Let Time Witness Our Growth
WiseVector StopX V2.67
Septemper 2, 2020
1. Improved the Memory Protection to detect IcedID, Dridex and other banker trojan.
2. Solved the problem that WiseVector StopX might stuck when it is scanning the Office files with XLM macro.
3. Improved the stability of Memory Protection when a large number of processes being executed at a time.
4. Improved the stability of Document Protection.
5. Fixed other bugs.
WiseVector StopX V2.66
July 8, 2020
1. Added detection of malicious SLK files.
2. Improved the Instruction Tracer. According to the current trend of some APT attacks, we improved the detection of Trojan abusing DLL Side-Loading which manipulate the memory of whitelist program. It can effectively detect some advanced threats.
3. Improved self-protection.
4. Solved the conflict between the Instruction Tracer and some APPs. The conflict may cause some APPs to be stucked.
5. Solved the problem that the WiseVector.exe may crash in Win10 2004.
6. Improved the update procedure to make the update process more robust.
7. Solved the problem that scheduled tasks may not be removed when uninstalling.
8. The uninstaller is now digitally signed.
WiseVector StopX V2.65
June 7, 2020
1. Improved Memory Protection to detect malware by abusing whitelist applications, such as Powershell, msbuild.exe, installutil.exe, regasm.exe, etc. It can effectively detect advanced threats based on tools such as PowerShell Empire, GreateSCT, nps_payload, ObfuscatedEmpire, unicorn, etc. Since it detects malicious payload in memory, it can effectively detect obfuscated malicious scripts.
2. Instruction Tracer improved. Recently, we have observed lots of RAT Trojans utilizing DLL hijacking to avoid detction by AV. These Trojans abuse whitelist APPs like Avast & ESET as well as APPs which are released by Samsung, TeamViewer, Citrix to perform DLL Side-Loading. We updated Instruction Tracer to make sure
they can be detected without needing signature updates.
3. Upgraded detection engine to improve accuracy.
4. Fixed the problem that Behavior Detection may fail to quarantine malware.
5. Improved detection of malicious RTF documents.
6. Fixed an uninstallation problem in Windows XP.
7. Fixed other bugs.
WiseVector StopX V2.64
May 26, 2020
1. Fixed a file parsing error that may decrease the detection rate of static scan.
2. Fixed a specific file parsing error that may cause WiseVector StopX’s service exit when scanning.
3. Other bugs fixed.
WiseVector StopX V2.63
May 20, 2020
1. Fixed a problem parsing particular files that may decrease the detection rate.
2. Fixed a problem that the tray icon occasionally missing after Windows Explorer restarted.
3. Fixed the problem that the scanner might stuck on “preparation to scan”.
4. Improved memory protection to reduce resources usage.
5. Fixed some logical problems in the settings.
WiseVector StopX V2.62 Beta
May 12, 2020
1. Fixed the problem that may cause increased memory use under certain specific conditions.
2. Fixed the problem that after minimizing the window, it may not be restored from the taskbar.
3. Prevented flickering window once at startup.
4. Increase the detection rate of malware in Office format.
5. Fixed the problem that memory detection may cause a bit high CPU usage under certain specific conditions.
6. Fixed the problem of scanning a large number of malware that cannot be processed at once.
7. Some other adjustments on the GUI.
WiseVector StopX V2.61 Beta
May 1, 2020
1. Fixed a GUI bug that some options at the bottom of the settings page cannot be changed(Thread Statics and the Proxy Server).
2. Fixed a problem that memory protection might conflict with some virtualization-based portable software. And some security software released by Humming Heads inc.
Since those software will inject hidden modules into system process, WiseVector StopX detected them as malware.
3. Other bugs fixed.
WiseVector StopX V2.60 Beta
April 30, 2020
1. Upgraded the AI engine to improve detection rate and reduce false positives. Users can adjust the protection level according to their needs. It should be noted that the protection level only affects static scanning and basic real-time monitoring, and does not affect behavior analysis and memory protection.
2. Added the instruction tracer module.This technique makes identifying the original source of the malicious behavior in applications. It can effectively detect hidden threats such as DLL Side-Loading, thread hijacking and so on. At the same time, it can also detect stealth attacks in post-injection phase.
3. Improved the detection of Info stealer malware. Info stealer malware is designed to harvest a variety of data (Browser Passwords, Cookies, FTP credentials, etc.,) on the computers. They usually minimize their behavior to decrease the chance of detection by AV. Most of them hide their presence on the system by using advanced malware stealth techniques such as injection, hollowing, etc.. Based on their characteristics, we have added multiple models to memory protection and behavioral analysis to detect them.
4. Improved the memory protection. Besides the Info stealer detection module we mentioned above. We also added multiple RAT detection modules, which can detect RAT uses DLL hijacking to evade the behavior monitoring (Gh0st, Parallax, etc.,). At the same time, the conflicts between memory protection with other security software is resolved. and also reduces the CPU consumption.
5. Ransomware detection improved, we added several ransomware detection models which can terminate the behavior of ransomware at an earlier stage.
6. Privacy protection got improved which can protect users from webcam and microphone spying.
7. Improved MBR and partition table protection.
8. Fixed an issue that may cause BSOD under certain conditions.
9. The user can set whether to turn on a specific component of the basic real-time monitoring.
10. We optimized code to reduce CPU consumption and disk I/O. 2.6 is even lighter than the previous versions.
11. Other bugs fixed.
WiseVector StopX V2.50 Beta
January 17, 2020
1. Engine improved: We brought deep reinforcement learning to the training process. This method makes the classifier to be trained continuously on samples that are easy to misclassify to get better detection results. We also performed feature engineering again. After the above efforts, the accuracy of the engine has been improved.
2. We added a module to detect a class of banking Trojans. Such Trojans often use MSI installation packages to release DLL Side-Loading. The size of the DLLs is generally large, so AV based on Cloud usually cannot detect them, but our new module has a detection rate of more than 98% for such DLLs.
3. Faster scanning speed.
4. We used a graph-based algorithm internally to save the running logs of the program. In the new version we have optimized the algorithm to make the speed of the Behavior Detection several times faster in some specific cases, including the process launching multiple child processes, or the program itself is larger, etc. Users will experience a speed increase when compiling programs or editing files with some specific large software.
5. Added Memory Detection. It detects malware that uses the following technologies:
Reflective Dll Injection,
Manually PE loading (Exe and Dll),
DotnetToJS, Sharpshooter, Net code in PowerShell.
As well as remote threads in system processes.
Since many advanced attacks currently use the above method, it is foreseeable that our Memory Detection will greatly help users to keep from advanced threats.
6. Added protection against ransomware using RIPlace technology, while Document Protection also protects against ransomware using this technology.
7. The Behavior Detecion has been improved in multiple detection links, such as injecting other programs, stealing system credentials, loading hidden locations, using WMI, etc.
8. The Behavior Detection added a program protection feature to protect system programs that are easily used by some advanced attack technologies, for example, RegAsm.exe, msbuild.exe, rundll32.exe, powershell, etc.. Our Behavior Detection will protect the PowerShell process from being injected by other programs, and other programs cannot be injected into PowerShell.
9. Improved usability: The tray right-click menu is easier to use. Meanwhile, we have redesigned the main malware report name to make it more friendly to users skilled in PC. They can learn the behavior of malicious programs from the main malware name.
10. Fixed Multiple bugs.
WiseVector StopX V2.09
July 17, 2019
1. Improved defense against Revenge Fileless Malware Family.
2. Resolved the Handle Leak in certain circumstances.
3. Resolved some false positives in behavior detection.
WiseVector StopX V2.08
July 17, 2019
1. Improved detection in UAC bypass attacks.
2. Behavior detection can now parse complex command lines written to the registry. Improved the ability to detect stealth malware.
3. Fixed a bug in process chain analysis. Improved the ability to remove malware leftover parts.
4. Improved Ransomware detection.
5. Improved defense against the AdWind family. In these days, we have tested hundreds of samples belong to Adwind family and the result is satisfied.
6. Redesigned quarantine, trust zone and log. Now they are clearer and easier to view.
7. Other bugs fixed.
WiseVector StopX V2.0
July 9, 2019
Many new feature added.
1. Advanced Protection which includes:
A. Behavior Detection based on AI
B. Scripts Behavior Analysis(Including fileless malware detection)
C. Zero_day Malware Detection
D. Important Applications Protection(eg: Office, Flash, PDF, Reader, IE)
E. Dll Hijack Detection
2. Ransomware Behavior Detection
3. Ransomware Trap
4. Documents Protection
5. Self-protection improved
6. Scanning speed improved
7. Active memory scanning now added in Real-time Monitor.
WiseVector StopX V1.34
June 19, 2019
Fixed conflict with Uplay.
WiseVector StopX V1.33
March 16, 2019
1. Fixed the problem to scan Zip Bomb.
2. Fixed the problem with scanning the Office template format.
WiseVector StopX V1.32
January 23, 2019
1. Added the detection of Office documents in XML format.
2. Custom scan has the option to select hidden folders. Upload has the option to select hidden files.
3. Fix the problem that scan unicode file with abnormal name may be skipped.
WiseVector StopX V1.29
November 24, 2018
1. Fixed the loss of files on the trust list caused by force restart of the PC.
2. Fixed the problem that the tray icon could not be displayed when multiple explorer processes crashed at the same time.
3. Fixed other problems with stability.
WiseVector StopX V1.28
November 23, 2018
1. Fixed a problem that could cause the installation of some third-party software such as browser plug-ins to fail.
2. Fixed a proplem with scanning malformed office documents would get stuck.
3. Improve the scanning speed of pdf files.
4. Improve the efficiency and speed of file monitoring.
WiseVector StopX V1.27
September 2, 2018
1. Fixed the problem that the icon may become transparent after starting the OS.
2. Fixed some interface loading problems.
3. Other bugs fixed.
WiseVector StopX V1.26
August 26, 2018
1. Trust list can add directories.
2. Fixed the problem that the trust list might be automatically cleaned up under certain specific conditions.
3. Fixed parsing of some special PE output tables.
4. Increased the scanning speed of certain files.
WiseVector StopX V1.25
August 4, 2018
1. Solved the incompatibility between the Behavior Detection and some Powershells.
2. Fixed a problem that the settings could not be opened under certain circumstances.
3. Completed the logic of full scan.
4. Improved AI to learn Win32 / Nabucur virus.
5. Reduce the need to restart after online upgrades.
WiseVector StopX V1.24
July 30, 2018
1. Improves the stability of file monitoring.
2. Improve the scanning speed of OLE documents.
3. Prevented a warning that may appear when uploading files.
4. Prevented a possible stuck when installing APPs in XP.
5. Fixed several problems with parsing abnormal PEs.
WiseVector StopX V1.23
1. Fixed a problem with parsing VMP shells.
2. Fixed a problem with parsing super large files.
3. Fixed a problem that the icon did not show when Windows Explorer crashed.
WiseVector StopX V1.22
July 16, 2018
WiseVector StopX was compatible with high score screen.
WiseVector StopX V1.21
July 14, 2018
1. Fixed the PDF model.
2. Fixed an error in OLE document format recognition.
3. Corrected the analysis of NET Native program.
WiseVector StopX V1.20
July 12, 2018
1. Fixed the problem that WiseVector StopX did not start automatically after “Quick Start” was enabled in Win10.
2. FIxed the problem that after exiting, the Monitor may did not work when restarting WiseVector StopX.
3. WiseVector StopX was able to scan more file formats.
WiseVector StopX V1.10
July 5, 2018
1. Fixed a bug in streaming update.
2. Fixed a bug in VB program automatic feature code extraction.
3. Fixed a problem with 64-bit Dotnet program feature extraction.
4. Removed unmature supply chain attack detection.
WiseVector StopX V1.0
July 1, 2018
With the great efforts of all staff, WiseVector StopX V1.0 was finally released!