Deprecated WiseVector Free AI Driven Security

[WiseVector]

What features (free or paid) depend on online/offline to function?

Thanks

Hi HarborFront，

The free and paid version have the same static malware detection.
HEUR.XX detection relies on local AI engine, meanwhile the more powerful Cloud AI keeps working to extract malware family signatures(Trojan.Generic, etc) . Whenever a new signature has been generated, WiseVector will get it automatically through streaming update in seconds.

As you can see, WiseVector is fully functional on offline. However, you will get more detection on online because of the streaming update.


Merry Christmas
Eason
WiseVector

 

[HarborFront]

Hi HarborFront，

The free and paid version have the same static malware detection.
HEUR.XX detection relies on local AI engine, meanwhile the more powerful Cloud AI keeps working to extract malware family signatures(Trojan.Generic, etc) . Whenever a new signature has been generated, WiseVector will get it automatically through streaming update in seconds.

As you can see, WiseVector is fully functional on offline. However, you will get more detection on online because of the streaming update.


Merry Christmas
Eason
WiseVector

Thanks

 

[In2an3_PpG]

If all goes well, WiseVector should prevent malware from running. Like screenshot below,

Why do you need to inject into explorer.exe to support the on-execution feature? I really hope you aren't API hooking for this given there's an officially supported and documented mechanism to filter process creation from Microsoft in WDK (which doesn't require affecting the integrity of other people's software).

1. Yes, WiseVector can intercept the program launched by scripts. If it is malware, WiseVector will block it.

Script interpreters like PowerShell are based on the .NET Framework and support Platform Invocation (P/Invoke) to the Win32 API/NTAPI. Office VBA is no exception to this either, it supports P/Invoke. You do not need to drop a Win32 PE and then use it to perform malicious operations on the machine... it is entirely optional behavior.

Can WiseVector intercept and block operations being performed by a script alone?

 

[WiseVector]

Hi In2an3_PpG ,

1. The officially documented mechanism is not enough. There are a lot of API need to be protected, but you cannot protect them in kernel mode with PatchGuard enabled, especially in 64 bit. Actually, many AV (Comodo for example) hooks API in user mode even when they already have a kernel mode driver. They use APC to inject dll into a new process when driver gets notification.

2. PowerShell is powerful, that's right. You can use P/Invoke to the Windows API. However, you cannot execute a PowerShell script by simply double-clicking on it. You need a loader (pe, js, vbs, etc.). That means AVs can block PowerShell malwares in the early stage.
Our idea is to automatically extract complex patterns from a program's behavior graph, and then AI will decide whether to terminate this
program at a specific point in time. The point is try not to wait until the malicious PowerShell code to run, and it will be implemented in the next version of WiseVector.

Regards
Eason
WiseVector

 

[harlan4096]

WiseVector 1.30 + W10 Pro x64 RS5 (VMWare): WV can't see hidden folders in Custom Scan:

Spoiler

​

So I can't select system folders such us C:\ProgramData\ or C:\Users\<my user>\AppData\

I would like to add WV to my malware tests here in the MalWare Hub section, and after every dynamic test We have to run on demand scans over those folders to check if malicious files where spawned/dropped there...

 

[raveed]

@WiseVector
I would like to add that the function of adding exclusions should be improved - after clicking "Add" you can not add a hidden folder - you have to enter the path manually - as in the ProgramData folder.
.

They should improve, the program must see all hidden and system folders. I wonder if with full scan, WV scans hidden areas?

 

[Burrito]

I think you really should consider changing the naming convention.

Wise Care 365

WiseCare
WiseCleaner
WiseAntiMalware
WiseDiskCleaner
WiseRegistryCleaner...
.....

...all come from one company.

Unless you want to be confuse-associated with them, you might consider a different name.

 

[codswollip]

Unless you want to be confuse-associated with them, you might consider a different name.

Interesting. I've been casually following this thread... and all along presumed this was a new effort by Wise. Gotta agree, this is suboptimally branded as "WiseVector".

 

[Mikesierra]

Eason, I would highly appreciate if you could publish change logs for new WiseVector releases.

 

[WiseVector]

Eason, I would highly appreciate if you could publish change logs for new WiseVector releases.

Hi Mikesierra,

Thanks for your suggestion.
We have change logs on our official website in Chinese.
Chinese version of WiseVector pops notice whenever the logs are changed.
Then English version will have the same function with the Chinese version and the English website will come in the future.

Regards,
Wendy
WiseVector

 

[Burrito]

Interesting. I've been casually following this thread... and all along presumed this was a new effort by Wise. Gotta agree, this is suboptimally branded as "WiseVector".

Yeah.

If they retain this name, that would be an UnWise Vector...

Bwahahaaa....

Ok fine.... it's not that funny.



For non-English speakers... 'vector' can mean 'direction'

 

[WiseVector]

Hi Burrito,

We don't know there are so many names from one company similar with WiseVector and WiseVector has no connection with them indeed.:emoji_cold_sweat:
WiseVector has been registered already by our company, so this name will be kept.

Regards,
Wendy
WiseVector

 

[WiseVector]

They should improve, the program must see all hidden and system folders. I wonder if with full scan, WV scans hidden areas?

Hi Reveed,

Both full and fast scan will scan hidden folders and files.
The problem in custom scan has been fixed, please update WiseVector to the lastest version V1.31.

Advance Happy New Year!
Wendy
WiseVector

 

[WiseVector]

WiseVector 1.30 + W10 Pro x64 RS5 (VMWare): WV can't see hidden folders in Custom Scan:

Spoiler

View attachment 204671​

So I can't select system folders such us C:\ProgramData\ or C:\Users\<my user>\AppData\

I would like to add WV to my malware tests here in the MalWare Hub section, and after every dynamic test We have to run on demand scans over those folders to check if malicious files where spawned/dropped there...

Hi harlan4096,

Thanks for your feedback.
The problem in custom scan has been fixed, please update WiseVector to the lastest version V1.31.

Advance Happy New Year!
Wendy
WiseVector

 

[Burrito]

Hi Burrito,

We don't know there are so many names from one company similar with WiseVector and WiseVector has no connection with them indeed.:emoji_cold_sweat:
WiseVector has been registered already by our company, so this name will be kept.

Regards,
Wendy
WiseVector

Hi Wendy,

Thank you for your response.

Very good then.

And I hope WiseVector does great..


Your Pal,

-Burrito
OtherVector

 

[vtqhtr413]

Yeah.

If they retain this name, that would be an UnWise Vector...

Bwahahaaa....

Ok fine.... it's not that funny.



For non-English speakers... 'vector' can mean 'direction'

Vector in English can mean both direction and destination

OtherVector

This is a name suggestion? Not bad.

 

[harlan4096]

@WiseVector: confirmed the issue with hidden system folders is fixed in version 1.31, thanks!

 

[Deleted Member 3a5v73x]

@WiseVector What advantages this product has among other similiar like in the security product market, why would users use it, what's so revolutionary exciting about it? What is the plan how to increase the userbase, and will the priority for english users will be the same as for the non-eng customers? Where do you see your companies future in few years if it'll still be around? Thanks.

 

[harlan4096]

@WiseVector: 2 more things (using WV 1.31):

1.- WV can't scan/follow a folder shortcut, tried with mouse left button setting -> Scan with WiseVector.

2.- When You start a custom scan with mouse left button setting -> Scan with WiseVector, the scanning window showing the process is not opened automatically, I had to click over the WV icon in Windows taskbar to open it.

Thanks!

 

[noob guy]

How about the name "NewVector" instead? By the way, if these people are this responsive, this software will become a very good product soon hopefully. I remember the early days of OSArmor and look how good it is now.