WiseVector Stop-X

Hi, thanks for your report.
We have installed Acronis True Image 2021 and WVSX flagged "kernel.dat" as malicious.
Now it has been fixed.

 

Thanks for your suggestion.
We focus on improving technology nowadays, at the same time, we do not give up any opportunity to collaborate with others.

 

Acronis is almost like a virus if not an actual virus, very invasive with tons of services installed and still there after uninstall
I would avoid

 

Acronis was installed temporarily, to create a bootable USB-drive.
I already uninstalled it.

 

I have a small issue with getting WV to launch at startup.

WV does not start when I boot or reboot Windows and, yes, there IS an "X" in the following box of WV's settings: "Automatically launch at system startup."

This issue has existed since I first began using WV several weeks ago. However, I haven't reported the issue until now because I have been very busy with other matters. In the meantime, I have easily started WV manually each day by executing C:\Program Files (x86)\WiseVector\WiseVector.exe.

Today, however, I decided to try & streamline this manual start of WV by putting a copy of WiseVector.exe into the folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup.

When I restarted Windows, so as to test this work-around, WV did NOT launch. Instead I received the following pop-up message:

A quick check revealed that libcrypto-1_1.dll IS present in my computer's file folder at C:\Program Files (x86)\WiseVector. Moreover, the fact that WV readily starts manually makes it obvious that WV DOES have a valid libcrypto-1_1.dll file available.

By the way, i'm running Windows 7 and my computer is quite stable. My only other real-time security apps are Simplewall (a firewall) and SecureAPlus (an anti-exe, white-list app). This issue might (or might not) be unique to my computer but I thought you would like to know about it.

 

WiseVector won't run at startup unless you are using an Admin account. It's a known limitation. To get it to run at startup you would need to add a shortcut to the WiseVector exe file, rather than copying the file there. Hopefully that would work.

 

@bellgamin

Have long respected and followed your posts Sir.

An earlier post in this thread suggested scheduling it as a task.

May I suggest here.

I am not a used, as the limitation with standard user accounts is a deal breaker for me.

Best of luck.

feandur

 

Hi@bellgamin,
As roger_m said, WVSX can run at startup automatically when you are using an Admin account ( sorry for the inconvenience ). Please refer to the post here, #280.
Do you use a Standard account since you first began using WVSX? And please check if "WiseVector" is in your task scheduler library or not. Thanks.

 

I did as @roger_m suggested. Instead of putting WiseVector.exe into Startup folder, I put a shortcut to WiseVector.exe into Startup folder. WV now loads just fine at start & restart. Problem solved. 10Q to the nth, Roger!!!

@Feandur -- Aloha to you from Hawaii! Thanks for your kind comments.

@WiseVector -- Thanks for your speedy & informative reply to my issue. I have always run as an Admin account. Thus, according to that criterion, WV should have launched at startup because I selected that option in WV's settings.

Your comment #834 says (in part): "And please check if "WiseVector" is in your task scheduler library or not." Task Scheduler is disabled on my computer. I have dozens of apps that are set to launch at Startup and, despite the absence of Task Scheduler, they all launch just fine. Does WV depend on Task Scheduler in order to launch itself at Startup? If so, I'm sure you have excellent reasons for such a dependency.

In any event, Roger's work-around is simple to do & works splendidly so.... issue resolved. WiseVector is a magnificent security app. I am eagerly awaiting the paid version!

 

@bellgamin:
Software startet via task scheduler, can run at windows start.
Software started via startup folder starts at user logon.
So the latter delays protection.

 

Excellent information, @Hiltihome -- I have learned a new thing!

 

@bellgamin:
WVSX needs a Microsoft certified ELAM-driver, to start as first kernel mode-driver.
In this way it can start before any malware.
I expect such driver, as soon as the paid version is released.
ELAM-driver:
https://www.google.com/search?q=ELA.....69i57.95294876j0j4&sourceid=chrome&ie=UTF-8

 

@bellgamin
Thanks for your feedback! We are working on some new features these days and the paid version will follow after then.
@Hiltihome
Thanks for your advice.
WVSX has Behavior Detection which can prevent suspicious driver from loading. If WVSX is installed and keeps working before a rootkit infection, the malicious driver will be blocked.
If the system is infected by a rootkit before WVSX is installed, the situation will be tricky, since the rootkit runs within ring 0 it can do almost anything including prevent users from installing any AV. On the other hand, ELAM-driver is useful for cleaning up if the malware infection is not serious. We will add it in the future.

 

It depends on you, if you believe that blocking exploits is important then HMPA is probably the best. However, WSVX is focused on blocking malware just like any other AV, so no matter if malware tries to run via some exploit it still should be stopped.

 

TY for the reply, Rasheed187. That's the kind of info I am seeking.

 

Trying to start Adguard for WIndows (Adguard.exe) creates following error

"Adguard.exe - Application Error
The application was unable to start correctly (0xc00000e5). Click OK to close the application"

Although I get no alert from Wisevector StopX, it's definitely the culprit.. if "Advanced Protection" is disabled, Adguard loads correctly without any further error message.

It also interferes with Adguards Browser Assistant (the browser extension for AdGuard for Windows) which will not launch correctly until Advanced Protection has been toggled off & on in both Chromium & Firefox.

 

Are you using Wisevector StopX with another security solution? In my machine I am using it together with AdGuard for Windows and so far I didnt see any problem or conflict.

 

Only WD but I thought that played nicely with WiseVector. I only noticed this Adguard issue today as I had reason to switch Adguard off (normally starts with Windows) & manually relaunch.

 

Strange, thats my setup, I will try to reproduce it later.

 

Hi,
Thanks for your feedback.
We have tested Adguard, it can work well with WVSX in Win10.
Can you please try this: click settings->Advanced->Advanced Detection Settings->click Exclusions->browse and add the "Adguard.exe" on the list. See if the error will appear again or not.

 

^ already excluded and no issue didn't repeat.

 

Interesting scaner

 

I can't break it yet. Its been very well crafted with much forethought and ongoing improvements, corrections or otherwise bugfixes is made even more formidable. I honestly don't wanna know what goes in to making WVSX so incredibly lite and smooth on the system running in the background then like a shark or bear trap snapping shut various vectors of potential malware entry. But whatever it is keep up the great work! Flawless on my Windows 8.1 for certain.

 

Very nice and light sçaner

 

@WiseVector
Hello there! Very good software! Congratulations

I have a couple things:
I'm using Windows 10 1909.

"Bugs":
- It's not a big deal, but when maximizing the window using shift+right-mouse on the taskbar icon, then maximize, the window will get all messed up. But that is revertible using the same method, but choosing minimize.
- Second is that apparently the list of results uses some weird line height or other formatting or display method, that makes it very slow to scroll with the mouse wheel compared to every other program.

Feature request:
- I saw the "Upload File" button in the scan results page and thought it would upload all currently check-marked files, but it doesn't. Could you maybe include that as a feature?
- Maybe add a menu/legend in the results window that you can open to see what all these abbreviations mean, or write them out in full text. Only after reading through all 34 pages of this thread did I find out what certain things were. There are still MANY questions as to what they mean, though.
- I would like to be able to copy results with using a right click, at least in the Log window.
- Maybe remove the slight transparency of the window. It's so opaque that it looks like it's an error instead of intended design.
- In future, when you have more resources, please make it possible to upload files in quarantine in order to have them checked with your more powerful server, and then get a notification once they're tested if they are truly malicious or not. I have 33 files all found to be "Heur.ML.PE.A" to "...E" and am just not sure about any of them. Also there is no information about what it thinks what kind of malware it found.
- Please add scan results like "Heur.ML.PE.A" to quarantine window. (And maybe exclusions too?)

Questions: Do I automatically upload all the files that I exclude and report as false positive? (This is what I would like to happen) And if not: How do you determine if the file is actually free of malware or not ?

Thank you!