Prevx RC 3.0.4.183

The right click scanner doesn't take into account the possibility for the file being registered in the registry or embedded in another critical process (as it is just a quick check on the individual file(s)) which is why we require a rescan after a detection in the right click scanner.

It isn't a perfect situation for usability but it does improve the consistency and reliability of the cleanup process by requiring a rescan in some cases.

 

Green tab coming up on both here, Joe. I tried it out on a couple of banking sites that I use and no issues there either.

 

Great, thank you!

 

It's fine with me thanks for the explanation.

 

I might add that the only other security apps I have active at the present besides the Beta are Defensewall and Returnil. No conflicts to report with this setup so far. Last nite I had Avira Premium and SAS Pro active with it and wasn't running into any issues.

Now Joe, what would make you think that us Wilderites would have any different set ups than 99% of the rest of the web community?

 

Have now installed DefenseWall and working OK on the citicards link you gave, browser tab goes green in both FF and IE7 - however, I notice that with any secure site while the Prevx browser tab is green and I am on the site concerned the top blue bar on the browser screen shows (DefenseWall Status: Untrusted) but when I exit the site the (DefenseWall Status: Untrusted) disappears although the DW icon in the system tray shows 1 untrusted process running which is FF. So although the DW status disappears off the top bar it appears that it is in fact still running FF untrusted
Same situation with IE.

 

Strangely enough this build just detects a malware sample the regular version did not detect

 

There is a new detection/protection engine in v3.0.4.183 which will improve both components. If you have any doubts in the detection (i.e. if it may be a FP), feel free to send it over to report@prevxresearch.com and we will analyze it there and report back

 

After closing the window, could you see if the process still exists within Task Manager? It is possible that the method DefenseWall is using to look into the process is blocked by Prevx which could be where the issues are stemming from.

 

Confirmed here too. Never noticed it the first time I checked the sites. Good catch. Browsers still showing up as untrusted in Defensewall tho. Just no status posted at the top of the browsers.

 

Just did another test with it. Downloaded a couple files and they were untrusted so Defensewall is working, just the banner at the top of the browser isn't indicating it.

Here's what process monitor is showing Joe.

View attachment Processes.TXT

 

That looks like Firefox is freezing/hung in the background - was the instance of Firefox actually doing anything at that point or was this after it was "closed"?

 

No firefox was working normally.

BTW check your PM's.

 

Same findings as Threedog Joe.
Both FF and DW seem to working OK except for the status issue at the top of the browser.

 

I've done some testing with the Defensewall issue. After looking at the Defensewall logs I see it as the untrusted browser trying to manipulate the trusted Prevx. I tried excluding it but it wouldn't work. Ilya should be able to supply a fix once Prevx gets done tweaking. Browser is running as untrusted and anything downloaded is inheriting the "Untrusted" status. It's just not showing up in the title bar that the browser is running as untrusted. Other than that small niggle they have been getting along great.

 

I have seen a some postings regarding Prevx/DefenseWall combination. You will see from my screenies posted here - https://www.wilderssecurity.com/showpost.php?p=1536701&postcount=91 that I am using DefenseWall.

I can that say that I have not see any issues with the combination.

Also, I have had no issues with CPU usage in Opera 10(Alpha). I will be installing Prevx into another snapshot later today which has the final release of Opera 10 that came came out a few days ago.

See screenshot showing (Defensewall: Untrusted) status, which is showing as it should.

 

Prevx stopped detecting anything again, at least notpad.exe and badpx5.rar, even with fresh install of 3.0.4.183. Sent files in C:/Program Data/PrevxCSI as requested. But THE FIX DOES NOT WORK RELIABLY!!!

 

Replied by PM with a request for remote support to help diagnose the root of the problem.

 

The installer bug when installing to non default folder is still present (ie. it always installs to C:\Program Files\Prevx even if you specify something different)

https://www.wilderssecurity.com/showpost.php?p=1528971&postcount=15

 

Hi Defenestration,

I was wondering for myself why would you not let it install into the default folder?

TH

 

Tarnak, try going to a site that's protected, or you could just click the add protection on the prevx bar for this site and then restart your browser, go to a protected site, then go to an unprotected site and see if the Defensewall banner is still there and let us know.

Thanks

 

Hi Threedog

I don't see any problem.....perhaps the following screenshots will make things clearer.

 

Maybe where you are using Opera the processess are manipulated different. I don't see in the screenies where Defensewall is listing it as untrusted tho.

 

Now, would I lie to you...

Edit: Sorry, I forgot the screenie

 

Sorry, again, but the edit didn't work.....here is the screenie Fingers crossed!

Edit: I don't know what is going, but now I can't post a screenshot. I will try to post one in testing.