I was on 3.1 beta when I reported fps so some were expected... overall for a beta release it was (I changed to stable release) very quiet.
Happy Halloween, Just wondering and curious if WiseVector Stop X 3.1 Beta would have any conflicts with Kaspersky Security Cloud? I am thinking using WVSX and secondary scanner? Also, do you have a link for the 3.1 Beta? Or will this link work for the beta, wisevector.com/en/ ? Kind regards,
I received an email saying that this has been fixed, but uninstalling or installing MailWasher still produces pop ups from WVSX blocking temp files created by MailWasher.. Reported.
@WiseVector Requested Features: 1. A password protected feature in order to keep all the settings of WVSX from any unauthorized changes, for ex. I don't want a standard/non-admin or standard/domain account to disable WVSX protection even if it's for 10 seconds or changing anything from the settings. 2. Does WVSX work for user accounts inside a Domain/Active Directory yet? if it doesn't, then Would you please add it to your list. Keep up the great work man and thank you for your amazing efforts
Thanks for your encouraging. 1. The password protected feature might be added in 3.03 version. 2. Working for user accounts inside a Domain/Active Directorty is going to be added in 3.02 version, which will be released soon.
@WiseVector Downloaded rpc-firewall from... https://github.com/zeronetworks/rpcfirewall/releases which was mentioned in this thread... https://www.wilderssecurity.com/thr...e-kill-switch-released-to-open-source.441997/ WVSX did not like any of it... excluded, but did not install or execute anything files uploaded PS: Open source so maybe something for you to look into for StopX assuming its clean?
Thanks for your feedback, we have fixed this FP. Since this program uses several sensitive APIs (CreateRemoteThread for example), it will tend to be judged as malware by AI.
Hi, Will this detection keep appearing? Please enable "Help fight malware by providing threat statistics" in WVSX. The next time when WVSX detects the in-memory threat it will automatically dump the process's memory and sent it to us. Please send your public IP address to support@wisevector.com so we can know which memory file belongs to you. If you feel uncomfortable to provide your IP address, you can still contact us by email so we can tell you the next instruction.
Hi, That setting is already enabled so the memory dump should have already been sent. I've already emailed you about this but I shall send through my IP address shortly. Thanks.
I've already heard back from your team. It looks like 0Patch may have had a hand in this. Thanks as always, Dave
Hi, With both AI based and traditional HIPS, the "pro" version has more powerful behavior detection than V2.73. I think users can choose the appropriate version according to their own needs.
thanks I want something that decides for me, that why I am not using the pro version hopefully you can make a version as powerful as pro but without any user prompts, except for malware delete/quarantine/exclude routine I am interested in AI because of its ability to lessen the burden on user decision, I am keeping the free version.
Couldn’t you use the low-level setting then? https://www.wisevector.com/en/introducing-the-firewall-level-and-hips-level/ firewall level / HIPS level Low-level Security: It relies entirely on the AI's independent judgment, and basically there will be no pop-ups.
you could do something like this to prevent manipulation of task schedule without disabling task schedule, it doesn't seem to me that they are going to do anything about it in the base WVSX version Spoiler reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Task Scheduler5.0" /v DragAndDrop /t REG_DWORD /d 1 reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Task Scheduler5.0" /v Execution /t REG_DWORD /d 1 reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Task Scheduler5.0" /v Task Creation /t REG_DWORD /d 1 reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Task Scheduler5.0" /v Task Deletion /t REG_DWORD /d 1
Most likely because the programs you have are either whitelisted and/or not suspicious enough “Automatic mode: Whitelisted programs will be allowed to access the network. The user will be prompted to take action for programs that are identified to be highly suspicious by AI.”