Update WiseVector Free AI Driven Security

oldschool

Level 59
Verified
Mar 29, 2018
4,857
It looks like @WiseVector might make a very nice product even better:
Thanks for your feedback.
Our AI in the cloud runs without too many resource constraints compared with local AI, so it can try its best to extract family signatures from the missed samples and then deliver them to the endpoint immediately, that is the reason why the malware can be detected quickly.
We are considering to develop a feature like Avast CyberCapture: Prevents suspicious program from running and sends them to cloud for static and dynamic analysis. Once it finish it will tell the endpoint to block the program or not. This process will take a short time (0-2 minutes). But we are not sure whether it's acceptable for our users.
:thumbd:
 
Last edited:

harlan4096

Moderator
Verified
Staff member
Malware Hunter
Apr 28, 2015
6,962
can WiseVector StopX be use as the only av on a system ?
Yes, but for now WV can't register as the main security provider in W10 Security Center, but tagged to be added in the future...

is it mandatory to add WD or another av?
No, but You can use WV + WD without issues...

What about WV + Comodo FW?
Why not? just try :)
 

WiseVector

From WiseVector
Verified
Developer
Dec 14, 2018
398
Just found this posted online:
Thanks for sharing the video.
This video is probably made by a member in Wilderssecurity.
"conres.dll" was not detected in his video, but I'm pretty sure this sample can be detected by WVSX even two years ago. It's an old sample which is dropped from files infected by Floxif virus. There might be something wrong with basic real-time monitoring during his test. Maybe a quick scan can help.
I have suggested him to test the sample again with the old version of WVSX which was signed in Sept with network disconnected to prove that WVSX can detect it with old database.:)
 
Last edited:

Tutman

Level 9
Verified
Apr 17, 2020
428
@WiseVector I am getting this alert last few days at computer startup. And a full system scan with Wisevector StopX finds nothing. :unsure:
alert.png


Neither does other third party AV scanners.

I tried to go into Windows features and uncheck powershell and then rebooted and tried to install latest stable Powershell 7.1 (I was apparently using 5.0 i believe) AND now when trying to install new Powershell version 7 (while it is installing...) I get a new alert stating:
alert2.png



Is this false positive? I have all settings on (advanced detection also) and realtime at startup. Heurestics set to normal. Thanks!
 

WiseVector

From WiseVector
Verified
Developer
Dec 14, 2018
398
Hi@Tutman

"WIBD:StealthInjector" means PowerShell is creating remote thread in another process. Honestly the first alert looks very suspicious, since normally PowerShell does not start automatically at startup. And PowerShell does not usually inject code into another process. Have you keep WVSX's behavior detection open all the time?

"WIBD:Heur.Injector.F0" means PowerShell is injecting code into system process. I just downloaded and installed PowerShell 7.1 X64 in Windows 10 2004. The installer did not execute "RegisterManifest.ps1" during installation. I manually executed "RegisterManifest.ps1" but no alert from WVSX. I also checked the source code of the file but can't find any function related Process Injection. It seems that this issue is related to your specific computer configurations.

Have you installed any other security software?

Please download Autorun from sysinternals. And then check if any PowerShell script is executed at startup.
 

Tutman

Level 9
Verified
Apr 17, 2020
428
Hi@Tutman

Have you installed any other security software?

Please download Autorun from sysinternals. And then check if any PowerShell script is executed at startup.
I have been also using/testing Mcafee Stinger with real protect. (But it never shows an alert and nothing in the logs.) And I already checked Autoruns but checked it again. I will try to turn off real protect and run the installer again for Powershell and see if it still gives the alert. Thanks for the fast response. You are always helpful and prompt on here and Wilders Security also! *Update I removed McAfee stinger from running and installed powershell 7.1 again with no alert this time! * I will keep watch and see if it pops up again.
 
Last edited:

WiseVector

From WiseVector
Verified
Developer
Dec 14, 2018
398
:giggle:Hello Everyone,

WiseVector StopX V2.70 is here,

What's new:
1. Added lightweight rollback to roll back changes caused by some destructive malware, such as ransomware. This feature has been designed to remain lightweight and users can hardly notice any performance degradation.
2. Redesigned the real-time file monitoring, it is more sensitive and faster than before.
3. Redesigned the Behavior Detection. Now the Behavior Detection can identify more unknown file infector viruses, being more capable of detecting advanced threats.
4. Improved Memory Protection to detect RAT trojan abuses legitimate processes to hide their malicious implants, such as Gh0st, Meterpreter and CobaltStrike.
5. Malware quarantine is now sorted by date. Quarantine reason is added.
6. The UI is not transparent now, so that the interface can be displayed more clearly. Some new skins are added.
7. Improved the ability to delete malicious files being locked.
8. Now users can select whether or not to automatically download and install program updates.

The download link:
https://update2.wisevector.com/WiseVector_StopX_V27.exe
https://www.wisevector.com/WiseVector_StopX_V27.exe

Please pick up the faster one.
After a few days of testing, V2.67 can update to V2.70 automatically. Now you can perform an overwrite install or fresh install.

Cheers & Best Regards,
WiseVector
 
Last edited:

WiseVector

From WiseVector
Verified
Developer
Dec 14, 2018
398
I did the manual update from v2.67. I even close and exit v2.67 but it's still showing v2.67? Do I need to restart my laptop to show the new change?
Hi,
Sorry, you can't update from V2.67 at present.
After a few days of testing, V2.67 can update to V2.70 automatically. Now you can perform an overwrite install or fresh install.
 

HarborFront

Level 57
Verified
Content Creator
Oct 9, 2016
4,615
Ok did an overwrite install using v2.70 now everything is ok. Thanks

Some suggestions

The thin and light black and blue text on the white background in the Settings page is too light as age is catching up on me. Bold the text to make a better contrast

No dark mode?
 
Last edited:

WiseVector

From WiseVector
Verified
Developer
Dec 14, 2018
398
Ok did an overwrite install using v2.70 now everything is ok. Thanks

Some suggestions

The thin and light black and blue text on the white background in the Settings page is too light as age is catching up on me. Bold the text to make a better contrast

No dark mode?
Sorry, no dark mode at present. Thanks for your feedback!
 
Top