last question, is there any known major issues with the RC and Win7 32bit?

{QUOTE-> nice clarification, ur support is always top notch :thumb: but one last question, is there any known major issues with the RC and Win7 32bit? <-QUOTE}

Nothing major, just some minor incompatibilities with some programs (mostly security programs which try and do similar things in the browser. I have a list of the larger known incompatibilities in the first post on the thread (http://www.wilderssecurity.com/showpost.php?p=1536311&postcount=1) but I use it here on Windows 7 RTM 32bit without any problems :)

{QUOTE-> Nothing major, just some minor incompatibilities with some programs (mostly security programs which try and do similar things in the browser. I have a list of the larger known incompatibilities in the first post on the thread (http://www.wilderssecurity.com/showpost.php?p=1536311&postcount=1) but I use it here on Windows 7 RTM 32bit without any problems :) <-QUOTE}

sounds great, thx :thumb:

{QUOTE-> That definitely sounds like something which could break - could you let me know what OS you're using (and if you have any other security installed than what is in your signature?)

Thanks! :) <-QUOTE}

Wouldn't you know, my Online Armor was blocking the Java plugin in firefox. Winds up its not a Prevx issue at all. It seemed strange that it only affected Firefox so I went thru all the menu's in OA...and SHAZZAM. All is well, cheers...;D

{QUOTE-> Wouldn't you know, my Online Armor was blocking the Java plugin in firefox. Winds up its not a Prevx issue at all. It seemed strange that it only affected Firefox so I went thru all the menu's in OA...and SHAZZAM. All is well, cheers...;D <-QUOTE}

No problem ;D Always good to know that other security is still working!

{QUOTE-> No problem ;D Always good to know that other security is still working! <-QUOTE}

Indeed...OA and Prevx make quite a team...:thumb:

{QUOTE-> Nothing major, just some minor incompatibilities with some programs (mostly security programs which try and do similar things in the browser. I have a list of the larger known incompatibilities in the first post on the thread (http://www.wilderssecurity.com/showpost.php?p=1536311&postcount=1) but I use it here on Windows 7 RTM 32bit without any problems :) <-QUOTE}

does this browser security have any sandbox sort of functionality?

{QUOTE-> does this browser security have any sandbox sort of functionality? <-QUOTE}

We're focusing primarily on protecting the browser from the OS rather than the OS from the browser as a sandbox would, however, we are planning on extending this protection into a sandbox.

The difficulty, however, is that we don't focus on a techie-oriented userbase and the average user can barely download files anyway so the sandboxing we do will be simplistic enough to be understood by average users and strong enough for techies (or normal users who are even more likely to get infected) :)

That is our goal, at least, but it isn't an easy task to accomplish. We are planning another update in the next couple months which will prevent exploits from the browser transparently but we are still planning further sandbox functionality which may find its way first into Prevx 4.0 :)

{QUOTE-> We're focusing primarily on protecting the browser from the OS rather than the OS from the browser as a sandbox would, however, we are planning on extending this protection into a sandbox.

The difficulty, however, is that we don't focus on a techie-oriented userbase and the average user can barely download files anyway so the sandboxing we do will be simplistic enough to be understood by average users and strong enough for techies (or normal users who are even more likely to get infected) :)

That is our goal, at least, but it isn't an easy task to accomplish. We are planning another update in the next couple months which will prevent exploits from the browser transparently but we are still planning further sandbox functionality which may find its way first into Prevx 4.0 :) <-QUOTE}

sounds amazing, i see a great future in prevx ;D gunna install the RC right now actually :)

{QUOTE-> Could you let me know what file manager you're using (or is it just Windows Explorer?) Also are you on a secured website or just a normal "blue" website?

Thanks! :) <-QUOTE}Directory Opus 9.1.3.3.3527.x64.

I just tested it again by selecting two .bat files and the file manager stayed at the front (but it had been placed in front of the Prevx scan dialog), however, the final Prevx dialog said only 1 file had been scanned. I retested it by clicking on the Firefox window, scrolling down a bit, then clicking on the file manager window and right-click scanning the two .bat files again, and this time the Firefox window was incorrectly brought back to the front, but the final scan dialog said two files had been scanned.

Prevx must be doing something with window focus, either after the scan but before the final scan dialog is displayed, or after the final scan dialog is displayed.

anyone notice any browsing slow downs or browser startup slow down using the web security thing?

None!!!
Allen:o

None here also!

TH

No slowdowns here either. RC is working excellent.

Same here...its running great

well on Win7 32bit, none of my browsers are able to connect to the internet, even after i disabled the browser protection :-\

{QUOTE-> well on Win7 32bit, none of my browsers are able to connect to the internet, even after i disabled the browser protection :-\ <-QUOTE}

Hmm :-\ Could you send a Tools > Save Scan Results scan log to report@prevxresearch.com? There might be some important browser components which we have as untrusted, causing us to block them from accessing the browser data.

I should be able to get a clearer picture from there :)

Thanks!

{QUOTE->
Prevx must be doing something with window focus, either after the scan but before the final scan dialog is displayed, or after the final scan dialog is displayed. <-QUOTE}

It does indeed - we force ourselves to show the results to the user if they come out infected but there may be some other stray cases here that could affect it further.

We will look into this in more detail to see what we can do to stop this annoyance :) Thank you for the information!

{QUOTE-> Hmm :-\ Could you send a Tools > Save Scan Results scan log to report@prevxresearch.com? There might be some important browser components which we have as untrusted, causing us to block them from accessing the browser data.

I should be able to get a clearer picture from there :)

Thanks! <-QUOTE}

i forgot to make a snapshot after i restored :-\ ill install it again soon then email u the scan

Okay Joe, I finally installed RC v3.0.4.183. I'll report back on any GeSWall findings. I've not read of issues from anyone using GW, have you? I think there will be a lot of overlap between GeSWall and the Prevx Secure Browser, don't you agree?

Regarding Self Protection... apologies if this has already been covered. I did search for it and found this from Joe -->
{QUOTE-> The default for 64bit operating systems is Minimum because of the architectural changes in the 64bit environment but 32bit can be set safely on Medium without compatibility issues. <-QUOTE}
If I am not mistaken, the default for 32-bit is Maximum, correct? That seemed odd to me. I changed it to Medium (Standard). :)

i uninstalled the formal prevx version and installed 3.0.4.183 for 64bit.
but in my Prevx system status screen I dont have any indication for the web-protection.

any help?

{QUOTE-> Regarding Self Protection... apologies if this has already been covered. I did search for it and found this from Joe -->

If I am not mistaken, the default for 32-bit is Maximum, correct? That seemed odd to me. I changed it to Medium (Standard). :) <-QUOTE}

Good catch :thumb: That is a typo :) The new default is Maximum on a fresh installation on a 32bit OS and we will change the text to reflect that.

{QUOTE-> i uninstalled the formal prevx version and installed 3.0.4.183 for 64bit.
but in my Prevx system status screen I dont have any indication for the web-protection.

any help? <-QUOTE}

The new web protection doesn't support 64bit yet - as soon as we've completed the 32bit version we will be porting it into 64bit but for now, you will benefit from the additional malware protection and optimized protection engines in 64bit as well (which are new over the existing live build v3.0.1.65).

can you specify more details about "additional malware protection @ 64bit" that you mentioned ?
thank you !