WiseVector Stop-X

Good to know, that WVSX protects against the latest threats.
I'm a big fan, and like it very much, because it's effective and silent.
Very minor FPs, only on exotic executables.

 

Fp... HiBitUninstaller-Portable.exe
http://www.hibitsoft.ir/HiBitUninstaller/HiBitUninstaller-Portable-2.7.62.zip

Stopx Ver 3.07 default settings, W10pro 64bit 21H2... Reported as fp and uploaded through ui

Stopx exclude wont persist

 

Hi @ Wilders

I have submitted a number of false positives and not had any response. I am far from sure that the in app reporting is working.

It would be helpful if WiseVector could resolve the in app reporting problem, if there is one, alternatively respond in a timely manner to Wilders posts.

It might be a great progam but responses don't impress me.

Terry

 

Hi@TerryWood

We only got one FP report from you. The file is named "rufus-3.18p.exe ". But WVSX V3.07 didn't flag it as malicious. Here is the screenshot.

 

Hi WiseVector
I sent three samples. And two emails. I will send you copies.

Mine was a false positive. I tried it on several occasions. The exe version of the file also was an fp.

Do you think I like wasting my or your time? I contacted you because I had a problem. Look how long it took for you to reply to my last post - 11 days.

This forum and it's comments show that fp's are a problem as is the in-program reporting mechanism.

It's a program under development so there will be problems. People just need timely answers!

Thank you.

Terry

 

@TerryWood
Please check the auto-update of WVSX whether works well or not.
If yes, you would find the FP about RUFUS-3.18P.EXE had been resolved days ago.

 

HiBitUninstaller-Portable.exe fp is gone now... thanks WiseVector

 

Hi @ WiseVector

Thank you for your reply. The update mechanism works fine. A pity that other things don't.

Simply put you are missing the point.

Terry

 

I've been scanning my system every other month with all versions of WiseVector and so far I've never ever had a FP. I certainly believe other users have definitely experienced FPs, but it is intriguing that some people do and others don't. I should also say that MS Defender has never detected a FP in more than 2 years, maybe my internet behaviour is not so risky...

 

@TerryWood

We got two emails from you to report FP and they were all about RUFUS-3.18P.EXE. It can run well with WVSX( both static scanning and behavior detection did't flag it as malicious). Here is the screenshot.
Could you please send me the screenshot of WVSX like this? I would like to know the latest update time. Thanks.

 

you are welcome

 

Can I use this with Comodo Internet Security?

 

Actually this combination is superb for those with a need for a real time AV. However my suggestion is to install Comodo Firewall and not CIS (as you will have no need for CIS's on demand AV), and with WVSX to change both the HIPS and Firewall protection level to Low Security as there will be no advantage (nor need) to increase these levels.
+

 

Thanks for the response, is it okay to use it along with CIS? I saw the site says it is okay to use with most antivirus programs.

 

Yes, that would be no issue at all, but just keep in mind that the real-time on demand Comodo AV component of CIS would be of no value (and also CF already has an on-access VirusScope component as well as a Cloud lookup).

 

Would you recommend WiseVector together with Kaspersky Internet Security?

 

No. Although I am very fond of WiseVector, I doubt that (considering all the various modules of KIS in addition to probably the best definition database) the installation of WVSX would yield additive protection (essentially overkill for no net benefit). But note that this is a KIS-WVSX specific comment. WV would indeed enhance the protection given by lesser AV products.

 

Thank you, I will follow your advise.

 

Tested G Data BB only, weeks ago. One fresh Formbook variant got through. Every time i ran chrome browser, G Data "An Unknown process is trying to infect your browser memory, do not do any banking or sign in".
Closed the browser, restarted the PC. Started chrome again, the same G Data pop up window about browser process injection. CPU time was normal. Tried to download kvrt etc stuff like that to remove "infection".
But i can surf the net normally, but if i download, kvrt, npe etc stuff, the download get interrupted. So, maybe these filenames were "hardcoded" in the malware. Then i went to my another PC, downloaded Wv to usb stick. Plugged usb to stick to my "Formbook variant infested son of a..." PC. Installed Wv. Scanned.
Did a scan...wow instant several [MEM] Svchost.exe infections.
Wv cured all the ****. Absolutely amazing...i was like wow!
While G Data BB is better in some situations than Wv, G Data should improve their BB memory/browser injection method, especially removal procedure.
10 points for Wv, 7 points for G Data BB.

 

I am currently running WVSX with Windows Defender disabled. Reading through this thread it appears that the two can run alongside each other without any problems. But is this perhaps overkill or are there real advantages in doing so?

My firewall of choice is Binisoft Firewall Control, mainly for outbound protection, which I am running with the firewall element of WVSX disabled. Can these two happily co-exist and if so would there be any advantage in running both firewalls together?

 

Regarding WV and Defender running simultaneously, although a real advantage would be very hard to prove, there is also no real disadvantage in keeping Defender enabled as long as one's system reacts well to Defender natively.

Regarding the Firewall question, as long as a person has adequate OUTBOUND protection (which you do have with Binisoft) my recommendation is to change WV firewall setting to "low security".

 

Thanks CS. I will do as you suggest.
WVSX running like a dream on my machine by the way.

 

That begs a question re WVSX v3.07 firewall - doesn't the "Automatic Mode" firewall setting provide good enough outbound monitoring/protection?

 

For he WiseVector firewall o be equal to applications like WFC the setting that would have to be used is Maximum Security. Any lower setting would allow certain (undetectable) nasty things from connecting out.

 

Hi @cruelsister and @Wendi, I use simplewall with WVSX's FW Mode set to Low Security. Operation of simplewall is indeed simple as it works automatically (no need for me to create rules) and effectively for monitoring all outbound internet requests. No app gets out, unless I allow it.