SafeOnline tests and suggestions

Did a few tests with Zemana test loggers.

Deactivated Zemana Antilogger first.

Protected against scrolling window capture, but not clipboard logging, screen logging or keyboard logging ?

And with Zemana Antilogger active it prevented the Zemana clipboard logging test from showing clipboard logging. Disable SafeOnline and it did ?

https password logging was protected with Zemana Antilogger and SafeOnline both disabled. This might be firefox protection ?

I think it would be better if we could individually select the items we want protecting, or not, with a tick, rather than with the slider control. As it is, the slider is all inclusive, or chooses for us selectively.

 

SafeOnline will protect against all of these threats but only on a secured website. Could you let me know if you've run them directly on an HTTPS website? (I've just tried the keyboard/clipboard/screen grabber leaktests from Zemana and they're all blocked here with just SafeOnline).

Some aspects of Prevx protection move out of the way if the user has Zemana Antilogger installed so that they can use both programs - I'd recommend uninstalling Zemana entirely and also uninstalling Prevx, then rebooting, then reinstall Prevx and see if your results are any different.

We've designed the configuration in such a way that each level disables exactly as much as it should - for the High level, for example, it is necessary to disable both screen grabbing and browser window access because that is what SnagIt and most other screen reading programs will try and do on the system to read the screen data. At a technical level, they are different concepts but we've combined them within the configuration. In one of the first versions of SafeOnline, we did have discrete configuration for each of the options but it introduced too much user confusion as many of the options are reliant on other options to allow programs like SnagIt to access the required areas of the system.

 

@PrevxHelp

Hi, just did the tests on the https hotmail sign in page, and Prevx blocked the other two, but not the ScreenLogger ?

Maybe you could have the discrete configuration instead of the slider as an option in future, hope so.

Thanks.

 

Hotmail is not HTTPS!

TH

 

It is if you use the enhanced security option.

 

Shows how much I use Hotmail LOL But it was stopped!

TH

 

@ Triple Helix

Hi, I always use the hotmail https login, much better. Noticed you allowed Prevx to block the actual ScreenLogger test from running. I allow such tests to run, otherwise there would be no test, as in your case. Try again after allowing it.

 

Isn't that defeating the purpose? If I allow malware to bypass Prevx when it tells me not to should I? It's good enough for me that it is detected and not allowed to run! On this point alone should make you happy!

TH

 

I agree 100% with TH here. I have always thought the same thing when the OSFirewall in ZoneAlarm Pro jumps up and identifies a test process as suspicious and recommends denying it, people inevitably say, "Well, you need to let it past the firewall". And I'm always saying the same thing as TH... why? As far as I'm concerned, the test is over. My firewall stopped it.

 

I even tried it your way and could not get the test to grab my screen so it passed the SafeOnline test also using FF 3.6 I let run for 10 minutes only turning off Prevx allowed ScreenLogger to take a shot!

TH

 

TH....the statement on prevx website about SOl http://www.prevx.com/safeonline.asp reads....

so a safeonline only user would not have prevx blocking threats thus CloneRanger is correct in allowing it for testing the efficacy of SOL

 

But if you see post#10 I let it go pass Prevx and allowed and still no screen-shot taken! So it passed the SafeOnline test also! Unless I'm missing something here?

TH

EDIT: I tried 4 times and still will not take screen shot so in my opinion it passed!

 

well i have no issues with prevx SOL except a desire that they strengthen their IP verification methodology and antiphising capabilities...maybe use an ip blocklist type thingy as used in mbam/OA/outpost etc

 

True anything to make it better!

TH

 

We're definitely working on improving this, but the rogue/phishing websites today move so quickly it is nearly impossible to actually make a valid effort to block them. This is why we strongly recommend using our Credential Protection functionality within SafeOnline which will lock down your credentials to a specific website and warn if you accidentally type them into a different one, automatically defeating every phishing attempt

Also, regarding the screenshot - I also cannot reproduce any issue taking screenshots. It is possible that you have entered into "compatibility mode" by configuring Prevx to "High" protection at some point. Doing this will allow some issues to be fixed (like printing on some specific printers) but it will cause screen grabber protection within SafeOnline to not load (by design, and this only affects screen grabber protection).

It might be worth uninstalling, then rebooting, and then reinstalling to see if this re-enables the protection.

Let me know!

 

joe i am a happy prevx camper ...the test taker...giver...ummm.....creator ...is clonerager

 

Hi posters, thanks for the input. Not sure why ScreenLogger is able to do that on mine with Zemana disabled ? As i normally have Zemana active it's not a problem for me, but i thought it could be for others, which is the reason for posting.

 

Help!

Screen grabbing test

Failed

SafeOnline doesn't prevent Zemana ScreenLogger.exe from taking a snapshot of HTTPS sites for me.

I have SafeOnline as part of PrevX 3.0 (latest version .74) so I have had to add ScreenLogger.exe to my override list as Trusted to make it run.

Now it runs happily and takes snapshots of my screen when I visit HTTPS sites even though SafeOnline says it should not be able to!

What is happening here? Does the fact that I have trusted the program in PrevX mean that SafeOnline trusts it also. I would have thought these different security layers should operate independently (otherwise they are not two layers!).

I have tried doing a screen dump in windows (Print Screen key) and this is blocked correctly.

Edit: I have now completed tests using Zemana's keyboard and clipboard logger test trojans. My findings are below.

Key logging test

Works . Key logging protection is turned on once a site is visited with this protection enabled. It is then left turned on for subsequent web sites visited. It only gets turned off when I close the browser (firefox).

Clipboard logging test

Works . Clipboard protection is turned on once a site is visited with this protection enabled . It then protects all clip board accesses so I can use KeePass to copy/paste my passwords etc. Like the key logging protection, clipboard protection is then always on until I close my browser.

 

Could you let me know what other security software you're using? If you are using Zemana Antilogger and have it installed (even if it is disabled), SafeOnline will temporarily disable some of its protection until you uninstall it as there is a fundamental incompatibility between Zemana and SafeOnline (they both try and protect precisely the same area of the system, which will result in a crash if they both remain enabled).

If not, please let me know and I'll investigate further

 

I dont have Zemana anti-logger. I have just their test "Trojan" (keyboard.exe) which doesn't install, it just runs when you double click the file.

My Security applications are:

- Kaspersky Internet Security 2010
- PrevX 3 with SafeOnline
- Windows Defender.

Browser was:

- Firefox 3.6.

I removed BrowserDefender from my system before I did the tests.

Edit: This works now. This problem went away after I did a clean re-install.

 

I suspect this may be because of configuring SafeOnline to "High" protection at some point - this will trigger a compatibility mode within SafeOnline that could disable some aspects of screen grabber protection.

Glad to hear it's working properly now though, let me know if you find anything else!