Let Time Witness Our Growth
WiseVector StopX V2.72
January 13, 2021
1. Fixed a particular resource leak.
2. Fixed the issue that the behavior detection might fail to clean up malicious leftovers.
3. Speed up scanning on large files.
4. Improved the stability of ransomware rollback.
5. Improved performance.
WiseVector StopX V2.71 Beta
January 4, 2021
1. Fixed the issue that ransomware rollback may fail to rollback some encrypted files.
2. Redesigned the rollback window, now users can adjust the window size so that they can view the rollback items clearly.
3. Show cleanup progress when users are cleaning a large number of malware.
4. Fixed the issue that the file name may be garbled after restoring from quarantine.
5. Fixed the issue that WiseVector StopX may cause other programs to get stuck.
6. Registry monitoring is more powerful, which can detect more malicious programs that modify the registry.
7. Added backup of php, jsp, asp files for ransomware rollback.
8. Reduced the resource usage.
WiseVector StopX V2.70 Beta
December 23, 2020
1. Added lightweight rollback to roll back changes caused by some destructive malware, such as ransomware.
This feature has been designed to remain lightweight and users can hardly notice any performance degradation.
2. Redesigned the real-time file monitoring, it is more sensitive and faster than before.
3. Redesigned the Behavior Detection. Now the Behavior Detection can identify more unknown file infector viruses, being more capable of detecting advanced threats.
4. Improved Memory Protection to detect RAT trojan abuses legitimate processes to hide their malicious implants, such as Gh0st, Meterpreter and CobaltStrike.
5. Malware quarantine is now sorted by date. Quarantine reason is added.
6. The UI is not transparent now, so that the interface can be displayed more clearly. Some new skins are added.
7. Improved the ability to delete malicious files being locked.
8. Now users can select whether or not to automatically download and install program updates.
WiseVector StopX V2.67
Septemper 2, 2020
1. Improved the Memory Protection to detect IcedID, Dridex and other banker trojan.
2. Solved the problem that WiseVector StopX might stuck when it is scanning the Office files with XLM macro.
3. Improved the stability of Memory Protection when a large number of processes being executed at a time.
4. Improved the stability of Document Protection.
5. Fixed other bugs.
WiseVector StopX V2.66
July 8, 2020
1. Added detection of malicious SLK files.
2. Improved the Instruction Tracer. According to the current trend of some APT attacks, we improved the detection of Trojan abusing DLL Side-Loading which manipulate the memory of whitelist program. It can effectively detect some advanced threats.
3. Improved self-protection.
4. Resolved the conflict between the Instruction Tracer and some APPs. The conflict may cause some APPs to be stucked.
5. Fixed the issue that the WiseVector.exe may crash in Win10 2004.
6. Improved the update procedure to make the update process more robust.
7. Fixed the issue that scheduled tasks may not be removed when uninstalling.
8. The uninstaller is now digitally signed.
WiseVector StopX V2.65
June 7, 2020
1. Improved Memory Protection to detect malware by abusing whitelist applications, such as Powershell, msbuild.exe, installutil.exe, regasm.exe, etc. It can effectively detect advanced threats based on tools such as PowerShell Empire, GreateSCT, nps_payload, ObfuscatedEmpire, unicorn, etc. Since it detects malicious payload in memory, it can effectively detect obfuscated malicious scripts.
2. Instruction Tracer improved. Recently, we have observed lots of RAT Trojans utilizing DLL hijacking to avoid detection by AV. These Trojans abuse whitelist APPs like Avast & ESET as well as APPs which are released by Samsung, TeamViewer, Citrix to perform DLL Side-Loading. We updated Instruction Tracer to make sure they can be detected without needing signature updates.
3. Upgraded detection engine to improve accuracy.
4. Fixed the problem that Behavior Detection may fail to quarantine malware.
5. Improved detection of malicious RTF documents.
6. Fixed an uninstallation problem in Windows XP.
7. Fixed other bugs.
WiseVector StopX V2.64
May 26, 2020
1. Fixed a file parsing error that may decrease the detection rate of static scan.
2. Fixed a specific file parsing error that may cause WiseVector StopX’s service exit when scanning.
3. Fixed other bugs.
WiseVector StopX V2.63
May 20, 2020
1. Fixed the issue that parsing particular files may decrease the detection rate.
2. Fixed the issue that the tray icon occasionally missing after Windows Explorer restarted.
3. Fixed the issue that the scanner might stuck on “preparation to scan”.
4. Improved memory protection to reduce resources usage.
5. Fixed some logical issues in the settings.
WiseVector StopX V2.62 Beta
May 12, 2020
1. Fixed the issue that may cause increased memory use under certain specific conditions.
2. Fixed the issue that after minimizing the window, it may not be restored from the taskbar.
3. Prevented flickering window once at startup.
4. Increase the detection rate of malware in Office format.
5. Fixed the issue that memory detection may cause a bit high CPU usage under certain specific conditions.
6. Fixed the issue of scanning a large number of malware that cannot be processed at once.
7. Some other adjustments on the GUI.
WiseVector StopX V2.61 Beta
May 1, 2020
1. Fixed a GUI bug that some options at the bottom of the settings page cannot be changed(Thread Statics and the Proxy Server).
2. Fixed the issue that memory protection might conflict with some virtualization-based portable software and some security software released by Humming Heads inc. Since those software will inject hidden modules into system process, WiseVector StopX detected them as malware.
3. Fixed other bugs.
WiseVector StopX V2.60 Beta
April 30, 2020
1. Upgraded the AI engine to improve detection rate and reduce false positives. Users can adjust the protection level according to their needs. It should be noted that the protection level only affects static scanning and basic real-time monitoring, and does not affect behavior analysis and memory protection.
2. Added the instruction tracer module.This technique makes identifying the original source of the malicious behavior in applications. It can effectively detect hidden threats such as DLL Side-Loading, thread hijacking and so on. At the same time, it can also detect stealth attacks in post-injection phase.
3. Improved the detection of Info stealer malware. Info stealer malware is designed to harvest a variety of data (Browser Passwords, Cookies, FTP credentials, etc.,) on the computers. They usually minimize their behavior to decrease the chance of detection by AV. Most of them hide their presence on the system by using advanced malware stealth techniques such as injection, hollowing, etc.. Based on their characteristics, we have added multiple modules to memory protection and behavioral analysis to detect them.
4. Improved the memory protection. Besides the Info stealer detection module we mentioned above. We also added multiple RAT detection modules, which can detect RAT uses DLL hijacking to evade the behavior monitoring (Gh0st, Parallax, etc.,). At the same time, the conflicts between memory protection with other security software is resolved. and also reduces the CPU consumption.
5. Improved Ransomware detection. We added several ransomware detection modules which can terminate the behavior of ransomware at an earlier stage.
6. Privacy protection got improved which can protect users from webcam and microphone spying.
7. Improved MBR and partition table protection.
8. Fixed the issue that may cause BSOD under certain conditions.
9. The user can set whether to turn on a specific component of the basic real-time monitoring.
10. We optimized code to reduce CPU consumption and disk I/O. 2.6 is even lighter than the previous versions.
11. Fixed other bugs.
WiseVector StopX V2.50 Beta
January 17, 2020
1. Engine improved: We brought deep reinforcement learning to the training process. This method makes the classifier to be trained continuously on samples that are easy to misclassify to get better detection results. We also performed feature engineering again. After the above efforts, the accuracy of the engine has been improved.
2. We added a module to detect a class of banking Trojans. Such Trojans often use MSI installation packages to release DLL Side-Loading. The size of the DLLs is generally large, so AV based on Cloud usually cannot detect them, but our new module has a detection rate of more than 98% for such DLLs.
3. Faster scanning speed.
4. We used a graph-based algorithm internally to save the running logs of the program. In the new version we have optimized the algorithm to make the speed of the Behavior Detection several times faster in some specific cases, including the process launching multiple child processes, or the program itself is larger, etc. Users will experience a speed increase when compiling programs or editing files with some specific large software.
5. Added Memory Detection. It detects malware that uses the following technologies:
Reflective Dll Injection,
Manually PE loading (Exe and Dll),
DotnetToJS, Sharpshooter, Net code in PowerShell.
As well as remote threads in system processes.
Since many advanced attacks currently use the above method, it is foreseeable that our Memory Detection will greatly help users to keep from advanced threats.
6. Added protection against ransomware using RIPlace technique, while Document Protection also protects against ransomware using this technique.
7. The Behavior Detecion has been improved in multiple detection links, such as injecting other programs, stealing system credentials, loading hidden locations, using WMI, etc.
8. The Behavior Detection added a program protection feature to protect system programs that are easily used by some advanced attack techniques, for example, RegAsm.exe, msbuild.exe, rundll32.exe, powershell, etc.. Our Behavior Detection will protect the PowerShell process from being injected by other programs, and other programs cannot be injected into PowerShell.
9. Improved usability: The tray right-click menu is easier to use. Meanwhile, we have redesigned the main malware report name to make it more friendly to users skilled in PC. They can learn the behavior of malicious programs from the main malware name.
10. Fixed multiple bugs.
WiseVector StopX V2.09
July 17, 2019
1. Improved defense against Revenge Fileless Malware Family.
2. Resolved the Handle Leak in certain circumstances.
3. Resolved some false positives in behavior detection.
WiseVector StopX V2.08
July 17, 2019
1. Improved detection of UAC bypass attacks.
2. Behavior detection can now parse complex command lines written to the registry. Improved the ability to detect stealth malware.
3. Fixed a bug in process chain analysis. Improved the ability to remove malware leftover parts.
4. Improved Ransomware detection.
5. Improved defense against the AdWind family. In these days, we have tested hundreds of samples belong to Adwind family and the result is satisfied.
6. Redesigned quarantine, trust zone and log. Now they are clearer and easier to view.
7. Other bugs fixed.
WiseVector StopX V2.0
July 9, 2019
Many new feature added.
1. Advanced Protection which includes:
A. Behavior Detection based on AI
B. Scripts Behavior Analysis(Including fileless malware detection)
C. Zero_day Malware Detection
D. Important Applications Protection(eg: Office, Flash, PDF, Reader, IE)
E. Dll Hijack Detection
2. Ransomware Behavior Detection
3. Ransomware Trap
4. Documents Protection
5. Improved Self-protection.
6. Imrpoved Scanning speed.
7. Active memory scanning now added in Real-time Monitor.
WiseVector StopX V1.34
June 19, 2019
Fixed conflict with Uplay.
WiseVector StopX V1.33
March 16, 2019
1. Fixed the issue to scan Zip Bomb.
2. Fixed the issue with scanning the Office template format.
WiseVector StopX V1.32
January 23, 2019
1. Added the detection of Office documents in XML format.
2. Custom scan has the option to select hidden folders. Upload has the option to select hidden files.
3. Fix the issue that scan unicode file with abnormal name may be skipped.
WiseVector StopX V1.29
November 24, 2018
1. Fixed the loss of files on the trust list caused by force restart of the PC.
2. Fixed the issue that the tray icon could not be displayed when multiple explorer processes crashed at the same time.
3. Fixed other issues with stability.
WiseVector StopX V1.28
November 23, 2018
1. Fixed the issue that could cause the installation of some third-party software such as browser plug-ins to fail.
2. Fixed the issue with scanning malformed office documents would get stuck.
3. Improve the scanning speed of pdf files.
4. Improve the efficiency and speed of file monitoring.
WiseVector StopX V1.27
September 2, 2018
1. Fixed the issue that the icon may become transparent after starting the OS.
2. Fixed some interface loading issues.
3. Fixed other bugs.
WiseVector StopX V1.26
August 26, 2018
1. Trust list can add directories.
2. Fixed the issue that the trust list might be automatically cleaned up under specific conditions.
3. Fixed parsing of some special PE output tables.
4. Increased the scanning speed of certain files.
WiseVector StopX V1.25
August 4, 2018
1. Resolved the incompatibility between the Behavior Detection and some Powershells.
2. Fixed the issue that the settings could not be opened under certain circumstances.
3. Completed the logic of full scan.
4. Improved AI to learn Win32 / Nabucur virus.
5. Reduce the need to restart after online upgrades.
WiseVector StopX V1.24
July 30, 2018
1. Improves the stability of file monitoring.
2. Improve the scanning speed of OLE documents.
3. Prevented a warning that may appear when uploading files.
4. Prevented a possible stuck when installing APPs in XP.
5. Fixed several issues with parsing abnormal PEs.
WiseVector StopX V1.23
1. Fixed the issue with parsing VMP shells.
2. Fixed the issue with parsing super large files.
3. Fixed the issue that the icon did not show when Windows Explorer crashed.
WiseVector StopX V1.22
July 16, 2018
WiseVector StopX was compatible with high score screen.
WiseVector StopX V1.21
July 14, 2018
1. Fixed the PDF model.
2. Fixed an error in OLE document format recognition.
3. Corrected the analysis of NET Native program.
WiseVector StopX V1.20
July 12, 2018
1. Fixed the issue that WiseVector StopX did not start automatically after “Quick Start” was enabled in Win10.
2. FIxed the issue that after exiting, the Monitor may did not work when restarting WiseVector StopX.
3. WiseVector StopX was able to scan more file formats.
WiseVector StopX V1.10
July 5, 2018
1. Fixed a bug in streaming update.
2. Fixed a bug in VB program automatic feature code extraction.
3. Fixed the issue with 64-bit Dotnet program feature extraction.
4. Removed unmature supply chain attack detection.
WiseVector StopX V1.0
July 1, 2018
With the great efforts of all staff, WiseVector StopX V1.0 was finally released!