- Dec 27, 2014
Hello Eason,Hi B.Richter,
Thanks for testing WiseVector. Currently WiseVector has file monitor and pre-execution blocker. We plan to add AI-Driven behavior detection in the next version.
For now WiseVector scanning files when they’re created, and before you open them. You said "SMSvcHost32.exe" was identified as
malware by WiseVector, so it should be blocked when you open it. I don't understand why it is running like nothing happened...
For "rad4F36F.tmp", Did WiseVector identify it as malware? (Right-click on the file, scan it with WiseVector).
Please make sure Tencent PC Manager did not block anything when installing WiseVector. The installer need to make some changes to the registry, if it was blocked by Tencent. The pre-execution monitor may not work.
Good morning Eason,Hi B.Richter,
Before we go, you should download the English version of WiseVector at here: http://www.wisevector.com/WiseVector_Setup_EN.exe
We made it for testing purpose only . You need to first uninstall the previous version.
If WiseVector failed to freeze execution of malware. Below would be the possible reasons,
1. You didn't restart your computer after installing WiseVector.
2. Some other AV prevented WiseVector from making changes in registry.
After installing WiseVector, you should restart your computer to enable the Real-Time protection. Then open Process Hacker(If you don't have it, you can use Process Explorer instead). Double-click on "Explorer.exe", you should see two dlls belong to WiseVector have been loaded into explorer.exe.
See Screenshot below,
View attachment 203547
If you can't see these dlls, that means something goes wrong.
If all goes well, WiseVector should prevent malware from running. Like screenshot below,
View attachment 203548
For now WiseVector implements an AI technology to detect threats is Portable Executables (PE), PDFs, RTFs, and Office Documents. Not for scripts.
Hi Der.Reisende,Good morning Eason,
thank you for providing a English version so soon, looks good
View attachment 203577
Set it up now, uninstalled previous WV via RevoUninstaller.
Made sure to deactivate Tencent PC Manager Global.
WiseVector asked to reboot the system after installation, done.
One thing I've noticed the update process did not work when VPN was on (unfortunately, it's mandatory for Malware HUB testing - "needed to protect your real IP from malware processing "). This could be a reason for some detections missing?
However, with VPN on, the AI still was working for most files.
Tencent PC Manager works flawlessly with VPN.
I've found the .dll, and WiseVector is in AutoRuns, it should work well.
View attachment 203576
Good evening Wendy!Hi Der.Reisende,
When VPN is on, can you open our official website (https://www.wisevector.com/)?
According to the screenshot, WiseVector was not working, because there should be two DLLs, but you had only one.
If the secure boot(you can see it in your BIOS) is enabled, Explore.exe would not load WiseVector's DLLs. Because WiseVector uses Appinit_DLLs to load dlls. Yes, it's a problem, we will not use Appinit_DLLs in the next version of WiseVector.
Please read: AppInit DLLs and Secure Boot - Windows applications for more details about Secure Boot.
Good evening Wendy!
Unfortunately, I cannot reach the page when VPN is on.
I’m using F-Secure FreeDome VPN.
F-Secure FREEDOME VPN — Schutz der Online-Privatsphäre
Can reach Tencent page, but it’s delayed. Cannot reach Rising homepage. It’s difficult to reach Chinese pages with VPN on.
Will check for Secure Boot ASAP, currently, I’m not at home, so I’m replying by mobile.
Thank you very much for your help, highly appreciated
You are welcome.
1.Yes we will, but now we only have Chinese and English version.
2.You can submit samples by "Upload File" at the bottom of WiseVector directly, no matter we add it to virustotal or not. I think it's more convenient and efficient.
Hello Wendy,Hi Der.Reisende,
You are welcome, this is my job
Can you switch your VPN server's IP?
Our server is in Hongkong and it's out of the control of the Great Fire Wall, so I think the update process should goes well.