WiseVector Stop-X

Discussion in 'other anti-malware software' started by bellgamin, Aug 10, 2020.

  1. rollers

    rollers Registered Member

    Joined:
    Sep 13, 2004
    Posts:
    507
    Location:
    UK
    @WiseVector I am looking for an answer as to when your software will be included in the Microsoft security centre? I would love to use it standalone, but as I am on windows 11, trying to disable Windows Defender is worse than trying to remove a bad virus! I understand that this has been promised before, but can you give an estimate as to when? Days, weeks, months years? I'm not interested in running it alongside other softwares, so will wait and see if/when you get inclusion in the security centre
     
  2. Spartan

    Spartan Registered Member

    Joined:
    Jun 21, 2016
    Posts:
    1,424
    Location:
    Dubai
    mate, run this tool as admin, Defender is disabled from its roots along with Smart Screen = https://www.majorgeeks.com/files/details/toggledefender.html
     
  3. rollers

    rollers Registered Member

    Joined:
    Sep 13, 2004
    Posts:
    507
    Location:
    UK
    I've taken the plunge, MD is no more and WV running nicely, although I had to put my password manager in exclusions otherwise it wouldn't load at all. All sweet otherwise
     
  4. Spartan

    Spartan Registered Member

    Joined:
    Jun 21, 2016
    Posts:
    1,424
    Location:
    Dubai
    Excellent meet! Glad it worked out!
     
  5. lucd

    lucd Registered Member

    Joined:
    Jan 30, 2018
    Posts:
    782
    Location:
    Island of Woman
    wvsx is trying to stop svchost from creating a legitimate task:


    Microsoft\Windows\Sysmain\WsSwapAssessmentTask" This scheduled task will launch the “%windir%\system32\rundll32.exe sysmain.dll

    recommendation is block
     

    Attached Files:

    • WWSX.png
      WWSX.png
      File size:
      152.5 KB
      Views:
      30
  6. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    487
    Location:
    VPN city
    I can't get stopX to install. The setup asks for admin rights and then nothing happens, I looked in process explorer right after I ran the setup file and nothing opens
     
  7. drhu22

    drhu22 Registered Member

    Joined:
    Aug 21, 2010
    Posts:
    585
    I had the same issue... go to Windows Security/App & Browser Control/Exploit Protection and turn off all ASLR protections... requires reboot.

    Edit: Thanks again to harlan4096 for solving that one for me
     
    Last edited: Jul 23, 2022
  8. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    23,933
    Location:
    UK
  9. drhu22

    drhu22 Registered Member

    Joined:
    Aug 21, 2010
    Posts:
    585
  10. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    487
    Location:
    VPN city
    So everything under windows' built in exploit protection needs to be turned off to install stopX?
     
  11. drhu22

    drhu22 Registered Member

    Joined:
    Aug 21, 2010
    Posts:
    585
    Just the ALSR options... you have to disable those, reboot, install Stopx (it will ask for reboot but revert ASLR first if thats your choice), then reboot again.

    It worked for me.

    Good Luck
     
  12. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    487
    Location:
    VPN city
    Why do I have to disable those security features to install this?
     
  13. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    I ran a ransomware just toying around with Windows 10. I need buy a new rig (laptop) with at least a 750Gb or 1 TB since the Dell I have with 10 came with a lousy low storage capacity, Anyway after installing Comodo FW anew courtesy @cruelsister and containing the trapped ransomware inside with it trying to connect out on a multitude of diff outbound channels/ports, each and every time WiseVector Stop X jumped up like a wound up rubberband alerting and it was aborted throughout it's frantic attempt also viewable courtesy KillSwitch

    Although safely sealed in Comodo's trap, it still was remarkable and very noteworthy of WiseVector's sensitivity to it's futile try connecting out.
     
  14. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    1,649
    Location:
    Paris
    It is remarkable how well WVSX compliments CF. Normally I've found attempting to breach security applications to be amusing, but adding WV at default has taken all joy away as it really has become an exercise in futility, reducing me to find giggles elsewhere.
     
  15. soccerfan

    soccerfan Registered Member

    Joined:
    Oct 15, 2007
    Posts:
    560
    Earlier this year, I started using WVSX along with sandboxie-plus that runs all my internet facing programs.
    Would CF provide an additional layer of security or is it more or less redundant in this scenario?
    Any comments would be appreciated!
     
  16. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    1,649
    Location:
    Paris
    As long as Sandboxie Plus is treating you well and you have no issues in its use (and EVERY POSSIBLE avenue for malware to get onto your system is covered), adding CF would neither be needed nor desired.
     
  17. soccerfan

    soccerfan Registered Member

    Joined:
    Oct 15, 2007
    Posts:
    560
    Cool! Thanks for the two words (in all-caps) of caution to first try to cover all bases.
    And thanks for responding to a possibly off-topic post in this WVSX thread.
     
  18. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    It most certainly compliments CFW far more than imagined or expected and that's always a good thing. That also goes for other security programs that meld together flawlessly.
    But in order for either and both programs to keep up they must have an extremely active and innovative submissions database because it's almost dizzying all the malwares that keep pumping out like a piecework machine on steroids.
     
  19. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,289
    Location:
    Pennsylvania.
    Using this program with Comodo Firewall and Panda Dome Free atm.
     
  20. WiseVector

    WiseVector Registered Member

    Joined:
    Aug 16, 2020
    Posts:
    543
    Location:
    China
    Sorry for the delay to get WVSX registered in Microsoft security centre. WVSX will not be commercialized in this year, so I can't tell you the exact time.
     
  21. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    Quick Q for you @WiseVector-On Windows 10 if you close out the WV icon to close program it still continues to alert OR quarantine.
    I disengaged Defender and on running some Real Recent Samples didn't find those I activated by clicking's after the first one was 'recognized'- Also running CFW but allowed it to Run Unlimited. I'm at a total loss but in a good way. The samples simply disappeared and there were many one-at-a-time. Searched 'Quarantined Files' and found nothing. I checked CFW as blocked in the log and also Wise Vector StopX logged those same samples. But after the first one each one after on clicking simply vanished :D I think I have stumbled on a mystery by accident but not complaining :isay:

    Your AV comprehensive safety program (v.3.07) is absolutely splendid and lightning quick to Alert and/or otherwise Block (Stop X) with so many numerous useful features :)

    SOLVED: CFW scooped them up- Guess I need to brush up on the new version more.
     
    Last edited: Aug 3, 2022
  22. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    Got tagged with a test of a Magniber (there are many versions)- WiseVector Stop X roll back feature is awesome & constructive.
    Know what your doing when/if you Exclude during any testing. I been doing these for ages since Windows 98SE. One version only managed to encrypt 2 files (a swf and jpg) on desktop before it was blocked. On further analysis quite a few desktop folders also indeed got popped as my collection of AVT Sci-Fi files. I'll wait to see for a Decrypter in a few months or delete the stricken files. More my own doing by letting an initial WVSX Alert run exclude but subsequents were stopped dead in their tracks. Of no real consequence since the PC is short ranged in storage capacity so I never put much on it anyway. Magniber reminds me of an old file infector nemesis of mine name Sality. I been hot & heavy on malware ever since then.

    Thanks @WiseVector for continued development and improvements!!

    RESOLVED: All sorted out and resolved. I was able to recover 90% of affected data by having offline duplicates. Had a backup of sci fi movies so that's that. Deleted out assorted encrypts which wasn't much. I'll have to tailor my testing to better account for the field that some ransomware emits as camouflage

    On another note ShellLocker takes over the entire screen even when running contained in CFW- WVSX overlays focus above that FULL SCREEN from Locker and END TASK remediates immediately. :thumb:
     
    Last edited: Aug 5, 2022
  23. WiseVector

    WiseVector Registered Member

    Joined:
    Aug 16, 2020
    Posts:
    543
    Location:
    China
    @EASTER Thanks for your positive feedback. We will keep going!
     
  24. lucd

    lucd Registered Member

    Joined:
    Jan 30, 2018
    Posts:
    782
    Location:
    Island of Woman
    do you have a link to proper configuration like you have,
    I still want to use simple wall is that possible with CF+WVSX, sometimes its possible to use WFP and firewall togheter
    you cant use wvsx firewall with simple wall though, so I think maybe disable WSVX firewall but keep CF
     
  25. drhu22

    drhu22 Registered Member

    Joined:
    Aug 21, 2010
    Posts:
    585
    I am using CF+WVSX+SW here with no problems (W10 21H2)... have done so in the past also with no issues.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.