WiseVector Stop-X

Discussion in 'other anti-malware software' started by bellgamin, Aug 10, 2020.

  1. avman1995

    avman1995 Registered Member

    Joined:
    Sep 24, 2012
    Posts:
    944
    Location:
    india
    Finally got the webguard to work...Although the alert can be more stylish in my opinion. Like the WVSX rocket icon in there and maybe more colours.

    Also not sure if they are blocking only malware urls or even phishing/fraud links ? @WiseVector
     

    Attached Files:

  2. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,674
    Location:
    South Wales, UK
    Installation over the top of v2.73, via the inbuilt updater, worked a treat...so v3.00Beta up and running with no apparent glitches so far. On to a happy afternoon of testing. ;)
     
  3. rollers

    rollers Registered Member

    Joined:
    Sep 13, 2004
    Posts:
    507
    Location:
    UK
    Same here installation over the top. Running with Comodo firewall only, Cruelsister set up. Only just rebooted but seems all ok so far...............long may it stay that way
     
  4. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    1,649
    Location:
    Paris
    Just noted that the beta was available, and was glad to see that the application remains elegant and no doubt will run fine even on POS systems.

    Also on a quick run-through seems that in testing running typical malware with real-time enabled will neither be fun nor enlightening as WV will giggle as it kills these files. Best testing practice would be to disable real time and code some new thingies.
     
  5. rollers

    rollers Registered Member

    Joined:
    Sep 13, 2004
    Posts:
    507
    Location:
    UK
    Up and running for a while now on your settings with Comodo. Apart from having to remove the program from containment its running perfectly here so far. A formidable set up I think
     
  6. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,674
    Location:
    South Wales, UK
    Have an issue with v3.00; sporadic termination of the program, generally when moving around and opening the Settings sub tabs. WVSX restarts very quick thereafter as it should...so will run some more test to see if I can find the cause...it may well be down to a clash with the other security apps I have running on the test system.
     
  7. avman1995

    avman1995 Registered Member

    Joined:
    Sep 24, 2012
    Posts:
    944
    Location:
    india
    Ran it through 2 brand new ransomware samples. 1 of the samples was a little buggy just drops a ransom note on the machine and encrypts any text file on the desktop. Very low detection ones:

    834c495fd0386e2ae92907b679f2625dbad8989bd26536eef0d9d55b3d877b85

    fb3b67d7f94630f41e722de49c211d8f5c69cdec8fc9ba25996717a77f67b89b

    WSVX already detected them signatures yet again when even SAP APEX does'nt !!! so i disabled the basic protection and WIBD won't even let them start doing anything flat out blocked.

    To put this in prespective, i ran the same 2 samples against kasperky free and the buggy one managed to drop a ransom note and encrypt a couple text files but eventually it died out without doing any damage or maybe kaspersky stopped it(not even 5 mins had passed from me running that and they had a cloud signature for it very fast!!) as their online sandbox did show a PDM detection (maybe VM thingy). Second sample executed and started doing some things but KAV eventually caught it and remediated any damage. Job well done here as well nevertheless.
     

    Attached Files:

    Last edited: Jun 19, 2021
  8. lucd

    lucd Registered Member

    Joined:
    Jan 30, 2018
    Posts:
    782
    Location:
    Island of Woman
    auslogics windows slimmer is tagged as malware, I think there should be a clear distinction between PUP and what can be technically defined as malware
    auslogics windows slimmer carries a payload hence the warning, mainly other auslogics products,
    auslogics windows slimmer is not malware
    It would be welcome to see a PUP thick box as ESET has it or something else, WSVX tags too much files as malware , its actually annoying, I try to send them samples one by one
     
  9. avman1995

    avman1995 Registered Member

    Joined:
    Sep 24, 2012
    Posts:
    944
    Location:
    india
    just mail the fps to them virus@wisevector.com
     
  10. lucd

    lucd Registered Member

    Joined:
    Jan 30, 2018
    Posts:
    782
    Location:
    Island of Woman
    thanks, but this AV just flags any PUP as malware by design, that's why I posted
     
  11. drhu22

    drhu22 Registered Member

    Joined:
    Aug 21, 2010
    Posts:
    585
    Ive been running it over a year, and there was a bit of a flurry of fps for a short time at the beginning, but other than that its been very quiet... Im on default settings.
     
  12. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    @WiseVector-First up, much appreciation and thanks on all of the efforts and the helpful support your team does with WVSX. I can only wish this novel new product and your talented good people all the best in success ahead.

    Ok. I'm going to go out on a limb here with a "Feature Request"for hopefully some point ahead somewhere along the line as development continues to move forward.

    Question? Is there a likelihood or a chance to add in WVSX a simple but powerful windows registry guard could be implemented into it. By that I don't mean like some other vendors resort to by adding a service for that one task. But in a similar manner as say the PC Hunter Program whereby it is so easily achieved by ticking a few boxes, safely and reliably prevents ANY new writing to the Registry Key-Value via an OPTION.

    Is that or could such small request be of any interest to further the already successful abilities Wise Vector Stop X already employs. As mentioned its understood the network feature is only begun. Just putting this out there for possibility at a later point once users and yourself are satisfied with the Network results feature.
     
  13. Petrovic

    Petrovic Registered Member

    Joined:
    Mar 14, 2014
    Posts:
    81
    Location:
    Russia
    nice find :D
    _hxxps://textbin.net/raw/syyecpn3ok
     
  14. Petrovic

    Petrovic Registered Member

    Joined:
    Mar 14, 2014
    Posts:
    81
    Location:
    Russia
    without real-time protection
     
  15. avman1995

    avman1995 Registered Member

    Joined:
    Sep 24, 2012
    Posts:
    944
    Location:
    india
    Yeah its pretty skiddish stuff
     
  16. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,770
    Location:
    New Mexico, USA
    So, with the addition of firewall and HIPS, is anyone confident in running WiseVector alone? It's Beta, and early so I doubt anybody has run it through a tough test yet. Just curious.

    Great program combined with Comodo Firewall (CS settings)
     
  17. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    1,131
    Location:
    Baden Germany
    My Office machine freezes, when web-protection is enabled,
    even when no browser is open.
    For now I disabled web-protection, from a LUA account.
     
  18. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,209
    Location:
    Among the gum trees
    I installed the beta briefly but now that it has HIPS, firewall and network protection I guess it is more likely to be incompatible with the other AVs I have installed on my machines. Norton on one and Kaspersky on the other, both of which include firewalls.
     
  19. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    Ok. So here's what I do just to share with this forum the virtue of protecting Documents and Pictures Directory. Since solid Document protection entails the necessity of nothing outside your own control of preserving them either being scrambled or otherwise modified. WVSX alerts and offers you the user the Option whether to allow it to launch a, (let's say a config file), or Terminate the attempt. Manually. In tandem with WVSX add Secure Folders and set it to Read-Only.

    With that combo in force, now let's see if some undercover outside intrusive agency, (rare escapee from WVSX detection) targeting those good files or even an internal body tamper with it. Secure Folders effectively prevents modifying/renaming or deleting) same directory set in WVSX.

    Now with that said, I've researched it somewhat to find however they may still be copied away. I have more to examine on that front, but this is for the most part safest protection since neither feature is exactly capable of preventing the Copy part of those protected files short of hiding them completely. Try it for yourself. They are a solid compliment to keeping them intact and unmodified in spite of the useful WVSX rollback feature. But copying away is another factor I personally have not seen preventable yet. Has to do with Permissions and/or that sole limitation.

    Please feel free to contradict my findings and stand me corrected if amiss. :)
     
    Last edited: Jun 19, 2021
  20. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,770
    Location:
    New Mexico, USA
    Encrypt with 7X or some other program and then protect with WVSX? Or just encrypt the files. I use 7x and open them when I want to use them.I'm really, really liking this new WVSX 3 beta. I don't test against malware, so still have Comodo Firewall, but the way WVSX is going, it might become my only malware protector. With firewall - if it's a full firewall - and HIPS protection - again if it's a full HIPS, it could do it all.
     
  21. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    No personal encryption necessary-whatsoever=WVSX + Secure Folders is satisfactory and easily by one press of the finger to access.
     
  22. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
  23. WiseVector

    WiseVector Registered Member

    Joined:
    Aug 16, 2020
    Posts:
    543
    Location:
    China
    Thank you for your suggestion, first of all WVSX protects many registry keys from being written by default itself, such as auto-startup items, other important registry items.

    You can also write rules to prevent writing of registry keys you consider important. For example, ransomware often changes the user's desktop by modifying the registry, which does not affect the computer too much but makes people feel uncomfortable, you can write the following rules to block such behavior. Please see screenshots below,

    https://ibb.co/k4CMrXs

    https://ibb.co/whBm6KP
     
  24. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    7,982
    Still no changelog. So, blindly install a ... beta?
     
  25. WiseVector

    WiseVector Registered Member

    Joined:
    Aug 16, 2020
    Posts:
    543
    Location:
    China
    You can write a rule to prevent any app from reading (include copy) your important files. Suppose you place a lot of important files in "E:\Important" and you only want trusted programs to be able to access files within it, you can write the following rule. Note that I exclude explorer.exe by default, otherwise you can't even open this folder.

    Screenshot 2021-06-19 214646.png
     
    Last edited: Jun 20, 2021
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.