Deprecated WiseVector Free AI Driven Security

WiseVector

From WiseVector
Verified
Top Poster
Developer
Well-known
Dec 14, 2018
643
It happened after running comodo kill switch
(Comodos task manager )
I haven't noticed any other abnormalities whatsoever but I don't use the PC frequently
Anyway I will check if there is any saved event log and if so send it as well
We also executed Comodo kill switch, but the error message did not appear. Can you run it again when you have time and see if the problem recurs or not?
 

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
hello @WiseVector, I would like to report a bug

wisevector version 2.73 and 3.01 don't seem to be well compatible with this program
as soon as I open program, and I do nothing, Wisevector.exe immediate uses ~18% constantly, even though I turn off all the protection. It stays at 18% for 3-5 minutes, then stops

settings:
- machine learning: high
- HIPS: automatic
- All options in "Other" tab: Off

1.png2.PNG
 

WiseVector

From WiseVector
Verified
Top Poster
Developer
Well-known
Dec 14, 2018
643
hello @WiseVector, I would like to report a bug

wisevector version 2.73 and 3.01 don't seem to be well compatible with this program
as soon as I open program, and I do nothing, Wisevector.exe immediate uses ~18% constantly, even though I turn off all the protection. It stays at 18% for 3-5 minutes, then stops

settings:
- machine learning: high
- HIPS: automatic
- All options in "Other" tab: Off

View attachment 260588View attachment 260589

Thanks for your feedback. The issue has been identified and a fix was implemented, Please keep WVSX updated automatically or update manually.
 

Tutman

Level 12
Verified
Top Poster
Well-known
Apr 17, 2020
542
I have a question for @WiseVector also. How do you see the firewall rules? As in the allowed or blocked rules in the firewall settings? (Besides the log files I am aware of those.) And i am not sure of the difference between high/maximum and rule based firewall settings. (Excuse my ignorance!)
 

WiseVector

From WiseVector
Verified
Top Poster
Developer
Well-known
Dec 14, 2018
643
Hi,@WiseVector, are we protected from this: ( hxxps://www.youtube.com/watch?v=fwEQFMbHIV8 ) or this: ( hxxps://www.bleepingcomputer.com/news/security/new-malware-uses-windows-subsystem-for-linux-for-stealthy-attacks/ ). Just asking.
It is worth noting that this type of attack is a bit tricky, We've never seen this kind of attack in the wild. For attackers to successfully complete an attack, they must progress through three stages.

1. Install WSL
2. Install Linux system
3. Install Wine

These steps are involved and cumbersome, so attackers often use other, simpler ways to bypass AV, but it should be noted that the WSL 's security is poor, programs running in the WSL can access and change files on the physical machine, rather than running in a VM, which is very perplexing.

We have added a feature to WVSX ( 3.0 or above) to alert the users whenever a program try to enable WSL, which allows the user to be aware of such attacks in the first place.

Capture31.PNG



The ransomware shown in the test (www.youtube.com/watch?v=fwEQFMbHIV8) is not real ransomware. The test below shows WVSX can also block real ransomware when we executed it via wine in WSL. The ransomware in our test is lockis, we also tried other ransomware and they are all be blocked.

Capture30.PNG


Malicious programs executed in WSl can also be intercepted by the WVSX's behavior monitoring in the physical machine, such as injection, persistence, etc.

If the user is using WVSX 3.0 or higher, they can also write custom rules to restrict read access to his important files for trusted programs only, which can avoid backdoor programs executed in WSL to steal their files.
 

WiseVector

From WiseVector
Verified
Top Poster
Developer
Well-known
Dec 14, 2018
643

WiseVector

From WiseVector
Verified
Top Poster
Developer
Well-known
Dec 14, 2018
643

JB007

Level 26
Verified
Top Poster
Well-known
May 19, 2016
1,581
We tested ESET Internet Security 14.2.19.0, F-secure safe 18, Trend Micro maximum security 17.0.1299 with WiseVector StopX in Win10 21H1 Pro X64, no problems found.

What we tested?
.Realtime-protection
.HIPS
.Web Protection
.Firewall

It should be noted that if a malicious program is blocked by one AV, the other AV may not have a chance to check it. In addition, after installing the second AV, it is best to restart your computer.

Performance: WVSX+ESET > WVSX+Trend Micro > WVSX+F-Secure > WVSX+Bitdefender. If you want a combo, ESET + WVSX is recommended.
For BitDefender, it feels like installing another OS on top of Windows. o_O

@gery79
OK @WiseVector
Your recommandations are for what combo for best performance; but what are your recommandations for best protection ?
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top