Deprecated WiseVector Free AI Driven Security

SearchLight

Level 13
Verified
Top Poster
Well-known
Jul 3, 2017
626
Regarding v2.73, @WiseVector mentioned that if one wants to continue using this version to disable automatic program updates.

However, there are streaming updates which I still have enabled. What do these do, and will they continue to be made available to v2.73 once 3.0 is stable and ready?

I just checked for a streaming update on v2.73, and it downloaded them.
 
  • Like
Reactions: Nevi

HarborFront

Level 72
Verified
Top Poster
Content Creator
Oct 9, 2016
6,159
WV v3.01 has a firewall which is independent of Windows firewall.

Anybody tested it against KIS firewall?

So must disable one if using both software?

Thanks
 

HarborFront

Level 72
Verified
Top Poster
Content Creator
Oct 9, 2016
6,159
I have KIS and WiseVector 3.01 running with both firewalls on. Don't any issue yet.
Thanks

IMO, one shouldn't run both firewalls? BTW, not all firewalls are built the same. Some are simple plain firewall, some are more sophisticated whilst others incorporate HIPS.

Since you are using both the firewalls so which is better in terms of ease of use, more features, better info display etc?
 

pxxb1

Level 10
Verified
Well-known
Jan 17, 2018
484
WV v3.01 has a firewall which is independent of Windows firewall.

Anybody tested it against KIS firewall?

So must disable one if using both software?

Thanks

It is not a firewall per se, just... sort of. If you look at what it does you see that it regulates certain traffic items according to threat, that`s it. That is what they call a firewall, but it is not an ACTUAL... firewall. It`s, firewall-ish. It does not either work in any way togheter with the inbuilt windows d.o, so you can use any other firewall without problem.
 

WiseVector

From WiseVector
Verified
Top Poster
Developer
Well-known
Dec 14, 2018
643
Regarding v2.73, @WiseVector mentioned that if one wants to continue using this version to disable automatic program updates.

However, there are streaming updates which I still have enabled. What do these do, and will they continue to be made available to v2.73 once 3.0 is stable and ready?

I just checked for a streaming update on v2.73, and it downloaded them.
If you have "Automatically download and install program updates" disabled. Then WVSX will only update virus definitions, you will not get any program updates. So it will not update to 3.0 or above.
 

WiseVector

From WiseVector
Verified
Top Poster
Developer
Well-known
Dec 14, 2018
643
WV v3.01 has a firewall which is independent of Windows firewall.

Anybody tested it against KIS firewall?

So must disable one if using both software?

Thanks

WVSX' firewall uses WFP driver. It does not install any hooks or do some other hacks which could result in incompatibility or system instability. However, when you have two WFP drivers installed, there could be a potential problems with prioritization and order of processing. For example, if the first driver decides to drop a malicious network packet, the second driver will not have a chance to check this packet, but i wouldn't call this a conflict.
 

blueblackwow65

Level 23
Verified
Well-known
Dec 19, 2012
1,256
If you turn the HIPS and firewall to max, there are a lot of pop-ups. Do these pop-ups bother you?
Hi not at all ,got used to it and it is working very well.I look at it this way another program like VS or rehips or whatever av would give the same amount of popups or more. Just wanted to say also the 30-50% cpu usage is gone ,very good job guys from Wisevector:).
 

Decopi

Level 8
Verified
Oct 29, 2017
361
Hi @WiseVector , thank you for 3.01... works like a charm, zero issues until now.

Considering the latest comments above related to WVSX' firewall + WFP driver etc, please I have few simple questions:

1) Is WVSX' firewall a full firewall? Or is it a "firewall-ish" with some firewall functions? In other words: Does WVSX' firewall need another firewall? Or is it WVSX' firewall enough (and doesn't need another firewall)?

2) What is going to be the official WVSX' recommendation? To use another firewall? Or to turn-off other firewalls?

3) Personally I use Comodo Firewall (@cruelsister version). How can I check if CF uses WFP driver? (I want to be sure it doesn't conflict with WVSX).

4) What about Windows firewall? Does Windows firewall use WFD driver? Can it conflict with WVSX' firewall?

Thank you again
 

cruelsister

Level 43
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,224
D- Although I have found WVSX to be a remarkable product, those additional security modalities (FW, HIPS) found in version 3 may not yield significant benefit when CF(cruel) is also being used.
Although I haven't done anything extensive with the new version, what I have done did not result in any incompatibilities between WV and CF.

On this topic, I should report that on my production system (and a VM clone of it for fun) I have had installed WVSX 2.73 (default), Cruel CF, and WD (default) for the last 6 months. Essentially this results in 3 dumb (signature based) detection routines (VirusScope, WVSX, WD), one smart (AI) modality of WiseVector, and Comodo auto-Containment to catch them if they fall. With the addition of excellent Outbound protection of CF things are fairly well covered.

I have found no issues with the dumb detection routines as for in the wild malware there were samples caught by one and allowed by others but overall leading to additive protection. But the AI component of WV still impresses, and along with Comodo's auto-sandbox true zero day malware really don't have much of a chance. Last week I coded up a ransomware file loosely based on Ryuk (true zero-day) and although undetected by the dumb components, the WV AI after less than a minutes "thought" came back with a detection (potential.ransomware.A), detected and cleaned up my ransomware nor and some trivia dropped in AppData/Local). Poor malware didn't even make it to the sandbox.

(and regarding WF- seems not to matter if it is enabled or disabled as it neither helps nor detracts)

M
 

Decopi

Level 8
Verified
Oct 29, 2017
361
D- Although... tracts)

M

@cruelsister , firstly... I love you : )
Thank you for your "delicious" explanations (I really enjoy your posts).

Secondly, I believe that WVSX + CruelComodo are an incredible combo (without performance or conflict issues).
However, it'll be nice to have WVSX' official answers related to the firewall... just to confirm our expectations.
 

cruelsister

Level 43
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,224
it'll be nice to have WVSX' official answers related to the firewall
Absolutely! My dance with v3 has been cursory at best. That being said, the WiseVector firewall does work well by itself and for those that are solely relying on Windows firewall (God Forbid) alone for outbound protection it would be a necessity.

(Fun Fact- it is soooo much easier to find malware that will mess with WF in some way than to actually find a malware strain that WF will aid in preventing.)
 

WiseVector

From WiseVector
Verified
Top Poster
Developer
Well-known
Dec 14, 2018
643
Hi @WiseVector , thank you for 3.01... works like a charm, zero issues until now.

Considering the latest comments above related to WVSX' firewall + WFP driver etc, please I have few simple questions:

1) Is WVSX' firewall a full firewall? Or is it a "firewall-ish" with some firewall functions? In other words: Does WVSX' firewall need another firewall? Or is it WVSX' firewall enough (and doesn't need another firewall)?

2) What is going to be the official WVSX' recommendation? To use another firewall? Or to turn-off other firewalls?

3) Personally I use Comodo Firewall (@cruelsister version). How can I check if CF uses WFP driver? (I want to be sure it doesn't conflict with WVSX).

4) What about Windows firewall? Does Windows firewall use WFD driver? Can it conflict with WVSX' firewall?

Thank you again

It's hard to define "full firewall". But I think the WVSX's firewall is very effective in preventing malware, and it is also enough for home users. I will tell you why,

. By default the AI will help the user to decide whether to block a program from accessing the internet. This can greatly reduce the workload of the users.
. Users can adjust the firewall level according to their needs.
. Users can write custom rules to get better protection, such as block programs produced by certain vendors, block programs with a specific digital signature or block programs within a specific folder.

Most importantly, the firewall is now talking to other components of WVSX, allowing it to block advanced & popular threats that other firewalls can't. For example,

Dll-sideloading attack (Banload, Guildma, Javali, etc. These malware families most target Brazilian and Italian)
Rundll32, regsvr32.exe abuse. (Trickbot, Dridex, Ursnif, CobaltStrike, Hanictor, IcedID, etc.)
Code injection to bypass firewall.

2. Whether to turn off other firewalls depends on the user's needs, if other firewalls have some functions WVSX does not, and the users need it, then they can keep it.

3. I can confirm that Comodo also uses WFP driver, during our tests we didn't see any conflicts.

4. The Windows built-in firewall also relies on WFP. It does not conflict with WVSX's firewall, but I think it is not enough to protect users from malware. Same with cruelsister, In our malware tests, we rarely observed that the Windows firewall could stop malware from posting information. Not to mention the advanced threats listed above.
 

cruelsister

Level 43
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,224
Dll-sideloading attack
I love the way WVSX will detect such malware. Aside from the easy part in detecting the initial malware, if allowed to drop and then run, one will see a detection of the malicious dll as well as a separate detection of the spawned legitimate application that calls up the nasty dll.
 

HarborFront

Level 72
Verified
Top Poster
Content Creator
Oct 9, 2016
6,159
Hi @WiseVector

It's great your new version comes with FW and HIPS

Any comment on Kaspersky FW in KIS? Is yours better in any way? I already have KIS so should I disable one FW

Can attach some screenshots of WV's FW and HIPS settings pages?

Thanks
 
Last edited:

Terry Ganzi

Level 26
Verified
Top Poster
Well-known
Feb 7, 2014
1,540
2. Whether to turn off other firewalls depends on the user's needs, if other firewalls have some functions WVSX does not, and the users need it, then they can keep it.

3. I can confirm that Comodo also uses WFP driver, during our tests we didn't see any conflicts.
WiseVector
 
  • Like
Reactions: WiseVector

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top