Baidu launches official antivirus software with Kaspersky

[Ink]

Source: Baidu launches free PC maintenance, antivirus tool

Summary: The recent product launches put the Chinese search giant in direct competition with Qihoo 360, which currently dominates the free computer maintenance and antivirus software market in China.

On Tuesday, Baidu availed its antivirus software for download after running two months of public tests. The new product was jointly launched by the Chinese company and Kaspersky, where Baidu offers cloud computing support while Kaspersky maintains professional antivirus engine. The software will be offered free of charge permanently, according to Baidu.

Baidu Guard is touted to protect computers, using cloud-based security technology to remove Trojans, fix computer bugs, as well as provide simultaneous real-time protection and other useful functions including plug-in cleaning and IE repairing. These functions are identical to those provided by the existing security product by Qihoo 360.

Tensions between Baidu and Qihoo 360 escalated in August last year after the latter launched a search engine--the core business of Baidu, which currently dominates with over 80 percent of China's search market share, following the exit of Google.

Chinese: http://shadu.baidu.com
English: ???

 

[McLovin]

This shall be interesting. Competition, is always good. Keeps companies honest.

 

[tapoo]

does that mean, Baidu now use Kaspersky engine instead of Avira engine??

kaspersky engine only for chinese version, or for english also??
.

http://en.wikipedia.org/wiki/Baidu#Baidu_Antivirus

but i read somewhere that Baidu is using Avira engine, and they even had avira logo in their main window...

http://antivirus.baidu.com/th/about.php

 

[Ink]

Looks like Chinese versions are always different to the English versions.

 

[MrXidus]

English version can be found here : http://antivirus.baidu.com/en/

As for its engine detecting regarding Avira and Kaspersky.

See this post showing it using Kaspersky signatures back in February.

 

[MalwareVirus]

Baidu uses Avira engin in past & now Kaspersky.
But the question is "Is it really perform like avira or Kaspersky":huh:

 

[Littlebits]

According the the images on the Chinese website compared to their English website it appears that only the Chinese version is using Kaspersky, the English version is still using Avira.

Notice the Avira umbrella logo?

Notice the Kaspersky "K" logo?

They are both completely different products.

Thanks.

 

[MrXidus]

According the the images on the Chinese website compared to their English website it appears that only the Chinese version is using Kaspersky, the English version is still using Avira.

http://antivirus.baidu.com/static/img/index/prod.jpg

Notice the Avira umbrella logo?

http://uu1sw.baidu.com/shadu/image/2013-06-18/1371529910.png

Notice the Kaspersky "K" logo?

They are both completely different products.

Thanks.

Would you be able to explain this and a further test I just did. Screenshots below with the latest version.

VirusTotal link for the file I scanned.

:s

 

[Littlebits]

@MrXidus

Maybe their are using Kaspersky in their cloud engine and have Avira engine for real-time. Maybe that is why Avira's real-time engine is disabled by default.

Maybe their cloud engine would detect malware before the real-time engine?

Did you try the same experiment with Avira's real-time disabled?

I wished they would be more clear on details.

Thanks.

 

[woomera]

this is turning into a fascinating product :evil:

 

[tapoo]

@MrXidus......
@Littlebits.....

after watching the screenshots, now its very confusing for me.....

@MrXidus, can you please test Baidu once again with "Avira real-time Protection" disabled??

carefully notice screenshots of Chinese version and English version....
in Chinese version "Antivirus Engine" has 4 , but in english version it has 3 engines, only 2 engines are common.....
Thanx

 

[MrXidus]

I tried with the Avira real-time engine turned off and it gives me the same result.

I tried 2 other things, with Avira real-time protection turned on I went ahead and moved the malware around the computer by copying, pasting, and Baidu doesn't give me any real-time alerts.
I also tried with Avira real-time turned off and copied, moved around the malware just fine. No alerts from Baidu nor any active cloud.

A mystery product indeed.

 

[MrXidus]

I wanted to set off the real-time so I tried something else, I uploaded a malicious file to a filehost (which is now deleted of course) then downloaded the malicious file.

It did set off an alert from Baidu.

That is with the Avira real-time engine enabled.

I then disabled the engine made sure to click OK and re-downloaded the malicious file again.

I got the same alert popup.

Since the alert popups do not give you the name of the threat I went to the Quarantine window and as you can see both contain the same Kaspersky threat prefix.

So it seems the real-time protection works for internet downloads but not within Windows Explorer itself.

:s

 

[igih]

MrXidus:

That is interesting. Could you set Protection Mode in Real-time protection menu from Standard to Strict and try again if it doesn't change anything? That would mean some restrictions for on-access scanning in order to have lower impact on the system.

If it doesn't, another explanation could be (from their site):

"Baidu Antivirus combines the Baidu Antivirus Engine and Baidu Cloud Security Engine" (appears to be Kaspersky or part of its definitions in the cloud) "and Avira Antivirus engine to provide you with complete protection against all threats."
"Intelligently auto choose different engines".

How does it choose them? Could it be that:

You tried on-demand scan - it chose cloud.
You downloaded file - it chose cloud.
You manipulated with file on-access - it chose Baidu local engine that doesn't detect it.

 

[tapoo]

that's STRANGE..... it has donwload protection, but don't has copy-paste protection !!!!!
then what type of REALTIME protection it provides !!!!! :huh: :huh:

another thing is that, no difference with Avira Engine ON, and malware name showing is of Kaspersky !!!

Stange things happening here

 

[Littlebits]

@MrXidus

I believe the Kaspersky support is in their cloud and only offers download protection and active malware protection much like the cloud-base download protection in ZoneAlarm Free Firewall.

That would explain why malware is not detected in Windows Explorer.
But if you actually ran the malware the active protection should block it.

I don't think the cloud protection can be disabled in Baidu, therefore it would be impossible to test this theory.

I have tested Panda Cloud and Immunnet before and found a lot of malware was not detected while setting dormant in your hard drive or on USB devices.

You had to actually run them before they were detected. I guess that is how all cloud-base AV's work.

However running an on-demand scan should detect the dormant malicious files. Most cloud-base AV's run an on-demand scan by default when you install them.

Thanks.