WiseVector Free AI Driven Security

lvseqiji

Level 1
Mar 30, 2022
22
Probably because it isnt an big enough threat to warrant training their AI and ML models to detect it, though Microsoft seems to already have trained their heuristics to detect it
Magniber in 2022 is nothing like the one on 2018.It uses direct syscall to inject itself into system process, a lot of antivirus simply can not detect this kind of technique.
For now, only Kaspersky and ESET add heuristics to detect new Magniber. Microsoft usually takes a few days to add detection (and it seems they just add hash to blacklist)
Regarding popularity, it' s actually very popular in China according to Qihoo. And I don't think it is China-only.
 

lvseqiji

Level 1
Mar 30, 2022
22

WiseVector StopX V3.07​

June 3, 2022

1. Detected malware by using malicious direct system calls to evade security product. For example, the Magniber ransomware executes direct system calls to inject shellcode into legit windows processes to encrypt files. WVSX can stop this ransomware before encryption, it can also detect malware integrated with SysWhispers to bypass AV.

2. Improved behavior detection to detect recent attacks, CVE-2022-30190 for example.

3. Improved the detection of RAT trojans which use advanced techniques to evade deep memory inspection.

4. Fixed other bugs.

Please download via: https://update2.wisevector.com/WiseVector_StopX_V307.exe

It can be installed by overwriting. Online update is not available now.
 

WiseVector

From WiseVector
Verified
Top poster
Developer
Well-known
Dec 14, 2018
635
Does WiseVector install a certificate for Web Protection and Network Intrusion Detection for HTTP and HTTPS traffic?
I know a lot of AV's do that, like Avast and many others, but I remember them data harvesting everything done through that all too well so I'm always cautious to turn those on.

I do like your product, it works very well! :)
Hi,
There is no certificate installed. No worry about your data when using WVSX.;)
 

Stronghold

Level 1
May 27, 2022
20
I found some bugs in 3.0.7 that did not exists in 3.0.6.

With WiseVector 3.0.7 on Windows 11 (up to date) the program causes the computer to freeze when you enable the firewall. I've reproduced the issue a few times now and the only way to fix it is to do a hard reboot turning off the computer (CTRL-ALT-DEL does not work).
Once the computer restarts the firewall will be enabled and you can enable Network Intrusion Detection.
If the firewall is turned on you can toggle between disabled and enabled without a freeze as long as you don't restart your computer with the firewall disabled, if you do it will freeze again once you toggle it to enabled when the computer restarts.

This could be a compatibility issue with McAfee or Comodo Firewall (Cruel CF settings) but it never caused a freeze in 3.0.6, this is new behavior in 3.0.7 and it looks like it has trouble enabling the Firewall module under certain circumstances causing WiseVector and Windows to freeze.

There is also a new bug which sometimes doesn't allow Comodo to fetch internal updates if the Firewall is enabled in WV but instead gives you an empty update screen that doesn't go away until you restart your machine.
This is a compatibility issue and new to 3.0.7.

My WV has Web Protection Disabled, Firewall enabled and Network Intrusion Detection Enabled. Firewall security is set to low.

It's also worth mentioning is that uninst.exe and the exe file created when you uninstall are labeled as Grayware by Crowdstrike Falcon and the WiseVectorHelperFive.dll is labeled as malware by 2 minor AV scanners on VirusTotal. These are false positives and all of the files are signed but it's a good idea to contact the scanners to let them whitelist the files since the files are not new but are still seen as malicious which could scare new users if they look through all the files installed on VirusTotal.
 
Last edited:

Decopi

Level 3
Oct 29, 2017
146
I confirm the so-called "freeze" bug. However in my case, the bug isn't related to software compatibilities (Comodo or whatever), neither to latest WVSX 3.07.
As I already commented in previous posts, for the the last two months I have been focused on the WVSX firewall, its capabilities, rules etc. And I have found several bugs, including the so-called "freeze" bug.

These bugs already exist on earlier versions of WVSX.
The so-called "freeze" bug occurs with "firewall enabled", but also occurs in other cases. When this happens, most of the time computer freezes for 5 to 10 minutes, but then returns to normal (no reset needed).

Worst bugs occur when there are rules. Many bugs appear while rules are edited. And depending on the type of rules, connectivity (internet / network) bugs appear, for example, the simple fact of viewing or editing a rule (sometimes) may break connections (internet / network), sometimes even forcing a hard reset to have connections back. Another bug example, sometimes while viewing the WVSX log, WVSX becomes unstable, it freezes, duplicates its taskbar icon, disappears and reappears after 2 to 5 minutes etc.

In short, part of the WVSX firewall and rules area is buggy (but most of the bugs are minor ones).
I have a list of the bugs (including screenshots), I'll send it to @WiseVector, but it's going to take me some time because before that I need to finish all my tests.
Speaking of the devil, if possible, please @WiseVector I'm still waiting for your answer to my message from 1 month ago: WiseVector Free AI Driven Security

Thanks
 
Last edited:

Stronghold

Level 1
May 27, 2022
20
The "freeze" bug is more common than I thought but I had no such issue with 3.0.6.

However, in further testing today, it doesn't recover after 5-10 minutes on my machine. I tested it waiting 1 hour for Windows 11 and WiseVector to recover but they didn't, the only way out was resetting the machine manually.

The compatibility bug with Comodo Firewall's internal update is less frequent, it sometimes blocks it until the machine is restarted but I can't find a way to reproduce it when I want it to happen.