Prevx RC 3.0.4.183

Looked at the one in Testing. I am stumped now. Maybe it's just a firefox and IE thing. Oh well, Joe can sort it out.

 

I prefer to group apps together under certain folders. Also, not installing to the default folder can aid in security due to some malware being hardcoded with default app folders for detection/attack purposes.

 

That's what I was thinking!

Thanks

 

I had that problem also all I had to do was clear the cookies!

 

Just curious if anyone has tested this with OA ++ yet and if so were there any issues with OA web shield?

 

I just wanted to give it a go with the new McAfee beta. On install McAfee tells me to uninstall Prevx because it is incompatible

 

Am i the only one with this problem? win7, prevx standalone (well not a serious problem though ):

 

Prevx, without a license, does not integrate into the security center because that would technically not be correct as the trial doesn't prevent malware from installing.

As soon as you put in a license, however, it will turn on the security center integration

Also worth mentioning regarding this: if anyone has the "Prevx is reporting to the security center using a format which is not supported" message in their Vista SP2 or Windows 7 Action Center, uninstall and reinstall the beta directly - we've worked with Microsoft to now be reporting using the supported methods

 

Good to know... We'll contact McAfee on this one. We actually are compatible, you may want to try uninstalling Prevx, installing McAfee, and then installing Prevx on top which should allow you to get around their warning.

 

Quick question.
Shouldnt the new "Web browser Security" block websites listed on Phishtank for example?
Or am i understanding something wrong about the new feature? Thx

 

I thought we fixed this Could you let me know what directory you're trying to install it to/is it a local harddrive?

 

I'm affraid it is useless at this moment.
McAfee v2010 is too buggie

 

We're still working on building our databases of malicious websites. If you'd like to test the malicious website protection, try visiting:

http://bigbucksbank.onlinebankingoperations.com

This is a fake phishing website which we've created as a demo to show what the protection will look like when fully implemented.

Let me know if you have any questions

 

Wow thats nice. Thank you. Good to see it in action.

 

On Win 7 x64 RTM. I'm running as Admin, but with default UAC settings enabled. I get asked for elevation confirmation during installation.

Installing to local hard drive on system partition (ie. C: ) in folder. For example,

Code:

C:\Program Files\Protection\Prevx\

 

Hi Joe

I think that there may be a potential problem with the antiphising protection or rather the result of it. I browse using FF with a number of tabs and I opened another when trying out the abobve url. The protection duly kicked in and I had the option to Cancel or Ignore and took Cancel...which duly closed down FF entirely rather than just the tab under which I was trying to access the questionable url.

Is this correct behaviour (i.e., and purposely draconian ) or is this a glitch? I would have thought that if possible just the closing of the specific tab concerned would have sufficedd especially as I was not even given the usual option to remember the web pages opened (but again I suspect that this is part of the plan).

Your enlightenment on this would be much appreciated...as always!

Balders

 

This is intentionally draconian (although of course possible to be changed). The buttons given to the user are labeled "Close" and "Ignore". Our concern is that if a user has just clicked on a link which brought them to a malicious website, it is likely that both open websites are therefore malicious (one possibly coming from a web-email which we wouldn't scan through until they try and click on the link).

It is a bit of an impediment to the end user to close all of their tabs but we feel that it is the most secure way possible as there is always the possibility that the URL itself could have an exploit which may have affected other open browser tabs on the first visitation (like http://securitytracker.com/alerts/2009/Aug/1022755.html for instance).

We have some level of justification with this behavior by saying that the non-technical users that are most likely to get caught by malicious websites will tend not to browse with multiple tabs open (I fall back to the example of my parents who don't even know what a tab is, let alone how to browse using multiple ones )

Again, let me know your thoughts on this. It isn't terribly difficult to modify this behavior and we're very open for changes

 

I think it might be hard to understand what does "Close" mean.
Does it mean closing warning message or ...
Maybe "Block this threat" or "Get out!"

 

It does - I uninstalled my original Prevx and then installed the RC and it works with McAfee TP 2010 fine.

 

Hi Joe

I thought as much but just thought that I would check it out to confirm. I have no particular issues with the approach (better draconian and fully protected rather than convenient & less so) and I suspect that adding options in setting which can defined whether the user has advanced options or not will probably out to bloat.

However, as ever I am happy to make a suggestion; what about a further button on the popup entitled 'Advanced' which then gives the user some more discrete options such as 'Close phising source tab ONLY', etc. plus any other that you technical gurus think is best.

As I said I am happy with the way it works now...inconvenience is worth the security.

Cheers


Balders

 

Hi all
I've just downloaded PREVX 3.0.4 RC and installed on my desktop PC running XP PRO SP 3 (32 bit).
Other security software installed are:

1) Avira AntiVir Premium 9.0
2) MalwareBytes' AntiMalware 1.40 (full)
3) Agnitum Outpost 6.5.1 - 2009 free
4) SUPERAntiSpyware free 4.28.1010
5) JavaCool SpywareBlaster 4.2
6) RETURNIL premium 2.1 - 2008

Main browser Firerfox 3.5.2

Everything seems to work fine except for these possible false positive detections

Uninstaller related to PERFECT UTILITIES seems to be infected by "medium risk malware"





As far as I know PERFECT UTILITIES is clean


~snip~ VirusTotal link removed as per-forum policy

File Info

Report generated: 6.9.2009 at 18.37.04 (GMT 1)
Filename: uninst.exe
File size: 55 KB
MD5 Hash: 1650e9b52255e98de13a2185fc78f04e
SHA1 Hash: 61736CF1ED07FDB1060CFD16D23B2C286977FFD6
Self-Extract Archive: Nothing found
Binder Detector: Nothing found
Detection rate: 0 on 22

Detections

a-squared - -
Avira AntiVir - -
Avast - -
AVG - -
BitDefender - -
ClamAV - -
Comodo - -
Dr.Web - -
Ewido - -
F-PROT6 - -
Ikarus T3 - -
Kaspersky - -
McAfee - -
NOD32 v3 - -
Norman - -
Panda - -
QuickHeal - -
Solo Antivirus - -
Sophos - -
TrendMicro - -
VBA32 - -
VirusBuster - -

Scan report generated by
NoVirusThanks.org

More info about PERFECT UTILITIES

http://www.putils.com/

I scanned my computer with MalwareBytes' AntiMalware and SUPERAntiSpyware too which found no malware.

Thank you

[EDIT to say] sorry, I do not know why I cannot display screenshosts, maybe because of PRIVOXY?

 

(EDIT: We have fixed the FP from Perfect Utilities Thank you for the report!)

 

Personal opinion - only one choice "Terminate", draconian? possibly, but safe.
Perhaps a warning for the user above the terminate button that the browser, tabs etc will all be closed.

 

You're welcome,
and thank you for you quick reply

Just a couple questions: is it possible that MalwareBytes' AntiMalware IP Bloker would conflict with PREVX R.C?

I Noticed a strange behavior when I try to access my own Local Area Network, according to PREVX RC my LAN settings could be dangerous (I do not use any proxy server, I've just removed PRIVOXY)
I do not use WiFi, my LAN is Cabled (I Hope my english is correct and understandable), my router/modem has a hardware firewal built in and I'm the only person who know the password.

I also noticed that I have to configure manually every single web site I visit and log in to via PREVX RC web shield options and PREVX also blocks every attempts to use WinSnap (I know that has a keylogger capability, but WinSnap doesn't send any data through the web): the most of snapshots I take are blank, as a matter of fatcs.

Even if I disable keylogger detection, nothing change and "PREVX web shield" seems not to change too (I cannot save my setting I mean) and reverts back to the previous settings


Now for example I cannot reach h t t p://imageshack.us/ but I'm connected to the net (my default browser is Firefox 3.5.2)

Thanks in advance and sorry for my english

 

Is there a problem with Windows Defender? Its the second time i have a big constant cpu hit out of nothing with svchost.exe. If i right click on it and choose "Go to service(s)" it shows WinDefend - Windows Defender - Running - secsvcs. Prevx standalone.
Only solution is to restart. Thx