WiseVector Stop-X

Discussion in 'other anti-malware software' started by bellgamin, Aug 10, 2020.

  1. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    Thanks to @roger_m I was made aware of a free antimalware (AM) called WiseVector (WV) whose website is HERE.

    Before installing WV I checked forums at Wilders & MalwareTips and found several comments, all of which were favorable. Now that I have installed it I thought I would share a bit of my experiences with you.

    First off, WV is NOT a signature based AM. Instead it is based on artificial intelligence (AI) -- the new buzz-word used by several AMs (example: SecureAPlus's APEX). The best way to get an idea of what it does is to visit its website, which I linked in first paragraph. Briefly, however, WV promotes itself as specializing in Advanced & Stealth Threat Detection including, but not limited to, zero-day malware detection.

    My experiences:
    • MV installs quickly & is very easy on system resources. On my aging laptop it uses 39 100ths of 1 percent CPU from time to time, and takes up 7.31MB RAM, as measured by my computer's SysGauge Monitor app.
    • MV's icon is a rocket -- in my system tray its small icon mostly resembles R2D2 of Star Wars fame.
    • I had MV do what it calls a "Quick Scan" -- it took over 30 minutes! Either its scanner is very slow (I doubt that) OR its non-signature-based scan must have to do a lot of messing around with files in order to discern what they might be up to (that's my guess). Anyhow, for whatever reason, I will henceforth do scans only when there's something good to watch on TV or I'm going outside to mow the lawn.
    Screenshots? NO! Here is a very interesting fact: WV evidently protects itself from having screenshots made of any page of its GUI. I have 3 apps to take screenshots and, on all 3, the instant the app was clicked to target the screenshot, the GUI quickly disappeared. After the shot was taken, the GUI reappeared. I checked -- all screenshots showed a blank screen -- no visible GUI. Therefore, I will verbally describe the GUI.
    • Main page: offers 3 scan types: Quick, Full, & Custom. There are click-spots to access: Log, Exclusions, Quarantine. It offers a choice of 9 skins. It has a drop down menu with 2 choices: Settings, Check for Updates
    • Settings Page, Basic Tab has check boxes for: Load at startup, Enable Real-Time Protection (has a set-up page for that), Auto Updates. Has a drop down menu for selecting strength of its Heuristics (Low, Normal, High, Aggressive)
    • Settings Page, Advanced Tab has check boxes for: Advanced Detection Settings, Anti-Ransomware Settings, Self-Defense, Memory Inspection, Instruction Tracer
    That's my take. By the way, the language option on WV's website gives 2 choices: (1) English and (2) guess what. Ergo, the country of WV's origin is fairly easy to figure.

    I hope some of you folks will give WV a spin & let us all know what you think. I am VERY pleased to have such a (potentially) powerful, non-sig, free, light, user-friendly AM in my arsenal. I am hoping that time will eventually prove that it's worth MUCH more than I paid for it. :rolleyes:
     
    Last edited: Aug 11, 2020
  2. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
  3. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    Long is right -- it's 55 pages, starting November 2018 & coming right up to recent dates. 2018 comments were luke-warm, but grew warmer after WV got its GUI into English & the app matured.

    @itman -- thanks for the link. Have you tried it yourself? If so, what are your reactions?
     
  4. pb1

    pb1 Registered Member

    Joined:
    Apr 4, 2014
    Posts:
    1,271
    Location:
    sweden
    It is important to mention that it is still under development, beta, so the finished product will change. According to information from the developer in the thread at M-tips it is going to be splitt in 2 different version when they are going "live" with Wv Stopx. One simpler free version, and the other will be as it is now and will be the paid. The AI will for shure not be in the free but in the paid.

    That splitt will happen soon according to info in the thread from the developer since they are almost done with the development.
     
    Last edited: Aug 11, 2020
  5. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    But that's just speculation on your part isn't it? I don't believe it has been mentioned in the thread at MT.
     
  6. pb1

    pb1 Registered Member

    Joined:
    Apr 4, 2014
    Posts:
    1,271
    Location:
    sweden
    That`s why i wrote - "for shure".

    That they would give away the AI feature for free when it is the most advanced feature in the product is highly unlikely. Don`t you agree?
    I would be VERY SURPRISED otherwise. I would not do that if i was in charge of the product. The rest of the features in the product is not anything special compared to others, even though they are good according to test.
     
  7. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    I personally would not use any security software from a Chinese based company.

    That said, most existing Chinese security software is "tuned" to in-country malware attacks. I have a couple of Chinese security associates, and all lament how the major AV security products do not detect in-country malware for some time after initial 0-day discovery. WiseVector seems to be an exception to this; most likely due to its signature-less behavior detection methods. Of the major AV vendors, testing has shown Kaspersky and Dr. Web are the best at detecting Chinese based malware directed at in-country targets; probably because of Russia's proximity to China.
     
    Last edited: Aug 11, 2020
  8. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    A tech representative of the developers of WiseVector (WV) regularly posts in the WV thread at MT (now 55 pages long as of 8/11/2020). Yesterday I mentioned WV's very slow scanning speed for a custom scan of system32 & syswow64 (it was incomplete after over 1 hour so I aborted). Today, WV's representative asked me to try again. I did so and ---- Poof! The scan finished in just a very few minutes. Hmmmm.........

    Aloha to all from Hawaii,
    bellgamin

    ~ Off Topic Remarks Removed ~
     
    Last edited by a moderator: Aug 11, 2020
  9. plat

    plat Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    2,233
    Location:
    Brooklyn, NY
    I've been following this product off and on. Tried it at the very beginning of its debut, the scan was a little slower than I liked but I found the UI to be neat and clean, even with some decorative skins (always liked that). I'm thinking to give it a try again. The developer, WiseVector, seems very personable and true-blue about his product and I respect him for that. Here's an example I found of his response vis-a-vis the Chinese government--believe or not.

    https://malwaretips.com/threads/wise-vector-stopx-vs-ransominator.100404/#post-877175
     
  10. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Last edited: Aug 18, 2020
  11. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    @bjm -- Thanks for the screen shots. My 3 screenshot apps couldn't get the job done.

    I have found the Protected Documents option to be of great potential value. As to how good it works .... time will tell.

    By the way, with respect to the option to "Add trusted applications automatically" -- as yet, I have not found it to have any apparent effect whatsoever, whether I checked the box or unchecked it. Anyone else?
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Addendum: I noticed that all pages of WV's GUI are transparent. Whatever is under the page you are reading will show through. I found that it's better to view the GUI against an uncluttered background.
     
    Last edited: Aug 11, 2020
  12. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    I don't agree. The product is built on AI technology, so I don't see how they could make a non AI based free version.
     
  13. pb1

    pb1 Registered Member

    Joined:
    Apr 4, 2014
    Posts:
    1,271
    Location:
    sweden
    Everything in it is not based on AI so it is easy to accomplish for a programmer.
    But we will see, we will see.

    Is there somewhere one can bet on this :p
     
  14. Surt

    Surt Registered Member

    Joined:
    Jan 23, 2019
    Posts:
    471
    Location:
    USA
    In the release history, erroneously perhaps, the beta tag was dropped from the version number with the May 20 release.

    That said, the changelogs since then looks like the product is still in pre-alpha.
     
  15. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    @bellgamin - Thanks for mention and topic of this safety program.
    Downloaded yesterday and going to take it for a spin soon. Read some preliminary acceptably good reviews so far and support seems to be current and active. Interesting invention and especially if she proves out to be as light as mentioned.
     
  16. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    1,649
    Location:
    Paris
    Easter- I was curious about WiseVector so I did a quick and dirty test the other day:

    1). Malware used- a total of 60 samples, 30 exe's and 30 scriptors.
    Of the exe files, 15 were ransomware (all acting by different mechanisms), the other 15 being info stealers, Agent tesla, and other assorted riff-raff.The 30 Scriptors included my beloved Worms, Powershell and Python scripts, Batch and JSript files.

    I tried to include malware of different ages, the oldest being from 2012 and the newest were a couple of files I found were fresh on the day of testing. Also I coded 2 ransomware samples (using LoLbins), and 2 vbs worms. Finally 7 additional files were included: 2 Cracks and 5 unsigned (and new) legitimate files.

    Please note that ALL of the files were cherry-picked by me to make sure both the mechanism of action as well as and persistence methods were singular.

    2). WiseVector was installed without any changes made to the settings (none really to make anyway). To insure that there was no utilization of any Cloud based detection the Network on the system was disabled.

    3). The malware was placed in a folder and an On-Demand scan (right-click) was done. Some malware was detected on the scan and I received a popup to Quarantine, which I did. The remaining samples (I'm not going to give a percentage as this would vary with the malware files selected for the test) were run consecutively.

    4). As I was very familiar with the actions of each file used in the test, I made note of any system changes like persistence, and attempts at trying to use the (disabled) network.However for any malware file that was NOT detected by the on-demand scan that normally would use the network to connect out I did enable the network prior to running these files.

    Results- Of the malware run, most resulted in a WV Quarantine alert and a few were kept in memory until vanishing. One malware file (a fast-encryptor ransomware file that I coded) was able to trash a couple of files that I had previously placed on the Desktop, but no other file encryption was seen. The 2 cracks were deleted (quarantined) and the 5 legitimate applications were run without issue. With the exception noted above, no system changes were noted on analysis post system reboot.

    Conclusion- To my surprise WiseVector performed Optimally.

    (Fun Fact- out of curiosity I wrote basic 2 batch files- one "Hello World", the other endless Calculators. I converted both to exe's and ran them. Both Hello World file executed fine. The Endless calculator batch ran without any detection, but the exe version was detected as malware).

    M
     
    Last edited: Aug 13, 2020
  17. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    @EASTER -- I look forward to reading your comments after your "spin" -- I hope it's a good fit for your system.

    @cruelsister -- Hey, it's always great when you visit here!!! I wish you would do so MUCH more often.

    Thank you to the nth degree for your very helpful and surprising test results. I was a little bit apprehensive when I saw your by-line. I figured, if anyone can bust WiseVector's bubble, it will be cruelsister. Why apprehensive? Because I am so hoping that this AI-based security app will finally prove to be a valid stand-alone replacement for the likes of Mamutu -- if anyone remembers that excellent little behavior blocker from back in the days of yore.

    Yes, I know -- AI & behavior blockers aren't exactly the same thing, but close enough to suit my needs. I just hope the developers don't get carried away & turn it into yet another do-it-all AV.
     
    Last edited: Aug 13, 2020
  18. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    @cruelsister -- Very nicely detailed samples run on that end. Perhaps a promising new entry to dependable coverage and in stark & better contrast then some others that you've put thru paces before which proved far less than their claims/hype.

    @bellgamin You just had to bring up Mamutu. No secret that I also really found it a reasonable compliment during those butterflynet days as a behavioral interceptor and one that shall we say? "got away?"
     
  19. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    Original vers. of EAM had it embedded. When Emsisoft abandoned it there, I dumped EAM.
     
  20. amico81

    amico81 Registered Member

    Joined:
    Oct 18, 2017
    Posts:
    100
    Location:
    Germany
    when I would install the newest version, does it actually replace the win defender, or is it still active?
     
  21. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    Windows Defender is still active, as WiseVector doesn't register in the Windows Security Centre as of yet.

    You can permanently disable WD with Defender Control, if you only want to use WiseVector for realtime protection.
    https://www.sordum.org/9480/defender-control-v1-6/
     
  22. TerryWood

    TerryWood Registered Member

    Joined:
    Jan 14, 2006
    Posts:
    1,037
    Hi @ Wilders

    I know this thread is about WiseVector Stop-X which interests me considerably as a result of the previous comments and tests by Cruelsister. Currently I am using AppCheck Free Anti Ransomware and would like to know the difference between it and WiseVector. Does the latter provide enhanced (wider) protection than AppCheck.

    Any help to determine the most suitable of the two for me would be appreciated.

    Thanks

    Terry
     
  23. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    WiseVector is a full antivirus.
     
  24. TerryWood

    TerryWood Registered Member

    Joined:
    Jan 14, 2006
    Posts:
    1,037
    Hi @ Roger_m

    Thanks for that

    Terry
     
  25. TerryWood

    TerryWood Registered Member

    Joined:
    Jan 14, 2006
    Posts:
    1,037
    Hi @roger_m

    So, in your opinion, could I replace BitDefender Free and Appcheck Anti Ransomeware with Wisevector without loss of my current level of protection?

    Thank you

    Terry
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.