12-Engine Free Quartet: 10-Engine Triple Chinese Antivirus Combo with COMODO IS

[Jaspion]

Anyone can read the whole thread, or just my posts, and understand what I'm getting at here, but I'll save people time and sum it up here myself (again): this trio is a combination of free antiviruses that achieve high detection rates, and which include 2 so far quite compatible "companion" AVs. I never discussed how protected one may be with this trio. I'm under no illusion that detection equals protection — we all know there is no such thing as 100% detection.

I also frequently read such publications as well as test out what I can, so I know which AVs have higher detection rates. Now in this combo you have Bitdefender within Qihu, plus its own 2 engines. Kaspersky is great, but I doubt it alone can reach even now, so many hours later, the 96.% that this combo reached in the latest, 734-sample pack I tested about one hour after release on this forum.

Again, this is one setup. One example of a setup. This is not necessarily a recommendation. To recommend a setup I would have to know more about the user and other details, similarly to what someone else stated here before. That's the only way to a good recommendation — for there is no universal solution, only possible solutions. The closest thing to a universal solution is knowledge, and that already implies a multitude of solutions.

 

[Moose]

This trio is a combination of free antiviruses that achieve high detection rates, and which include 2 so far quite compatible "companion" AVs!

Also,you could use Emsisoft Anti-malware on a USB Stick/Thumb Drive and check on a week. Also,have you found any combination with a higher detection. Than what you have been stating in your post?

 

[Jaspion]

Oh well, higher than this could be any combination of the highest scoring AVs, but we have to consider the feasibility of such combos. For something that can be used like this trio can, I have no idea right now, other than replacing Qihu with some other AV — Kaspersky could be a good choice, or ZoneAlarm with Antivirus (Kaspersky engine) instead of Qihu and Comodo. But then I haven't tested these combinations, I can't say if they would be compatible.

 

[Moose]

Let me know if you do test Kaspersky and ZoneAlarm? Kaspersky seem to have a lot problem with their 2014 software! ZoneAlarm, I just not sure about, period.

 

[Jaspion]

Ok, I'll let you know if I do. But I was thinking about it, and I think probably Comodo + Qihu is better than Kaspersky in detection rates.

 

[spywar]

About KingSoft kcloud engine :

I think it uses Kaspersky's engine..

https://www.virustotal.com/en/file/9b5591edbb72e5c762b1092509773f121b43b138eecd376790a0a9cc7d1e590b/analysis/1380019034/

Kaspersky Trojan.Win32.Llac.dleq
Kingsoft Win32.Troj.Llac.dl.(kcloud)

 

[Deleted member 178]

more seriously Jaspion , just take the one with highest detection, that is all. As i said detection is old technology to make people feel secure, once a virus is detected , it means YOU failed already

your hardware will thanks you will less AVs; more AVs in RT you have, heavier is the strain on the HDD, cpu, etc... also im sure your swap usage is quite high.

you can drink 3 sodas at same time, the one with more sugar will be felt.

 

[Jaspion]

Of course this combo is more resource-hungry than any one of them separate. The point is they don't interrupt my work, don't lock up the computer. Or haven't so far, if I experience any changes I'll post them here. I have changed my mind before; it doesn't depend on what I want, it depends on what's possible.

 

[Ink]

Technically 13 AVs, Kaspersky included?
http://forum.antivirus.baidu.com/bbs/topic/100460/1/

 

[Moose]

I have install your set-up with only couple changes.
I am not using Kingsoft Antivirus. Also, I am
using Comodo Firewall. With Malwarebtyes Anti-
Malware, under Protection Tab, I have to enable

> Enable filesystem protection
> Enable malicous website blocking

after the PC start up.

Replace Kingsoft Antivirus with Trojan Hunter.
Replace Comodo Antivirus with just the Comodo Firewall only.

Here is what I have below,

> Trojan Hunter
> 360 Internet Sercutiy 2013
> Malwarebtyes Anti-Malware
> Malwarebtyes Anti-Rootkit Beta
> Baidu Antivirus
> Comodo Firewall
> Hitman Pro

Any thoughts and/or suggestions?

 

[cruelsister]

Moose- Using Comodo Firewall instead of the full CIS with Qihoo is the way to go- you will still get the on demand Cloud protection without the system impact of the full AV. Also I would shut off the HIPS module of CF; it really adds nothing to Qihoo's Proactive except annoyance (note that Comodo's Behavior Blocker will still work as it is independent from the HIPS) module.

Finally I would set the sandbox level to Full V, if only because Qihoo's Proactive module is more robust when detecting virtualized malware.

Personally I wouldn't have anything else real time unless it could be proved that there will be a benefit. Sometimes More is actually Less.

 

[Moose]

I would make the chances after lunch time E.S.T. today! Thanks! cruelsister! Let me know if you think of anything else?

 

[Jaspion]

Why Fully Virtualized when you've seen it fail more often than Untrusted or Restricted?

 

[Moose]

Seem! To be working real well. Comodo's Behavior Blocker has quiet down now with Epic Browser! Back to normal!
Change the setting in Antivirus under Protection to high. Also, added Mullvad VPN to keep! My life private! Could you explain the Fully Virtulized in more detail, please? Pro's & Con's? Thanks!

 

[cruelsister]

Guess I didn't really post this yet, but as you point out the Full V setting did fail against Password Changers. But for whatever reason the Proactive module of Qihoo will actually alert when paired with CF and the sandbox setting is at Full V. The alert will not occur at Sandbox settings other than Full V (although as you already know the Limited, Restricted, and Untrusted are proof against this trojan).

So although settings other than Partially Limited are great, I'm happy to come back to Full V just for the sake of tidiness (no spawned daughters or other residua are ever left on the drive).

 

[Jaspion]

Ok, I just value protection over tidiness. For now I think FV isn't the safest option, you can't count on Qihu for proactive, sorry.

 

[cruelsister]

It is certainly valid to use Untrusted (I keep flip-flopping myself) instead. But the main point is that the combo is superb. With the Comodo HIPS module off (and I've seen no benefit with it on), it removes much of the popups for which many seem to object.

 

[BSOD]

"Do not use a cannon to kill a mosquito."
-- Confucius

 

[Deleted member 178]

Comodo HIPS is never off , what you means by CIS hips "off"; because if you disabled it from the HIPS setting it is dormant but still "on".

 

[cruelsister]

If the HIPS module is set to Disabled this will suppress any HIPS popups as well as allowing any processes that the Alerts would inform one about. I suppose that I should have used the correct term of Disabled instead of Off.

If you were actually referring to the Behavior Blocker alerts, then I agree as they will still be in effect.