- Dec 14, 2018
- 643
Hi,
Since you are using osarmor together with WVSX. We will try to see if we can resolve it. Or you can just use one AV at present.
WiseVector Free AI Driven Security
- Thread starter Thirio
- Start date
Since you are using osarmor together with WVSX. We will try to see if we can resolve it. Or you can just use one AV at present.
Downloaded v3.05 but holding off installing given issues reported over on Wilders site ~ WVSX changing Network Connection properties. It doesn't seem to effect performance and WVSX are on the case stating:
- Apr 28, 2015
- 8,910
I updated my WVSX 3.0.3 with that new 3.0.5, just overwriting and did not get that issue (Win10 Pro)
- Jun 22, 2014
- 864
As above on Windows 10 Home
Regards Eck
Regards Eck
I tried the same on WIn10 Home and got the issue reported ~ as soon as WVSX real time protection is switched off & PC restarted the issue disappears. At the moment I'm only using WVSX as a secondary scanner, and it looks a cosmetic bug anyway, so not really a problem.
- Apr 28, 2015
- 8,910
In my system, WVSX resident modules are disabled (using as on demand scanner), since I have K.Plus MR6 beta running...
- Jun 22, 2014
- 864
I have SecureAPlus(no WD) and use WVSX on demand with all modules activated.
Any new versions of WVSX I leave to run in real time for a week or so to check for any issues.
Regards Eck
Any new versions of WVSX I leave to run in real time for a week or so to check for any issues.
Regards Eck
Nautilus
Level 2
- Apr 27, 2020
- 91
Hi I just manually upgraded to version v.3.05 ( overwriting ) from version v.3.03 no major gripes to report on win 10 pro x64 ( 21h2 19044.1566 ) the only thing that is noticable , is that startup is laggng a few seconds more , same goes for opening chrome and brave in regards to previous version. I am not running any other security software in realtime....
- Dec 14, 2018
- 643
Actually, we improved the performance of behavior detection when opening browsers like EDGE and Chrome, since many child processes will be created while they are working. I thought the opening speed would be faster instead of slower.
The lagging occured just when opening browsers or column tabs? If another AV is installed, please try to exit it (not only disable the realtime protection) and try the same way as you said to see whether the lagging will occur again or not.
Thanks!
- Oct 22, 2018
- 590
Win 8.1 Pro here. I upgraded to 3.05 from 3.03 (overwrite). Using Librewolf browser in Sandboxie. No other security programs on board. Browser opening and boot time is noticeably faster on this laptop. No lags of any kind. I'm convinced Windows 8.1 is the perfect balance. I've never had issues with it.
Hi @WiseVector,
I'm testing WV as a standalone security software (no Windows Defender nor Windows Firewall, no another AV - firewall, nothing, just pure WV alone).
For my test I'm using two drives with several partitions (Windows 11 is installed on C:, and partition P: has a mix of safe and unsafe software).
My WV test starts with the WV firewall.
I created a firewall rule (network-type-rule) named "A", where "Program Path: Default Any" and "Program Path(Exclusions): C:\*.*│P:\Safe01\*.*". I expect to block all internet connections except C: and P:\Safe01. Please, my questions:
1) Specifically for my test with WV firewall rules ("A"): Do you have any recommendations, improvements additions, corrections etc?
2) At "Program Path(Exclusions):", is it right to use "*.*"? Or "*.exe" is the correct command line syntax?
3) What about sub-folders? At my "A" rule, will "Program Path(Exclusions): C:\*.*│P:\Safe01\*.*" include all sub-folders inside C: and P:\Safe01?
4) In my test, C: and P:\Safe01 are exceptions to rule "A". But I also have "WV settings => Other => Firewall Settings => Firewall Level => High Security". Please, I want to understand how my "A" firewall rule coexists with my "High Security" firewall setting level. I don't want rule "A" to be applied to C:, but I want WV firewall "High Security" level to be applied to C:. Is that right?
5) What is the hierarchical behavior between WV settings and WV rules when they conflict? Which one has more elevated permissions?
6) At P:\Unsafe02 I have an unsafe software, WV detected it, and I created an exception for it (allowing it to run). In this case, does my "A" firewall rule work? If WV detects a malware/virus etc, the user creates an exception for it, but the user has a WV firewall rule such "A", how the WV malware/virus exception coexists with the "A" firewall rule? Will the WV malware/virus exception allow its access to the internet?
At Comodo Firewall (@cruelsister version) I can allow a malware/virus to run (exception for "containment"), but I can totally block its connections (incoming, outgoing) with the Comodo firewall. However, I did same test with WV, I added a WV malware/virus exception + a WV firewall rule "A" (in order to block P:\Unsafe02 network activity), but WV didn't block its internet connections. I'm sure the problem is on my side, perhaps @WiseVector you can help me to learn how to configure the "A" firewall rule. As I explained, the WV firewall is only the first part of my test.
Thank you!
I'm testing WV as a standalone security software (no Windows Defender nor Windows Firewall, no another AV - firewall, nothing, just pure WV alone).
For my test I'm using two drives with several partitions (Windows 11 is installed on C:, and partition P: has a mix of safe and unsafe software).
My WV test starts with the WV firewall.
I created a firewall rule (network-type-rule) named "A", where "Program Path: Default Any" and "Program Path(Exclusions): C:\*.*│P:\Safe01\*.*". I expect to block all internet connections except C: and P:\Safe01. Please, my questions:
1) Specifically for my test with WV firewall rules ("A"): Do you have any recommendations, improvements additions, corrections etc?
2) At "Program Path(Exclusions):", is it right to use "*.*"? Or "*.exe" is the correct command line syntax?
3) What about sub-folders? At my "A" rule, will "Program Path(Exclusions): C:\*.*│P:\Safe01\*.*" include all sub-folders inside C: and P:\Safe01?
4) In my test, C: and P:\Safe01 are exceptions to rule "A". But I also have "WV settings => Other => Firewall Settings => Firewall Level => High Security". Please, I want to understand how my "A" firewall rule coexists with my "High Security" firewall setting level. I don't want rule "A" to be applied to C:, but I want WV firewall "High Security" level to be applied to C:. Is that right?
5) What is the hierarchical behavior between WV settings and WV rules when they conflict? Which one has more elevated permissions?
6) At P:\Unsafe02 I have an unsafe software, WV detected it, and I created an exception for it (allowing it to run). In this case, does my "A" firewall rule work? If WV detects a malware/virus etc, the user creates an exception for it, but the user has a WV firewall rule such "A", how the WV malware/virus exception coexists with the "A" firewall rule? Will the WV malware/virus exception allow its access to the internet?
At Comodo Firewall (@cruelsister version) I can allow a malware/virus to run (exception for "containment"), but I can totally block its connections (incoming, outgoing) with the Comodo firewall. However, I did same test with WV, I added a WV malware/virus exception + a WV firewall rule "A" (in order to block P:\Unsafe02 network activity), but WV didn't block its internet connections. I'm sure the problem is on my side, perhaps @WiseVector you can help me to learn how to configure the "A" firewall rule. As I explained, the WV firewall is only the first part of my test.
Thank you!
Last edited:
- Jan 17, 2014
- 503
I decided to jump back on board with Wisevector as I greatly admire this application
Installed version 3.05 from the link supplied, thank you @WiseVector
the only other resident security application I have installed is Comodo Firewall (of course win defender has been "turned off" by defendercontrol)
So far there has been no hangs, no slow downs or lag of any kind.
Installed version 3.05 from the link supplied, thank you @WiseVector
the only other resident security application I have installed is Comodo Firewall (of course win defender has been "turned off" by defendercontrol)
So far there has been no hangs, no slow downs or lag of any kind.
- Dec 14, 2018
- 643
Hi @Decopi,
Thanks for your testing.
We will set the rules as you did and I will get back to you after our technician completed the test.
Thanks for your testing.
We will set the rules as you did and I will get back to you after our technician completed the test.
- Sep 2, 2021
- 2,586
I also took the opportunity to do some tests, as Wisevector protects the 2 PCs of my family.
The first one under Windows 11 with Windows Defender + Wisevector. No worries for the startup / reboot.
The 2nd one under Windows 10 with F-Secure + Wisevector. Also no worries
I should mention that I used 3.05
- Dec 14, 2018
- 643
We created a rule like you said, no problem found, see screenshot below,
This rule will allow programs under C: and E:\Soft but block all programs under other folders.
C:\* and E:\Soft\* include all sub-folders inside C: and E:\Soft.
WV rules has more elevated permissions, If you have a rule which allows all apps from C:, then all apps from C: can access internet except apps be blocked by NIDS.
If you create an exception for a program. the program will be allowed to access internet regardless of “A” rule. A new rule has high priority than old rules.
Hi @WiseVector,
Thank you very much for your test and answer.
Great to know that the right syntax for folders and sub-folders is "C:\*". If you allow me a suggestion (useful for WV users), it'll nice to add this example of "C:\*" inside the same tooltip/popup that shows the other examples (when the "i" icon is mouse-hovered inside the rules).
Unfortunately I don't understand when you say "WV rules has more elevated permissions" VS "If you create an exception for a program. the program will be allowed to access internet regardless of “A” rule"".
The reason of my whole previous post and test is focused exactly in this issue! First, let's be clear that I'm talking about two different kind of "exclusions" at WV: 1) Exclusions by WV; and 2) Exclusions by WV customized rules. As you know better than me, WV can "exclude" (allowing programs to run), and WV can use rules with "exceptions" for programs. All the questions in my previous post were related to these two different WV functions ("exceptions" using rules VS "exclusions" using WV). Your test and your answer seem to be focused only in one function: "exceptions" using rules.
In real world, I can allow an unsafe program to run, but I can block its network connections. The two functions are complementary, independent, not subordinated!
Unfortunately, if WV detects a program as unsafe, the only way to run this program is by creating an "exclusion" in WV. However, if I do that, then I can't block network connections for this "excluded" program, because as explained, the "exclusion" in WV overwrites my particular blocking network rules (of this specific program). I did the test lot of times, and I confirm you, if a program is allowed to run as an "exclusion", any particular network rule is ignored.
The test you did is not showing that, simple because your test was not exactly my test, your test is not a conflict between "exceptions" by rules VS "exclusions" by WV.
I repeat, I tested by allowing an unsafe program to run (as an "exclusion" inside WV). And at the same time I used a particular blocking network rule (for this program). And in my results, the "exclusion" allowed network connections (despite my particular blocking network rule). By "particular" I mean not "global", a specific rule for specific program.
To be honest, I found a workaround: a) I allowed an "exclusion" to run an unsafe program; and b) I created a GLOBAL rule blocking all network connections, but I added path exclusions inside this rule. This configuration allows an unsafe program to run as an "exclusion", but with blocked network connections. However and as I said, I never was capable to allow to run an unsafe program, with a specific rule blocking its specific network connections.
I'm not saying you're wrong.
I'm saying that my test and questions are not what you kindly replied me.
In fact, I'm sure I'm wrong, and perhaps I can solve my issue learning more WV rule syntax.
But again, in my current test, I couldn't block a particular network connection for an unsafe "excluded" program. From my ignorance and in my test, at WV the "exception" function (rule) is subordinated to the "exclusion" function (when both functions should be independent and complementary).
Another problem to report for your consideration, is the fact that at rules, the length space for "Program path exclusions" is ridiculous short. Currently, users can add very few path exclusions. As a suggestion, it'll be great if you expand this space. If any user has a global blocking network rule... then certainly will need lot of path exceptions.
Thank you once again.
Thank you very much for your test and answer.
Great to know that the right syntax for folders and sub-folders is "C:\*". If you allow me a suggestion (useful for WV users), it'll nice to add this example of "C:\*" inside the same tooltip/popup that shows the other examples (when the "i" icon is mouse-hovered inside the rules).
Unfortunately I don't understand when you say "WV rules has more elevated permissions" VS "If you create an exception for a program. the program will be allowed to access internet regardless of “A” rule"".
The reason of my whole previous post and test is focused exactly in this issue! First, let's be clear that I'm talking about two different kind of "exclusions" at WV: 1) Exclusions by WV; and 2) Exclusions by WV customized rules. As you know better than me, WV can "exclude" (allowing programs to run), and WV can use rules with "exceptions" for programs. All the questions in my previous post were related to these two different WV functions ("exceptions" using rules VS "exclusions" using WV). Your test and your answer seem to be focused only in one function: "exceptions" using rules.
In real world, I can allow an unsafe program to run, but I can block its network connections. The two functions are complementary, independent, not subordinated!
Unfortunately, if WV detects a program as unsafe, the only way to run this program is by creating an "exclusion" in WV. However, if I do that, then I can't block network connections for this "excluded" program, because as explained, the "exclusion" in WV overwrites my particular blocking network rules (of this specific program). I did the test lot of times, and I confirm you, if a program is allowed to run as an "exclusion", any particular network rule is ignored.
The test you did is not showing that, simple because your test was not exactly my test, your test is not a conflict between "exceptions" by rules VS "exclusions" by WV.
I repeat, I tested by allowing an unsafe program to run (as an "exclusion" inside WV). And at the same time I used a particular blocking network rule (for this program). And in my results, the "exclusion" allowed network connections (despite my particular blocking network rule). By "particular" I mean not "global", a specific rule for specific program.
To be honest, I found a workaround: a) I allowed an "exclusion" to run an unsafe program; and b) I created a GLOBAL rule blocking all network connections, but I added path exclusions inside this rule. This configuration allows an unsafe program to run as an "exclusion", but with blocked network connections. However and as I said, I never was capable to allow to run an unsafe program, with a specific rule blocking its specific network connections.
I'm not saying you're wrong.
I'm saying that my test and questions are not what you kindly replied me.
In fact, I'm sure I'm wrong, and perhaps I can solve my issue learning more WV rule syntax.
But again, in my current test, I couldn't block a particular network connection for an unsafe "excluded" program. From my ignorance and in my test, at WV the "exception" function (rule) is subordinated to the "exclusion" function (when both functions should be independent and complementary).
Another problem to report for your consideration, is the fact that at rules, the length space for "Program path exclusions" is ridiculous short. Currently, users can add very few path exclusions. As a suggestion, it'll be great if you expand this space. If any user has a global blocking network rule... then certainly will need lot of path exceptions.
Thank you once again.
Last edited:
- Apr 17, 2020
- 542
@WiseVector Excuse my ignorance but what is the difference between WMI firewall compared to the other wisevector firewall checkbox? What does it do?
- Dec 14, 2018
- 643
WMI firewall is used to improve the detection of WMI based attack. Other firewall checkbox is working for the network protection. Here is the firewall level introduction.
Last edited:
- Apr 17, 2020
- 542
Thanks much for quick response!
- May 29, 2021
- 427
I have a question about WiseVector StopX 3.05 and why it won't update when using a VPN?WMI firewall is used to improve the detection of WMI based attack. Other firewall checkbox is working for the network protection. Here is the firewall level introduction.
Attachments
Similar threads
