Prevx RC 3.0.4.206

Discussion in 'Prevx Betas' started by PrevxHelp, Sep 26, 2009.

Thread Status:
Not open for further replies.
  1. Habakuck

    Habakuck Registered Member

    Joined:
    May 24, 2009
    Posts:
    544
    Of course no right click scanning! ;)

    I did two tests.

    1) PrevX enabled. Execution of trojansimulator.exe. Got detected but i wrote a permanten override for the trojansimulator.exe.
    After that i tried to install the TSSServ.exe but Prevx detected it and prevented the installation.

    2) I disabled PrevX. Then i installed the TSSServ.exe using the trojansimualtor.exe GUI.
    After that the TSSServ.exe was shown in the TaskManager.
    I did a "Scan my PC" after that which found two items. The trojansimulator.exe and the TSSServ.exe. Not the registry entry!
    I performed the clean up with automatic reboot.

    After that the registry entry was still active. I used the Windows system integrity check tool to check the autostart entry.


    Win7 64-bit, UAC active, Windows Defender disabled, PrevX stand alone, Windows Firewall active, no other security software.
     
  2. guest

    guest Guest

    Hi Joe, are you sure? Because the previous RC versions (and of course the public version) had not this exact problem to connect online (speaking of 'IPs not verified'). If I am not wrong? o_O

    Do you remember the screens that popped up all the time when you installed here remotely new RC versions? This was Fritz!Protect warning about hash changes. Once allowing that (by pressing OK) the old rules for prevx.exe were in place for the new build also. So I don't think it has to do with changing of hashes. :(

    Now I have disabled Fritz!Protect (outbound firewall) and rebooted but it is still "IP not verified". - Before doing that Prevx was 'frozen' again once I tried scanning. So this scanning worked sometimes and then again not, strange.

    However ... I checked Fritz!Protect 'log file' (screen where you can see which connections were allowed) after your posting and there were many dns connections from Prevx, all green and allowed. So again, very strange.

    Well .. please don't give up SafeOnline! :D
    If you need my help (remote maintenance, testing etc.) for fixing this or anything else just let me know. :cool:
     
  3. fasteddy2020

    fasteddy2020 Registered Member

    Joined:
    May 12, 2009
    Posts:
    106
    Location:
    USA
    I installed 3.0.4.206. Whenever I am in a browser (IE8, FF3.5.3 Sandboxed or FF3.5.3 Not Sandboxed) the back button on my Logitech mouse does not work. I actually have two different mice and it affected both. I ran a scan and saved the log. I then uninstalled .206 and reinstalled 3.0.1.65 and the problem went away. Could there be a possible conflict between .206 and logitech drivers? I will send the scan file.

    Edit: File is sent.
     
  4. dlimanov

    dlimanov Registered Member

    Joined:
    Jun 10, 2009
    Posts:
    204
    Joe,
    There appears to be incompatibility with SafeOnline and F5's SSL VPN, even when the VPN website is explicitly defined in the list and protection is set to OFF for that particular host.. I have to disable SafeOnline completely in order to pass host integrity checking.
     
  5. dlimanov

    dlimanov Registered Member

    Joined:
    Jun 10, 2009
    Posts:
    204
    I am also having problems with YouTube videos loading 3-5% of the content and then ending prematurely with SafeOnline on in Opera. Video loads 5-10 seconds and you can skip forward and it will load another 5-10 seconds, but never fully. With SafeOnline off, loads normally.
     
  6. rolarocka

    rolarocka Guest

    Downloads in Opera 10 stop after a few seconds with SafeOnline active.
     
  7. SvS

    SvS Security Expert

    Joined:
    Aug 28, 2004
    Posts:
    57
    Using Prevx RC 3.0.4.206 I experience frequent Browser Crashes (Internet Explorer 8 on Windows 7 x32 RTM) while visiting sites using the https protocol. The crash is not reproducible by visiting a specific site or performaing certain actions, the tab just crashes and is restored. This was a "clean" (i.e. uninstall the previous RC, reboot and install new RC) install of RC 3.0.4.206 using the default SafeOnline configuration.
     
  8. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    We've reproduced this problem and will have it fixed in the next version :) Thanks for the information!
     
  9. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Could you let us know what other security software you're using and what browser addons you have installed?

    Thanks! :)
     
  10. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    I suspect this issue is the same as rolarocka's issue here: https://www.wilderssecurity.com/showpost.php?p=1549029&postcount=31

    I will let you know as soon as we have some definitive answer to the issue. Thanks for the report!
     
  11. SvS

    SvS Security Expert

    Joined:
    Aug 28, 2004
    Posts:
    57
    I'm using Symantec Norton Internet Security 2010.

    Browser addons installed:

    Bonjour (Apple)
    Web-Recherche (www.macropool.com)
    Nuance PDF (Nuance PDF Professional 6 - www.nuance.com)
    Windows Live Sig-In Assistant (not sure what the correct name of this addon is in English)
    Java JRE 1.6 (latest version)
     
  12. ambient_88

    ambient_88 Registered Member

    Joined:
    Jun 23, 2008
    Posts:
    854
    I believe there is a possible conflict with Firefox 3.5. Whenever I load it, a dialog pops up asking me whether I'd like to restore my previous session (feature by Tab Mix Plus). Now, whenever that dialog comes up, the Firefox chrome gets messed up, ie., some parts are not visible. I am not sure if it's supposed to be like that or whatnot.

    Appreciate any help.
     
  13. SvS

    SvS Security Expert

    Joined:
    Aug 28, 2004
    Posts:
    57
    There appears to be a slight incompatibility with SafeOnline and the Identity Safe feature of Norton Internet Security (using NIS 2010 on Windows 7 x32).

    I use Identity Safe to store my address information and part of my Credit Card info in a password protected Identity Card. While visiting any online shopping site (using the https protocol) I'm unable to type the Identity Card password into Identity Safes password dialog using the keyboard. Copy & Paste works, typing the passowrd does not.
     
  14. Romagnolo1973

    Romagnolo1973 Registered Member

    Joined:
    Feb 17, 2009
    Posts:
    552
    Location:
    Italy - Ravenna
    Joe I see something new in that RC, now when you launch a scan with other AV or Antispyware ( I see this with Superantispyware & MalwareBytes) prevx follow the other scan (you can see it watchin prevx check file apperaing near the clock)
    This is good because so prevx check sector normaly unchecked (other hd for exemple) but this cause a long scan fo the other programs. For example Malwarebytes with prevx off spend 30 minutes to scan my hd, with prevx on is 2 hours or more, the same happen with SAS o_O
    Is a bug or you want this behaviour?
     
  15. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    This is semi-expected behavior. MalwareBytes/SAS load files in such a way that they sometimes trigger Prevx to scan the files, however, in build 200/206 we've implemented changes to limit this unnecessary scanning, provided your System Status is Clean.

    Could you let me know if you've had any malware on that PC when the slow scan is taking place?
     
  16. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Hello,
    We've reproduced your crashing issue with NIS2010 but have not reproduced the Identity Safe issues with the crash-corrected build. It is possible that it got fixed as well but we will likely have a new build by the morning ready for another try :)

    Thank you for the reports!
     
  17. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    I installed Tab Mix Plus and a Firefox Chrome skin (Chromifox Basic) but could not reproduce any problems.

    Could you let me know what I'm doing wrong? :D Thanks!
     
  18. ambient_88

    ambient_88 Registered Member

    Joined:
    Jun 23, 2008
    Posts:
    854
    Here's a screenshot to show what's happening.
     

    Attached Files:

  19. guest

    guest Guest

    JFYI: I had this 'dirtiness' again - but this time running 3.0.1.65!? At next reboot all was o.k. again. Before this happened my system had a Prevx crash during shutdown. Don't know what is going on now here (Avira and Prevx say computer is clean) .. just wanted you to inform: this 'dirtiness' thing isn't RC only. - If Prevx even is the origin which I don't know. :(

    p.s.: Some hours later I had to uninstall Prevx and Fritz!DSL because something is going very wrong here (freezing, internet gone etc.), just take a look at the screenshots! Skype and not Prevx!? o_O (Namensauflösung = DNS)
     

    Attached Files:

    Last edited: Sep 28, 2009
  20. Romagnolo1973

    Romagnolo1973 Registered Member

    Joined:
    Feb 17, 2009
    Posts:
    552
    Location:
    Italy - Ravenna
    No malware in this pc since 2004:D
    This low scan affected my pc & other italians so I think is general
    No problem with avira.
    wtih old prevx we don't see this problem, only with rc it seem so slow
    This slow scan affect only SAS & Malwarebytes?
    If yes no problem, I explain my friend stop prevx during SAS or MBAM scan
     
  21. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Could you let me know what operating system you're using? I may be able to correct the issue but clicking Stop Protection is definitely the most reliable way to disable it temporarily during the scan :)
     
  22. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    o_O Even 62.189.194.207 is one of our addresses... so unless Avira and Skype are covertly using our engine, I suspect there is something amiss within Fritz!Protect.

    I'm honestly not sure what to make of that and have never seen anything that bizarre before :doubt:
     
  23. ambient_88

    ambient_88 Registered Member

    Joined:
    Jun 23, 2008
    Posts:
    854
    Joe,

    How's the issue with Firefox that I told you about? Also, I forgot to say earlier, but the when I said chrome I meant the UI of Firefox. I am experiencing the same issues with Silvermel and the default theme (Strata).
     
  24. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    We've made a small tweak which may fix it - we'll have a new build ready by tomorrow for some retesting to check through and see if this was the cause :)
     
  25. ako

    ako Registered Member

    Joined:
    Nov 16, 2006
    Posts:
    652
    No problems here so far with this release. Using

    DW 3.0 beta
    Winpatrol
    Prevx 3.0 RC
    Sandboxie
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.