WiseVector Stop-X

Discussion in 'other anti-malware software' started by bellgamin, Aug 10, 2020.

  1. WiseVector

    WiseVector Registered Member

    Joined:
    Aug 16, 2020
    Posts:
    482
    Location:
    China
    Hi everyone!

    Here is the update log of beta 3.0:
    WiseVector StopX V3.00 Beta
    June 21, 2021

    1. Added firewall, web protection, network intrusion detection.

    2. Both HIPS and firewall support security level adjustment. Users can adjust the security level according to their needs.

    3. Add support to write HIPS and firewall rules. Users can write rules according to their needs to get better protection.

    4. Improved the process injection detection, added multiple multi-step models to detect malicious programs using advanced injection techniques.

    5. Improved stealer malware detection, in addition to the already exists multi-step models, we added multiple single-step models based on artificial intelligence and reputation. When a program that is not trusted by the AI and trying to access the user’s sensitive data, such as username and password saved in the browser, cryptocurrency wallet data, etc. WiseVector StopX will prompt the user to allow or deny each operation detected. This is a good strategy against some stealer malware that utilized bat files, lnk files, Python scripts to harvest user’s data . Although the code of these malware is relatively simple, the attack is very tricky to detect by multi-step models.

    6. Enhanced stability and reliability of behavior monitoring. For example, driver loading, Webcam access, scheduled task creation monitoring is more efficient and stable than before.

    7. Other bug fixes.

    Download at: https://update2.wisevector.com/WiseVector_StopX_V30.exe

    Recommended for experienced users to download and test.
     
  2. WiseVector

    WiseVector Registered Member

    Joined:
    Aug 16, 2020
    Posts:
    482
    Location:
    China
    Thank you very much for you positive feedback. It means a lot for us!:)
     
  3. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    1,974
    Location:
    Canada
    I have a question, right now on one of my PC, I am using Comodo firewall with the previous version of WiseVector. With the new WiseVector stopX V3.0 Beta which includes a firewall, I guess it's best to uninstall Comodo?
    Thanks
     
  4. avman1995

    avman1995 Registered Member

    Joined:
    Sep 24, 2012
    Posts:
    944
    Location:
    india
    I hope for the quality of WV they dont!! Comodo has created very promising projects but in the long run they are abandoned/not given enough attention. (valkyrie, cima, dacs etc). Right now where they stand is definitely not something we expected at all 10 years before.
     
  5. apm

    apm Registered Member

    Joined:
    Mar 15, 2006
    Posts:
    164
    tested v3.0 today, when running utorrent client on win10 x64 21h1, the cpu consumption is always over 30%, exit utorrent the cpu go down, maybe is the firewall cause this, but when try disable firewall and intrusion, the cpu also keep over 30%, also at gui, there is no options setting for firewall.
     
  6. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    1,519
    Location:
    Paris
    Not at all! There is no interference between the firewall components of CF and WVSX. The applications themselves compliment each other optimally. Think of it more as a superb anti-malware application (WV) enhanced by the addition of an automatic sandbox with Scriptor protection (CF),both being quick to respond as well as being light as a feather.
     
    Last edited: Jun 22, 2021
  7. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    1,974
    Location:
    Canada
    @cruelsister, Thanks a lot for this clear explanation.:)
     
  8. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    9,715
    Location:
    U.S.A. (South)
    Within the personalized HIPS rules feature, can anyone briefly detail how to prevent ANY file OR folder BOTH from being moved/copied (drag n drop too) to another location. The idea is to from MyDocuments to BLOCK being moved to desktop but I tried multiple methods so far with no joy. Thanks

    And Thanks to WiseVector team for really stepping this program up a notch and raising the bar.
     
  9. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,590
    Location:
    South Wales, UK
    Hi WV

    I have checked in the installation directory as you suggested and I am not seeing any dump files with a name like "v2*.dmp". I have even searched the whole disk for the same and nothing. I am guessing that the failure or killing of WVSX is occuring kn a way that does not allow the .dmp file to be written.

    Is there anywhere else I can look to get information on what might be going on so I can send it to support?

    Many thanks, Baldrick
     
  10. whistlebird

    whistlebird Registered Member

    Joined:
    Jun 20, 2006
    Posts:
    18
    Location:
    USA
    I am a little confused. I have been using WVStopX v2.73 without any hiccups, and am aware of the release of v3.0

    In its current beta form is this the form that the PAID version will take for advanced users? If so, what will be available in the Free version?

    If I wanted to try v3.0, what settings should be made to duplicate the simplicity of v2.73 for a novice?

    In another words, if I want to use v3.0 as a free version alongside Windows Defender without any conflicts or incompatibilities, what settings should be changed or ignored? Thanks all!
     
  11. porkpiehat

    porkpiehat Registered Member

    Joined:
    Jul 18, 2015
    Posts:
    45
    just switched on my computer, and this warning was up.. FP at a guess... upload_2021-6-23_2-21-4.png
     
  12. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    9,715
    Location:
    U.S.A. (South)
    HIPS simple RULE-Refuse Any Folder Creation (on desktop)-Starts out great-Block and Alert Displays-However it take 18 Clicks on the Alert Box (green) OK to cancel Alert. Example:
    sshot-2021-06-22-21-32-54.jpg

    _________________________________________________________________________
    sshot-2021-06-22-21-33-38.jpg
    _________________________________________________________________
    sshot-2021-06-22-21-33-48.jpg

    EDIT: Folder created anyway after pressing continue. RESOLVED
     
    Last edited: Jun 23, 2021
  13. drhu22

    drhu22 Registered Member

    Joined:
    Aug 21, 2010
    Posts:
    515
    @cruelsister

    If I understand correctly, you recommend running all WiseVector components along with the CS CFW setup. What does the Wisevector fw add that Comodo fw doesnt protect against?
     
  14. WiseVector

    WiseVector Registered Member

    Joined:
    Aug 16, 2020
    Posts:
    482
    Location:
    China
    Hi porkpiehat,

    Were you scanning your computer with Windows Defender at that time? Strangely enough it seems that Windows Defender is trying to delete or modify files in WVSX's ransomware honeypot folder.
     
  15. WiseVector

    WiseVector Registered Member

    Joined:
    Aug 16, 2020
    Posts:
    482
    Location:
    China
    After pressing continue. dllhost.exe is responsible to create the new folder. Please double-click on the rule ("FOlder") you created. Change Program Path to %windows%\explorer.exe|%sys%\dllhost.exe. See screentshot below,

    upload_2021-6-23_13-9-25.png



    If you don't want to see the blocked events notification, you can disable it in Settings->Other->Notifications, uncheck the "Show notification.....".
    After that, WVSX will block the action silently. However, you can still view the event details in Log->Protection log.
     
  16. porkpiehat

    porkpiehat Registered Member

    Joined:
    Jul 18, 2015
    Posts:
    45
    No, I turned the computer on, made a cuppa, and when I returned I was faced with the alerts...
     
  17. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    9,715
    Location:
    U.S.A. (South)
    @WiseVector- Thank You for your guidance-
    Variables entered as you posted solved. Folder NOT CREATED (which was the idea)
    However it took multiple repeated pressed of OK on Alert Box before alert box ended.
    Also user prefers to see Blocked Event Notification but will not respond to OK to close.
    That issue persists. Or else wait for timer to expire for auto-close=30 secs (is by design?)
     
    Last edited: Jun 23, 2021
  18. WiseVector

    WiseVector Registered Member

    Joined:
    Aug 16, 2020
    Posts:
    482
    Location:
    China
    Hi Lyx,

    Sorry for the inconvenience. Can you tell me what operating system you are using and what other antivirus software you have installed?

    .We will consider giving users the option to leave the settings and exclusions when uninstalling WVSX in the future.

    .We have no problem typing blank characters here, is it related to the input method you are using?

    .When the firewall pops up, it shows the IP address , port and country the program is trying to connect to, what do you mean by needing to show the IP or URL?
     
  19. WiseVector

    WiseVector Registered Member

    Joined:
    Aug 16, 2020
    Posts:
    482
    Location:
    China
    That's because the Explorer.exe or dllhost.exe keeps trying to create the new file or folder after it has been blocked, and the notification will show up after each block.
    If you think there are too many prompts, you can check "Disable event notifications" in the notification window, then click OK.
     
  20. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    9,715
    Location:
    U.S.A. (South)
    @WiseVector- Grateful for your expert response/explanation. Am certain this is only challenge expected. The files selection for preference as rules increase for those will be simpler. Wonderful Support and Fantastic new features! :)
     
  21. WiseVector

    WiseVector Registered Member

    Joined:
    Aug 16, 2020
    Posts:
    482
    Location:
    China
    Hi Hiltihome,

    According your forum signature, you are using WIN10-20H2, Windows-Defender+ ConfigureDefender, right?

    How do you set up ConfigureDefender?

    We will create the same environment to test, thanks.
     
  22. apm

    apm Registered Member

    Joined:
    Mar 15, 2006
    Posts:
    164
  23. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    4,966
    Trying to re-install v3.0 beta, but I get this. So, I aborted. Not having much luck!

    WiseVector_v3.00 install_14.JPG
     
  24. WiseVector

    WiseVector Registered Member

    Joined:
    Aug 16, 2020
    Posts:
    482
    Location:
    China
    Hi apm,

    Thanks for your feedback. This is a known issue, when the internet speed is high, the CPU consumption will increase, we will fix this issue in the next version.
     
  25. WiseVector

    WiseVector Registered Member

    Joined:
    Aug 16, 2020
    Posts:
    482
    Location:
    China
    Hi Tarnak,

    It seems that some other security software prevented the installer from writing files in the temporary directory. Please try to quit other security software or use some junk files cleaner to clean up the temporary directory.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.