Update WiseVector Free AI Driven Security

WiseVector

From WiseVector
Verified
Developer
Dec 14, 2018
489
It happened after running comodo kill switch
(Comodos task manager )
I haven't noticed any other abnormalities whatsoever but I don't use the PC frequently
Anyway I will check if there is any saved event log and if so send it as well
We also executed Comodo kill switch, but the error message did not appear. Can you run it again when you have time and see if the problem recurs or not?
 

Evjl's Rain

Level 46
Verified
Trusted
Content Creator
Malware Hunter
Apr 18, 2016
3,595
hello @WiseVector, I would like to report a bug

wisevector version 2.73 and 3.01 don't seem to be well compatible with this program
as soon as I open program, and I do nothing, Wisevector.exe immediate uses ~18% constantly, even though I turn off all the protection. It stays at 18% for 3-5 minutes, then stops

settings:
- machine learning: high
- HIPS: automatic
- All options in "Other" tab: Off

1.png2.PNG
 

WiseVector

From WiseVector
Verified
Developer
Dec 14, 2018
489
hello @WiseVector, I would like to report a bug

wisevector version 2.73 and 3.01 don't seem to be well compatible with this program
as soon as I open program, and I do nothing, Wisevector.exe immediate uses ~18% constantly, even though I turn off all the protection. It stays at 18% for 3-5 minutes, then stops

settings:
- machine learning: high
- HIPS: automatic
- All options in "Other" tab: Off

View attachment 260588View attachment 260589

Thanks for your feedback. The issue has been identified and a fix was implemented, Please keep WVSX updated automatically or update manually.
 

Tutman

Level 10
Verified
Apr 17, 2020
478
I have a question for @WiseVector also. How do you see the firewall rules? As in the allowed or blocked rules in the firewall settings? (Besides the log files I am aware of those.) And i am not sure of the difference between high/maximum and rule based firewall settings. (Excuse my ignorance!)
 

WiseVector

From WiseVector
Verified
Developer
Dec 14, 2018
489
Hi,@WiseVector, are we protected from this: ( hxxps://www.youtube.com/watch?v=fwEQFMbHIV8 ) or this: ( hxxps://www.bleepingcomputer.com/news/security/new-malware-uses-windows-subsystem-for-linux-for-stealthy-attacks/ ). Just asking.
It is worth noting that this type of attack is a bit tricky, We've never seen this kind of attack in the wild. For attackers to successfully complete an attack, they must progress through three stages.

1. Install WSL
2. Install Linux system
3. Install Wine

These steps are involved and cumbersome, so attackers often use other, simpler ways to bypass AV, but it should be noted that the WSL 's security is poor, programs running in the WSL can access and change files on the physical machine, rather than running in a VM, which is very perplexing.

We have added a feature to WVSX ( 3.0 or above) to alert the users whenever a program try to enable WSL, which allows the user to be aware of such attacks in the first place.

Capture31.PNG



The ransomware shown in the test (www.youtube.com/watch?v=fwEQFMbHIV8) is not real ransomware. The test below shows WVSX can also block real ransomware when we executed it via wine in WSL. The ransomware in our test is lockis, we also tried other ransomware and they are all be blocked.

Capture30.PNG


Malicious programs executed in WSl can also be intercepted by the WVSX's behavior monitoring in the physical machine, such as injection, persistence, etc.

If the user is using WVSX 3.0 or higher, they can also write custom rules to restrict read access to his important files for trusted programs only, which can avoid backdoor programs executed in WSL to steal their files.
 

WiseVector

From WiseVector
Verified
Developer
Dec 14, 2018
489

WiseVector

From WiseVector
Verified
Developer
Dec 14, 2018
489

JB007

Level 24
Verified
May 19, 2016
1,339
We tested ESET Internet Security 14.2.19.0, F-secure safe 18, Trend Micro maximum security 17.0.1299 with WiseVector StopX in Win10 21H1 Pro X64, no problems found.

What we tested?
.Realtime-protection
.HIPS
.Web Protection
.Firewall

It should be noted that if a malicious program is blocked by one AV, the other AV may not have a chance to check it. In addition, after installing the second AV, it is best to restart your computer.

Performance: WVSX+ESET > WVSX+Trend Micro > WVSX+F-Secure > WVSX+Bitdefender. If you want a combo, ESET + WVSX is recommended.
For BitDefender, it feels like installing another OS on top of Windows. o_O

@gery79
OK @WiseVector
Your recommandations are for what combo for best performance; but what are your recommandations for best protection ?
 
Top