WSA 2014 v8.0.4.12 Beta

Discussion in 'Prevx Betas' started by Tarnak, Sep 26, 2013.

Thread Status:
Not open for further replies.
  1. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    5,703
    Location:
    North Carolina, USA
    Hello,

    Under advanced settings > access control, you can disable captcha if you desire.
     
  2. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    You may want to run a fresh install as the default CAPTCHA options only affect more significant security changes (changes to the Access Control settings or disabling one of the shields), or, as puff-m-d posted, you can disable it if you choose.
     
  3. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Running a scan daily is helpful as it ensures that you are using the latest whitelist information from active programs, meaning, as we whitelist new software, your computer will get progressively faster after it scans.
     
  4. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    5,703
    Location:
    North Carolina, USA
    Hello Joe,

    I have discovered something concerning my execution history issue (stops logging events) that may help you in figuring it out. I hope I can explain it in a way that makes sense. In order to explain, I am going to use the term "counter" to represent the number of logged events since the system was booted or rebooted, or WRSA was manually stopped and then restarted. This also applies to when the software is updated as I found out yesterday. Whenever this "counter" reaches 1000 events, the logging stops. For example if I start on fresh boot with the events in the log reset, when the number of events reach 1000 the logging stops. If I shutdown WRSA and restart it, the logging will resume and them again stop at 2000 events in the log (counter = 1000). Now say I reboot when there is 2500 events in the log. After reboot the logging will continue until 3500 events are in the log (again counter = 1000). This was hard to explain but I hope I have done a decent enough job for you to understand. This is 100% reproducible every time this "counter" gets to 1000. It is like it is supposed to stop at 1000 (I have reproduced this over half a dozen times now in my tests and it always happens at the counter = 1000 point.) I hope this helps.
     
  5. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,674
    Location:
    South Wales, UK
    Hi Clocks

    You have two options with CAPTCHA; changing critical features and changing all features (again in Advanced Settings but this time under Access Control) which I find sufficient to discriminate between what is really important to protect and...paranoia ;)

    Give those a try.

    Regards, Balders
     
  6. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Thanks - you are correct, it will store only the last 1,000 entries within one session (without rebooting), but I think this can be increased or use a rolling queue approach (where the earlier entries are written to disk to leave room for new entries).
     
  7. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    5,703
    Location:
    North Carolina, USA
    Hello Joe,

    I have been puzzled by this execution history logging stopping thing for over a year now. Numerous posts here and two support tickets never came up with an answer. It was not an easy thing noticing the 1000 event repeat cycle. It is very nice to know the answer now.

    Thanks as always for your help :thumb: as it is very much appreciated ;) !!!
     
  8. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,430
    Location:
    Surrey, England.
    Just to confirm that after a fresh install earlier, I've now got LPPlugin.dll where it should be :thumb:
     
  9. szaki2

    szaki2 Registered Member

    Joined:
    Apr 20, 2012
    Posts:
    29
    Location:
    Hungary
    Hello
    Not overkill u want scan regulary just u not know yet. :)
    Seriously if u have monitored unknown processes when u scan wsa check in to look alreday determined or not. Im not sure how this work if u not scan at all. Captcha can turn off in settings in 2013 version. Not option for this in 2014.

    The explorer memory leak more important to fix i think that can ocure more problem. (explorer process use 330MB after install wsa. Normaly 25-60Mb in win 8.1)
     
  10. clocks

    clocks Registered Member

    Joined:
    Aug 25, 2007
    Posts:
    2,787
    Will someone let us know when the new web shield rolls out?
     
  11. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
    Joe said this in the 2014 release thread:
    HTH,

    TH
     
  12. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    You can turn it off in the Access Control settings under Advanced Settings.

    We're looking into this - it may be an artifact of it not being a final OS release yet and Microsoft enabling debug code. We've determined that it isn't a memory leak within WSA, however, and rather something within Explorer which is triggering when WSA is active.
     
  13. micafighter

    micafighter Registered Member

    Joined:
    Sep 30, 2013
    Posts:
    59
    Location:
    Hungary

    Thanks for looking into this :thumb: :)
     
  14. smith2006

    smith2006 Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    808
    Hi,

    Any idea how to undo this (cannot find the web filtering to delete) if accidentally clicked on "Unlock page & continue" (seems like this action is permanent)?

    Untitled.jpg

    Thanks
     
  15. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,741
    Location:
    UK
    Looks like you're on the 2014 web filtering system, which is being rolled out slowly.

    A whitelist.txt file should be in a new folder called WrUrl within the hidden C:\ProgramData\WRData. This file can be edited to remove entries added.

    TH has a few screenshots here: https://community.webroot.com/t5/We...t/New-interface-web-site-list/m-p/59903#M1822

    In your case, I think you'd have to remove the URL from the whitelist to have it blocked again.
     
  16. clocks

    clocks Registered Member

    Joined:
    Aug 25, 2007
    Posts:
    2,787
    So if I don't have this folder, I am still on the old version? I've been looking for a way to figure out if I have the update.

    Edit: Just checked my machine that is using the beta code. That has the update. My second machine doesn't have it yet.
     
    Last edited: Oct 11, 2013
  17. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Yes, that's a good way of checking if you're on the new version.
     
  18. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,741
    Location:
    UK
    You should also get an extension install request in browsers such as Firefox.
     
  19. smith2006

    smith2006 Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    808
    Thanks TonyW & I really appreciate your help. :thumb:
     
  20. Xanthos

    Xanthos Registered Member

    Joined:
    Oct 12, 2009
    Posts:
    12
    Anyone having problems With the lock icon again? Mine starts out fine and then it gets stuck either on or off. I've tested it with keylogger simulators and doesn't seem to be functioning.
     
  21. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
    Are you using any other security software? Have you tried a clean reinstall with a Reboot in between? The browser must be in the active foreground always if the Simulators are in front of the browser window then the padlock will not show as the Browser must be the only thing in the active foreground then the Padlock will be there. Try this open your Browser and the Padlock is there right, now click in the taskbar somewhere the Padlock will disappear now click back into the active foreground of the Browser and the Padlock reappears.

    HTH,

    TH ;)
     
    Last edited: Oct 12, 2013
  22. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,868
    Location:
    Outer space
    I also have the lock icon dissappearing sometimes, even if the browser window is the active main window. Clicking multiple times in the browser window will usually make the lock icon appear again.
     
  23. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    5,703
    Location:
    North Carolina, USA
    Hello Joe,

    Has there been any progress or a status report concerning the execution history logging limitation? Thanks...
     
  24. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    This has not been addressed yet - there are no security implications so it is a lower priority overall but is on the list.
     
  25. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    5,703
    Location:
    North Carolina, USA
    Thanks a lot Joe! No big deal at all as I totally understand. It is a very nice feature but more times than not I end up having to do a reboot in order to use it. Glad to hear it is still on the list and not forgotten :thumb: ...
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.