Prevx sneaks out via IE

Discussion in 'Prevx Releases' started by CloneRanger, May 25, 2011.

Thread Status:
Not open for further replies.
  1. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    Well tried to :eek:

    I had my FW lock on to do an MBAM scan after updating it, & as PSOL likes/needs to check files being scanned by MBAM = Lots of internet activity, i Totally shutdown PSOL by the remove protection option. So far so good.

    However, i cancelled the MBAM scan soon after i started it to do it later. What i discovered was on re-enabling PSOL, it wanted to do a full scan of my comp = fair enough. I chose to cancel it, for now, to save my precious bandwith costs.

    But what happened next astonished me :eek: After the "Are you sure you want to cancel" etc alerts, to which i clicked YES, IE6 launched

    ie-p.gif

    Followed shortly afterwards by FF as well

    ff-p.gif

    As i had my FW lock enabled neither could call home = OK.

    You might think that's as expected, but it's NOT. Because in PG i have NOT included IE in it's safe list, as i mainly use FF. If for whatever rare reason i want to use IE i toggle this setting in PG

    pg-p.gif

    And afterwards back again. If i try to launch IE offline or online i get this, as i should

    inv.gif

    About the same time as all this was happening, i saw several Explorer.exe FW log alerts at slighty different intervals, some to local ports, others to my ISP's DNS :eek: I know in the past you've said Prevx does NOT use Explorer.exe to try & get out. And i presume that means explorer.exe as well ? So i'm NOT saying Prevx/PSOL was trying to use Explorer.exe to get out, just mentioning what i saw !

    The main thing is this,

    So how is Prevx/PSOL able to launch IE, if Any/Every attempt i make to launch it whilst the PG block is on, fails ? I checked PG to make sure it's still blocked, & it is.

    TIA
     
  2. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Prevx is opening IE to a help page to assist you with the connectivity issue. It doesn't do anything out of the ordinary to execute your browser so I'd suspect this is a bug in PG.

    (P.S. - the alarmist thread titles probably aren't too helpful to the faint of heart ;))
     
  3. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    I understand that ;)

    :eek: Ooh err, hope it's not :( I'll investigate further, & maybe others could check too to see if it happens to them, with the EXACT settings :thumb:

    :D But you're a big boy ;) Anyway it's Alarming to me, as i'm sure you can appreciate :thumb:

    Thanks for now :)
     
Thread Status:
Not open for further replies.