DanKeymasterRoRLauncher.exe- The 11 detections on VT are false positives, most of them are ML/Ai false positives due to the file probably being obfuscated into oblivion.
- September 20, 2020 at 6:05 pm
par2j64.exe- When a binary is not signed, it runs the risk of being classified as either suspicious or unsafe, unless its file reputation is high enough that it can overcome the lack of a digital signature. Also, MultiPar is a PUP.
Both of these cherry picked samples could easily go either way. If you want to test WLC’s efficacy, download the top 100,000 most common clean files, and collect 100,000 malicious files, then test with WLC. It will be difficult to find an instance where WLC returns an incorrect verdict.
The last time I updated WP, it broke a lot of stuff. But what the heck, it can’t get any worse than it is, so I will update it.
You can allow a file with WLC, then check the Inbound and Outbound FW Rule checkboxes.