WiseVector Stop-X

Discussion in 'other anti-malware software' started by bellgamin, Aug 10, 2020.

  1. drhu22

    drhu22 Registered Member

    Joined:
    Aug 21, 2010
    Posts:
    535
    I was on 3.1 beta when I reported fps so some were expected... overall for a beta release it was (I changed to stable release) very quiet.
     
  2. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    2,020
    Location:
    Canada
    As for myself, I’m using beta 3.1 and no false positives so far:)
     
  3. Moose World

    Moose World Registered Member

    Joined:
    Dec 19, 2013
    Posts:
    774
    Location:
    U.S. Citizen
    Happy Halloween,

    Just wondering and curious if WiseVector Stop X 3.1 Beta would have any conflicts with Kaspersky Security Cloud?
    I am thinking using WVSX and secondary scanner?
    Also, do you have a link for the 3.1 Beta?
    Or will this link work for the beta, wisevector.com/en/ ?
    Kind regards,
     
    Last edited: Oct 31, 2021
  4. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,360
    Location:
    Among the gum trees
    I received an email saying that this has been fixed, but uninstalling or installing MailWasher still produces pop ups from WVSX blocking temp files created by MailWasher.. Reported.
     
  5. Rebsat

    Rebsat Registered Member

    Joined:
    Oct 20, 2014
    Posts:
    36
    Location:
    My Desk
    @WiseVector

    Requested Features:
    1. A password protected feature in order to keep all the settings of WVSX from any unauthorized changes, for ex. I don't want a standard/non-admin or standard/domain account to disable WVSX protection even if it's for 10 seconds or changing anything from the settings.

    2. Does WVSX work for user accounts inside a Domain/Active Directory yet? if it doesn't, then Would you please add it to your list.

    Keep up the great work man and thank you for your amazing efforts :thumb:
     
    Last edited: Nov 4, 2021
  6. WiseVector

    WiseVector Registered Member

    Joined:
    Aug 16, 2020
    Posts:
    505
    Location:
    China
    Thanks for your report. We have tested again. This has been fixed for sure.
     
  7. WiseVector

    WiseVector Registered Member

    Joined:
    Aug 16, 2020
    Posts:
    505
    Location:
    China
    Thanks for your encouraging.
    1. The password protected feature might be added in 3.03 version.
    2. Working for user accounts inside a Domain/Active Directorty is going to be added in 3.02 version, which will be released soon.
     
  8. drhu22

    drhu22 Registered Member

    Joined:
    Aug 21, 2010
    Posts:
    535

    Attached Files:

    Last edited: Nov 10, 2021
  9. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,360
    Location:
    Among the gum trees
    No information for me to judge whether this is a False Positive or not.

    WVSX.PNG
     
  10. WiseVector

    WiseVector Registered Member

    Joined:
    Aug 16, 2020
    Posts:
    505
    Location:
    China
    Thanks for your feedback, we have fixed this FP. Since this program uses several sensitive APIs (CreateRemoteThread for example), it will tend to be judged as malware by AI.
     
  11. WiseVector

    WiseVector Registered Member

    Joined:
    Aug 16, 2020
    Posts:
    505
    Location:
    China
    Hi,

    Will this detection keep appearing? Please enable "Help fight malware by providing threat statistics" in WVSX.
    The next time when WVSX detects the in-memory threat it will automatically dump the process's memory and sent it to us.
    Please send your public IP address to support@wisevector.com so we can know which memory file belongs to you.

    If you feel uncomfortable to provide your IP address, you can still contact us by email so we can tell you the next instruction.
     
  12. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,360
    Location:
    Among the gum trees
    Hi,

    That setting is already enabled so the memory dump should have already been sent.

    I've already emailed you about this but I shall send through my IP address shortly.

    Thanks.
     
  13. WiseVector

    WiseVector Registered Member

    Joined:
    Aug 16, 2020
    Posts:
    505
    Location:
    China
    Well received. Thanks. We will analyse soon and reply you once we have the result.
     
  14. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,360
    Location:
    Among the gum trees
    :D I've already heard back from your team. It looks like 0Patch may have had a hand in this. :thumb:

    Thanks as always,
    Dave
     
    Last edited: Nov 13, 2021
  15. WiseVector

    WiseVector Registered Member

    Joined:
    Aug 16, 2020
    Posts:
    505
    Location:
    China
    That's nice;)
     
  16. lucd

    lucd Registered Member

    Joined:
    Jan 30, 2018
    Posts:
    698
    Location:
    Island of Woman
    so is the 2.73 base a worthy version or you focus all your efforts on the "pro" version?
     
  17. WiseVector

    WiseVector Registered Member

    Joined:
    Aug 16, 2020
    Posts:
    505
    Location:
    China
    Hi,

    With both AI based and traditional HIPS, the "pro" version has more powerful behavior detection than V2.73.
    I think users can choose the appropriate version according to their own needs.
     
  18. lucd

    lucd Registered Member

    Joined:
    Jan 30, 2018
    Posts:
    698
    Location:
    Island of Woman
    thanks I want something that decides for me, that why I am not using the pro version
    hopefully you can make a version as powerful as pro but without any user prompts, except for malware delete/quarantine/exclude routine
    I am interested in AI because of its ability to lessen the burden on user decision, I am keeping the free version.
     
  19. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,383
    Couldn’t you use the low-level setting then?

    https://www.wisevector.com/en/introducing-the-firewall-level-and-hips-level/

    firewall level / HIPS level
    Low-level Security: It relies entirely on the AI's independent judgment, and basically there will be no pop-ups.
     
  20. lucd

    lucd Registered Member

    Joined:
    Jan 30, 2018
    Posts:
    698
    Location:
    Island of Woman
    thank you I'll try
     
  21. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    9,810
    Location:
    U.S.A. (South)
  22. lucd

    lucd Registered Member

    Joined:
    Jan 30, 2018
    Posts:
    698
    Location:
    Island of Woman
    you could do something like this to prevent manipulation of task schedule without disabling task schedule, it doesn't seem to me that they are going to do anything about it in the base WVSX version
    reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Task Scheduler5.0" /v DragAndDrop /t REG_DWORD /d 1
    reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Task Scheduler5.0" /v Execution /t REG_DWORD /d 1
    reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Task Scheduler5.0" /v Task Creation /t REG_DWORD /d 1
    reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Task Scheduler5.0" /v Task Deletion /t REG_DWORD /d 1
     
    Last edited: Nov 26, 2021
  23. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,360
    Location:
    Among the gum trees
    HIPS Automatic Mode doesn't prompt me with pop ups.
     
  24. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,383
    Most likely because the programs you have are either whitelisted and/or not suspicious enough

    “Automatic mode: Whitelisted programs will be allowed to access the network. The user will be prompted to take action for programs that are identified to be highly suspicious by AI.”
     
  25. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,360
    Location:
    Among the gum trees
    Yes, that makes sense. Probably a good thing then, at least on my machines.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.