SafeOnline Protects PCs Even If They Are Infected

Martin Brinkmann
Nov 3, 2009
Updated • Apr 23, 2017

I have worked for one of the biggest financial organizations in Germany in the past. One of our jobs was to deal with customers who had fallen pray to phishing and other malicious attacks.

The attacks were not sophisticated at all, and included emails with errors, no personal information and even some from other organizations that the customer had never dealt with before in the beginning.

The phishing emails became more professional over time, and it became harder to educate customers about the dangers.

Update: WebRoot and PrevX, the company behind SafeOnline, merged to become a single company. Prevx products like SafeOnline are no longer available as a consequence. The last "sign of life" of the technology is found in a WebRoot press release in 2011.



SafeOnline is a security program developed by Prevx that is available as a standalone software or as part of Prevx 3.0. This program, according to its developers, is able to protect PCs against many forms of phishing and pharming even if they are infected.

How is it done?

The core protection lies in the ability to block keyloggers, screen scrapers, man-in-the-browser attacks, session hijackers, clipboard grabbers, and a number of other threats commonly installed by trojans like SilentBanker, Bancos, Zeus, Torpig, and Curtwail onto thousands of PCs daily. Rather than focusing on being able to identify the threats themselves, SafeOnline works to isolate the browser from the rest of the system even if unknown threats exist that try to steal data from the user. System level malware generally attempts to read data from the browser but Prevx introduces a layer in-between the browser and the rest of the operating system, tricking the threats into thinking that they have successfully read and transmitted the user's credentials outside of the system when they have not. Unlike other solutions, Prevx SafeOnline works with the user's existing browser, without requiring the use of a specialized browser so there is no need for the user to change their browsing habits - protection is applied seamlessly and silently in the background.

This sounds like a reverse sandbox where the content of the sandbox is protected from the rest of the computer system. According to Prevx it offers protection against

* Man-In-The-Browser
* Phishing attacks
* Keyloggers
* Screen Grabbers
* Cookie Stealers
* Info Stealing Trojans such as ZEUS, MBR, Goldun, and Silent Banker

Prevx has contacted several banks in the UK offering their product for free to the bank's customers. Six banks so far have shown interest in the product. These banks had special requirements according to PC World that included that the product would work with other security software, and would not force the banks to change their websites. The security product was able to meet all of these requirements.

Verdict: The main question here is if it is really safe. Will it really defeat all keyloggers and phishing attacks? What if the security software fails do to so? What if users feel overconfident using the software? It might work as an extra layer of defense on a PC system but it might take a while before the company can build enough trust in their product. Thanks Dante for the tip.

SafeOnline Protects PCs Even If They Are Infected
Article Name
SafeOnline Protects PCs Even If They Are Infected
SafeOnline is a security program developed by Prevx that is available as a standalone software or as part of the security application Prevx 3.0 for Windows.
Ghacks Technology News

Previous Post: «
Next Post: «


  1. Abudulla Jarez said on November 5, 2009 at 2:26 pm

    @ Rarst
    I use the Prevx 3.0 product for our small business just for detection and it does not conflict with any other security product as we have both norton and trend.
    We have used safe online and its hardly noticeable – the more layers you can use without sacrificing usage the better!
    I must say i’m a great fan of Prevx :)

  2. Rarst said on November 4, 2009 at 5:30 am

    Solution that supposedly works better than anything else with help of very smart technology and you don’t have to change anything to run it… You only have to pay it to actually remove malware.

    About as much of a scam as it gets. Even if well-intended this is still factual scam.

    If system is infected with reasonably advanced virus first thing it will do is nuke all threats. Then it will dance on a grave of their kernel driver and proceed to doing whatever it wants with browser.

    You can’t have several security monitors running at the same time without issues. Drivers will conflict.

    You can’t set up secure sandbox on consumer-grade Windows PC without full virtualization.

    Anything that claims to easily solve this is a scam.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.