Deprecated WiseVector Free AI Driven Security

WiseVector

From WiseVector
Verified
Top Poster
Developer
Well-known
Dec 14, 2018
643
But I found the problem at "Advanced Protection Settings"... if "Enable advanced malware protection" option is checked, then the startup delay appears... and if it's unchecked, no startup delay on apps and programs.
Did you use WVSX to perform a full scan? What's your OS and any other AV installed?
 

Lepefe

New Member
May 1, 2022
5
Did you use WVSX to perform a full scan? What's your OS and any other AV installed?

Yep, first thing I do at every WVSX fresh install... "full scan".

OS: Windows 11 Pro 21H2 - Build 22000.675 - Windows Feature Experience Pack 1000.22000.675.0. Totally updated.

The device I use is a brand new laptop (AMD Ryzen 7 5700U 8 cores, 8GB RAM, NVMe SSD)... it's a rocket, things are not running fast, are running super fast almost instantaneously. This device is used just for tests, so Windows 11, WVSX, drivers and software programs all are fresh installed + updated, everything remains untouched with default settings... no special settings nor configurations etc.

No other AV installed, no other security or privacy software installed.
Windows Defender and Windows Firewall are disabled.

When I downgrade WVSX to 3.05, no startup delays, delays only appear on WVSX 3.06 and only when "Advanced Protection Settings" => "Enable advanced malware protection" option is enabled.
The launching delay is not happening with all programs, but several programs are affected and the issue is visible noticeable, sometimes is a small delay of around 2 sec, and sometimes is a delay of around 30 sec.
 

Stronghold

Level 1
May 27, 2022
21
Does WiseVector install a certificate for Web Protection and Network Intrusion Detection for HTTP and HTTPS traffic?
I know a lot of AV's do that, like Avast and many others, but I remember them data harvesting everything done through that all too well so I'm always cautious to turn those on.

I do like your product, it works very well! :)
 

yotoprules

New Member
Nov 7, 2015
1
I have just installed 3.06 onto my system, and I can confirm the delay exists in 3.06 but not in 3.05. in 3.05 there is a delay of maybe 0.5 seconds which isn't noticeable however with 3.06 it can be 5-10 seconds of nothing happening before my program opens which is not normal on my hardware.
I am using Windows 11 Pro build 22000.708

EDIT: Oh, and the program does not scale on High DPI displays. The GUI therefore looks blurry.
Screenshot 2022-05-30 014153.png
 
Last edited:

Shadowra

Level 33
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,246
Will WVSX improve the behavioral defense against #Magniber?

Let me answer you with a little delay.
Yes Magniber is blocked by WV (tested on VM).
On an old sample, it detected a TMP file.

On a more recent one, WV detected some modifications, which it blocked. I didn't find any encrypted files.
 

Dolphiner

Level 1
Mar 1, 2022
12
Let me answer you with a little delay.
Yes Magniber is blocked by WV (tested on VM).
On an old sample, it detected a TMP file.

On a more recent one, WV detected some modifications, which it blocked. I didn't find any encrypted files.
Here are some pieces of evidence. It seems that a new variant of #Magniber bypasses its behavioral defense.
 

Shadowra

Level 33
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,246
Here are some pieces of evidence. It seems that a new variant of #Magniber bypasses its behavioral defense.

Either they corrected it or I was unlucky :p

YUizqAMK.png
 

Dolphiner

Level 1
Mar 1, 2022
12
Well... WV promises to release a new version in the next few days, which is believed to block #Magniber "perfectly":
 
Last edited:

Dolphiner

Level 1
Mar 1, 2022
12
The new version has been released!
1. 加入对利用Direct System Calls技术绕过杀软的检测。最近流行的Magniber勒索软件会利用此技术注入白文件进行勒索,智量盾目前可以在勒索行为发生前终止其恶意行为,也可以拦截利用syswhispers绕过检测的恶意程序。

2. 主防增强对最新攻击行为查杀, 比如CVE-2022-30190等。

3. 加强对使用某些高级规避技术躲避内存检测的远控木马查杀。

4. 其它BUG修复,稳定性提升。

下载地址: https://update1.wisevector.com/WiseVector_Setup_V307.exe
DeepL translation
1. Add detection for bypassing antivirus software using Direct System Calls technology. The recent popular Magniber ransomware will use this technique to inject white files for ransom, Wizardshield can now terminate the malicious behavior before the ransom occurs, and also block malicious programs that use syswhispers to bypass detection.

2. The main defense enhances detection of the latest attacks, such as CVE-2022-30190, etc.

3. enhance the detection and killing of remote control Trojans that use certain advanced evasion techniques to avoid memory detection.

4. other bug fixes and stability improvements.
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top