Deprecated WiseVector Free AI Driven Security

[SearchLight]

Regarding v2.73, @WiseVector mentioned that if one wants to continue using this version to disable automatic program updates.

However, there are streaming updates which I still have enabled. What do these do, and will they continue to be made available to v2.73 once 3.0 is stable and ready?

I just checked for a streaming update on v2.73, and it downloaded them.

 

[HarborFront]

WV v3.01 has a firewall which is independent of Windows firewall.

Anybody tested it against KIS firewall?

So must disable one if using both software?

Thanks

 

[blueblackwow65]

I find the 3.01 version working well ,and really everthing on max is all you need.A weekly backup and some on demand scans .

 

[minhgi]

WV v3.01 has a firewall which is independent of Windows firewall.

Anybody tested it against KIS firewall?

So must disable one if using both software?

Thanks

I have KIS and WiseVector 3.01 running with both firewalls on. Don't any issue yet.

 

[HarborFront]

I have KIS and WiseVector 3.01 running with both firewalls on. Don't any issue yet.

Thanks

IMO, one shouldn't run both firewalls? BTW, not all firewalls are built the same. Some are simple plain firewall, some are more sophisticated whilst others incorporate HIPS.

Since you are using both the firewalls so which is better in terms of ease of use, more features, better info display etc?

 

[pxxb1]

WV v3.01 has a firewall which is independent of Windows firewall.

Anybody tested it against KIS firewall?

So must disable one if using both software?

Thanks

It is not a firewall per se, just... sort of. If you look at what it does you see that it regulates certain traffic items according to threat, that`s it. That is what they call a firewall, but it is not an ACTUAL... firewall. It`s, firewall-ish. It does not either work in any way togheter with the inbuilt windows d.o, so you can use any other firewall without problem.

 

[WiseVector]

Regarding v2.73, @WiseVector mentioned that if one wants to continue using this version to disable automatic program updates.

However, there are streaming updates which I still have enabled. What do these do, and will they continue to be made available to v2.73 once 3.0 is stable and ready?

I just checked for a streaming update on v2.73, and it downloaded them.

If you have "Automatically download and install program updates" disabled. Then WVSX will only update virus definitions, you will not get any program updates. So it will not update to 3.0 or above.

 

[WiseVector]

WV v3.01 has a firewall which is independent of Windows firewall.

Anybody tested it against KIS firewall?

So must disable one if using both software?

Thanks

WVSX' firewall uses WFP driver. It does not install any hooks or do some other hacks which could result in incompatibility or system instability. However, when you have two WFP drivers installed, there could be a potential problems with prioritization and order of processing. For example, if the first driver decides to drop a malicious network packet, the second driver will not have a chance to check this packet, but i wouldn't call this a conflict.

 

[WiseVector]

I find the 3.01 version working well ,and really everthing on max is all you need.A weekly backup and some on demand scans .

If you turn the HIPS and firewall to max, there are a lot of pop-ups. Do these pop-ups bother you?

 

[blueblackwow65]

If you turn the HIPS and firewall to max, there are a lot of pop-ups. Do these pop-ups bother you?

Hi not at all ,got used to it and it is working very well.I look at it this way another program like VS or rehips or whatever av would give the same amount of popups or more. Just wanted to say also the 30-50% cpu usage is gone ,very good job guys from Wisevector.

 

[Decopi]

Hi @WiseVector , thank you for 3.01... works like a charm, zero issues until now.

Considering the latest comments above related to WVSX' firewall + WFP driver etc, please I have few simple questions:

1) Is WVSX' firewall a full firewall? Or is it a "firewall-ish" with some firewall functions? In other words: Does WVSX' firewall need another firewall? Or is it WVSX' firewall enough (and doesn't need another firewall)?

2) What is going to be the official WVSX' recommendation? To use another firewall? Or to turn-off other firewalls?

3) Personally I use Comodo Firewall (@cruelsister version). How can I check if CF uses WFP driver? (I want to be sure it doesn't conflict with WVSX).

4) What about Windows firewall? Does Windows firewall use WFD driver? Can it conflict with WVSX' firewall?

Thank you again

 

[cruelsister]

D- Although I have found WVSX to be a remarkable product, those additional security modalities (FW, HIPS) found in version 3 may not yield significant benefit when CF(cruel) is also being used.
Although I haven't done anything extensive with the new version, what I have done did not result in any incompatibilities between WV and CF.

On this topic, I should report that on my production system (and a VM clone of it for fun) I have had installed WVSX 2.73 (default), Cruel CF, and WD (default) for the last 6 months. Essentially this results in 3 dumb (signature based) detection routines (VirusScope, WVSX, WD), one smart (AI) modality of WiseVector, and Comodo auto-Containment to catch them if they fall. With the addition of excellent Outbound protection of CF things are fairly well covered.

I have found no issues with the dumb detection routines as for in the wild malware there were samples caught by one and allowed by others but overall leading to additive protection. But the AI component of WV still impresses, and along with Comodo's auto-sandbox true zero day malware really don't have much of a chance. Last week I coded up a ransomware file loosely based on Ryuk (true zero-day) and although undetected by the dumb components, the WV AI after less than a minutes "thought" came back with a detection (potential.ransomware.A), detected and cleaned up my ransomware nor and some trivia dropped in AppData/Local). Poor malware didn't even make it to the sandbox.

(and regarding WF- seems not to matter if it is enabled or disabled as it neither helps nor detracts)

M

 

[Decopi]

D- Although... tracts)

M

@cruelsister , firstly... I love you : )
Thank you for your "delicious" explanations (I really enjoy your posts).

Secondly, I believe that WVSX + CruelComodo are an incredible combo (without performance or conflict issues).
However, it'll be nice to have WVSX' official answers related to the firewall... just to confirm our expectations.

 

[cruelsister]

it'll be nice to have WVSX' official answers related to the firewall

Absolutely! My dance with v3 has been cursory at best. That being said, the WiseVector firewall does work well by itself and for those that are solely relying on Windows firewall (God Forbid) alone for outbound protection it would be a necessity.

(Fun Fact- it is soooo much easier to find malware that will mess with WF in some way than to actually find a malware strain that WF will aid in preventing.)

 

[blueblackwow65]

Just using WV firewall ,windows i have never used that firewall always a third party

 

[Back3]

Have installed v3 yesterday with Microsoft Defender. So far, going nicely. No tweaks, automatic mode for HIPS and firewall. Still have about 80 outbound firewall rules from H_Configurator and SysHardener.

 

[WiseVector]

Hi @WiseVector , thank you for 3.01... works like a charm, zero issues until now.

Considering the latest comments above related to WVSX' firewall + WFP driver etc, please I have few simple questions:

1) Is WVSX' firewall a full firewall? Or is it a "firewall-ish" with some firewall functions? In other words: Does WVSX' firewall need another firewall? Or is it WVSX' firewall enough (and doesn't need another firewall)?

2) What is going to be the official WVSX' recommendation? To use another firewall? Or to turn-off other firewalls?

3) Personally I use Comodo Firewall (@cruelsister version). How can I check if CF uses WFP driver? (I want to be sure it doesn't conflict with WVSX).

4) What about Windows firewall? Does Windows firewall use WFD driver? Can it conflict with WVSX' firewall?

Thank you again

It's hard to define "full firewall". But I think the WVSX's firewall is very effective in preventing malware, and it is also enough for home users. I will tell you why,

. By default the AI will help the user to decide whether to block a program from accessing the internet. This can greatly reduce the workload of the users.
. Users can adjust the firewall level according to their needs.
. Users can write custom rules to get better protection, such as block programs produced by certain vendors, block programs with a specific digital signature or block programs within a specific folder.

Most importantly, the firewall is now talking to other components of WVSX, allowing it to block advanced & popular threats that other firewalls can't. For example,

Dll-sideloading attack (Banload, Guildma, Javali, etc. These malware families most target Brazilian and Italian)
Rundll32, regsvr32.exe abuse. (Trickbot, Dridex, Ursnif, CobaltStrike, Hanictor, IcedID, etc.)
Code injection to bypass firewall.

2. Whether to turn off other firewalls depends on the user's needs, if other firewalls have some functions WVSX does not, and the users need it, then they can keep it.

3. I can confirm that Comodo also uses WFP driver, during our tests we didn't see any conflicts.

4. The Windows built-in firewall also relies on WFP. It does not conflict with WVSX's firewall, but I think it is not enough to protect users from malware. Same with cruelsister, In our malware tests, we rarely observed that the Windows firewall could stop malware from posting information. Not to mention the advanced threats listed above.

 

[cruelsister]

Dll-sideloading attack

I love the way WVSX will detect such malware. Aside from the easy part in detecting the initial malware, if allowed to drop and then run, one will see a detection of the malicious dll as well as a separate detection of the spawned legitimate application that calls up the nasty dll.

 

[HarborFront]

Hi @WiseVector

It's great your new version comes with FW and HIPS

Any comment on Kaspersky FW in KIS? Is yours better in any way? I already have KIS so should I disable one FW

Can attach some screenshots of WV's FW and HIPS settings pages?

Thanks

 

[Terry Ganzi]

2. Whether to turn off other firewalls depends on the user's needs, if other firewalls have some functions WVSX does not, and the users need it, then they can keep it.

3. I can confirm that Comodo also uses WFP driver, during our tests we didn't see any conflicts.
WiseVector