New Update Huorong Internet Security (Updates)

Der.Reisende

Level 45
Honorary Member
Top Poster
Content Creator
Malware Hunter
Dec 27, 2014
3,423
How is this compared with wisevector at this point for protection ,detection ,performance? Thks
Protection:
Requires heavy tweaking IMHO.
With Network Control on (=outbound Firewall), custom HIPS (those shared by @Jerry.Lin here) & some against #Netwalker, you should be good to go.
Detection wise, it doesn‘t even stand a chance against WV.
Gets signatures once a day, no cloud.
At least it is light on my machine (no data available yet, as I‘m on my phone).
 

Der.Reisende

Level 45
Honorary Member
Top Poster
Content Creator
Malware Hunter
Dec 27, 2014
3,423
how to turn it off?
It has a password
Which password?
By default, it doesn't.
It will ask you if you really want to exit, but that's all.

Screenshot 2020-10-10 102849.pngScreenshot 2020-10-10 103121.png
 

Der.Reisende

Level 45
Honorary Member
Top Poster
Content Creator
Malware Hunter
Dec 27, 2014
3,423
Next minor upgrade to 5.0.53.2 (no changelog yet) was available today (14/10/2020).
Apart from the usual daily defintion files, it also upgraded NetDiagnosis tool, HIPS, BB, some other internal stuff and the scan library (libvxf.dat).
Upgrade either via official download (see previous posts) or per in-app upgrade (right click on task bar icon, choose "Update" button).
 

Der.Reisende

Level 45
Honorary Member
Top Poster
Content Creator
Malware Hunter
Dec 27, 2014
3,423
Huge upgrade today (to 5.0.54.0), requires reboot:

Dear Tinder users:


Hello! Thank you for using Tinder Security 5.0.

Following is today's update:
New requirements:
1. Increase support for CVE-2020-1472 for interception of network intrusion and interception of external attacks.
2. When the file shredding tool adds all the files under the system root directory (Windows, System32), it will pop up a prompt and cannot shred.
3. When adding rules for custom protection, you can judge the manually entered path of the protected object and jump to the entered path.
4. Files in the quarantine area will not be scanned by other security software and reported to be poisoned.
5. The prompt pop-up window for program execution control and U disk use control click on the details to display the security log interface.
6. The security tools "Vulnerability Repair", "System Repair", "Junk Cleanup", and "Disconnected Network Repair" support Enter keyboard operation.
7. Added the function of displaying the repair progress in the bug fix tray.
8. The client uploads the pop-up window to intercept log data.

Program optimization:
1. Optimize the prompt text of the prompt pop-up window for online time control.
2. Optimize the prompt text of the pop-up window when installing on a computer that does not support the CPU.
3. Optimize the interception method of pop-up interception during manual interception.

Program defect repair:
1. Fix the problem that some IE extension items cannot be detected by the startup item function of Tinder Sword.
2. When using WPS to open a document containing a macro virus, real-time file monitoring failed to process the macro virus in the document.
3. Fix the problem that the traffic monitoring widget cannot limit the system process speed.
4. Fix the problem of occasional security service abnormalities when you right-click the tray to exit Tinder, and then open Tinder again.
5. Fix the problem that the folder containing illegal file names cannot be shredded when dragging to the file shredding interface.
6. Fix the problem that garbage cleaning cannot scan all QQ group pictures.
7. Repair the problem that Tinder quickly scans the boot area after the MBR is modified.
8. Fix the problem that when the ransomware trap file is occupied, the original ransomware trap folder will not be deleted and a new ransomware trap folder will be created when the ransomware trap function is turned off again.
9. Fix the problem that the boot sector virus cannot handle.
10. Fix some functions of rules that can be set and managed (such as custom protection). If the content of the rule is too long, the scroll bar cannot be scrolled.
11. Fix the problem that the text in the prompt box is displayed incorrectly when the flow monitoring ends the Tinder process.
12. Fix the problem of incorrect translation of some prompt texts when selecting traditional Chinese as the language.
13. Fix the network speed limit of the traffic monitoring-speed limit program. After entering the value of the custom network speed twice in a row and then selecting the value provided in the drop-down box, there will be a problem that the value provided in the drop-down box is not reflected in the text box.
14. When the system language is English, the prompt text of Tinder Sword to delete files is displayed incorrectly.
15. Fix the problem that the rubbish cleanup cannot scan the rubbish of the Dev version of Chrome browser.
16. When the system user name is Chinese, if the path displayed in the system repair security log record contains the system user name, the system user name will display garbled characters.
17. Fix the problem that the cache items of virus scheduled tasks cannot be cleared.
18. The browser protection setting interface locks the browser homepage. When you click the drop-down box arrow to display the options, pressing the Esc key will cause the setting interface to crash and exit.
19. Fix the problem that the rubbish cleaner cannot scan the rubbish of Xiaozhi dual-core browser.
20. Fix the problem that the interface language is not synchronized in real time after changing the display language when the quarantine zone, trust zone, and check update interface are opened.
21. Fix the problem that the program cannot run after dealing with the infected virus.
22. Fix the problem that the export registry file of Tinder Sword is displayed as 0KB.
23. Fix the problem that the disconnection repair tool cannot repair successfully when all accounts currently logged in to the Hosts file permission are denied.
24. Repair the problem that the scan prompts abnormal and cannot be repaired when the network is disconnected when the properties of the hosts file is read-only.
25. Fix the problem that there is no pop-up prompt when the disk space of the specified installation directory for Tinder installation is less than 50MB.

With your help, Tinder is improving every day, thank you for your support!

Tinder operation team

October 19, 2020

Source: 5.0.54.0版本升级公告【10月19日】 - 火绒产品公告 - 火绒安全软件

I will provide further logs after reboot, I've seen Firewall upgrades etc. mentioned.
Files updated:
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\BugReport.exe
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\usysdiag.dll
2020-10-19 19:38:05 C:\WINDOWS\System32\drivers\hrfwdrv.sys
2020-10-19 19:38:05 C:\WINDOWS\System32\drivers\hrwfpdrv.sys
2020-10-19 19:38:05 C:\WINDOWS\System32\drivers\sysdiag.sys
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\scenter.dll
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\libxscore.bundle
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\libxsse.dll
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\uactmon.dll
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\upgrade.dll
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\hrcomm.dll
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\HipsDB.dll
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\HipsLog.exe
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\HipsMain.exe
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\HipsTray.exe
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\HipsDaemon.exe
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\HRUpdate.exe
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\HRConfig.exe
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\NetFlow.exe
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\main.ui
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\log.ui
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\popup.ui
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\hrconfig.ui
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\netflow.ui
2020-10-19 19:38:05 C:\ProgramData\Huorong\Sysdiag\db\posttreat.db
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\NetDiag.ui
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\NetDiag.exe
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\HRSword.exe
2020-10-19 19:38:05 C:\ProgramData\Huorong\Sysdiag\db\sysclean.db
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\sysclean.ui
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\sysclean.exe
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\FileShred.exe
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\popblock.ui
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\PopBlkEng.dll
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\PopBlock.exe
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\leakrepair.ui
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\repaireng.dll
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\leakrepair.exe
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\SysDiag.ui
2020-10-19 19:38:05 C:\Program Files (x86)\Huorong\Sysdiag\bin\SysDiag.exe
2020-10-19 19:38:08 C:\Program Files (x86)\Huorong\Sysdiag\bin\libvxf.dat
2020-10-19 19:38:08 C:\ProgramData\Huorong\Sysdiag\virdb\prop.db
2020-10-19 19:38:08 C:\ProgramData\Huorong\Sysdiag\virdb\pset.db
2020-10-19 19:38:08 C:\ProgramData\Huorong\Sysdiag\virdb\troj.db
2020-10-19 19:38:08 C:\ProgramData\Huorong\Sysdiag\db\malurl.db
2020-10-19 19:38:08 C:\ProgramData\Huorong\Sysdiag\db\popblk.db
 
Last edited:

Der.Reisende

Level 45
Honorary Member
Top Poster
Content Creator
Malware Hunter
Dec 27, 2014
3,423
Next (minor?) upgrade to 5.0.54.1 (no changelog yet) was available today (21/10/2020).
Apart from the usual daily defintion files, it also upgraded BB, HIPS, Main Program and Virtual Sandbox.
Screenshot 2020-10-21 154128.pngScreenshot 2020-10-21 154113.png
Upgrade either via official download (see previous posts) or per in-app upgrade (right click on task bar icon, choose "Update" button).
 
Last edited:

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
Thinking of installing WiseVector StopX with Huorong IS together? Can both work without issue or need to whitelist some components in order for both to work harmoniously?

If both can work harmoniously can WD be disabled or need to keep it?

Thanks
 

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
You should add both to their own respective exclusions.
So what are the exclusions needed for both to work peacefully?

Will WD be automatically disabled if install Huorong IS? If not then should I disable WD if have Huorong IS + WiseVector StopX? Oh that includes Windows default FW too!

Just changed my MS SP4 battery, updated to 20H2, and now have an extra tablet to want to try out the above combo.
 
Last edited:
  • Like
Reactions: Nevi and roger_m

EndangeredPootis

Level 10
Verified
Well-known
Sep 8, 2019
461
So what are the exclusions needed for both to work peacefully?

Will WD be automatically disabled if install Huorong IS? If not then should I disable WD if have Huorong IS + WiseVector StopX? Oh that includes Windows default FW too!

Just changed my MS SP4 battery, updated to 20H2, and now have an extra tablet to want to try out the above combo.
You exclude all the folders that belong to them, and im unsure if WD will be disabled, I dont think it will be, so ill recommend using DefenderControl to disable it, and the inbuilt firewall works with any other antivirus/firewall as they use it to create rules.
 

Der.Reisende

Level 45
Honorary Member
Top Poster
Content Creator
Malware Hunter
Dec 27, 2014
3,423
Is Huorong still a thing? Just saw a video on Youtube and noticed that nobody is really talking about it here anymore.
At the current state, don‘t waste your time.
Ransomware cuts trough like a hot knife does with butter.
Signatures are yet not at the level a decent product offers.
HIPS can be tweaked to prevent outbounds (requires a lot of user interaction, might lead to allow everything getting bored by alerts), and to prevent most AutoRuns, but especially when your data is trashed, this doesn‘t help a lot.
(Time of testing: Yesterday, same pack as mentioned below).
Also don’t waste your time with Tencent PC Manager. It didn‘t trigger a single BB alert running the latest Ransomware samples from the HUB against.
 

Kongo

Level 35
Verified
Top Poster
Well-known
Feb 25, 2017
2,480
At the current state, don‘t waste your time.
Ransomware cuts trough like a hot knife does with butter.
Signatures are yet not at the level a decent product offers.
HIPS can be tweaked to prevent outbounds (requires a lot of user interaction, might lead to allow everything getting bored by alerts), and to prevent most AutoRuns, but especially when your data is trashed, this doesn‘t help a lot.
(Time of testing: Yesterday, same pack as mentioned below).
Also don’t waste your time with Tencent PC Manager. It didn‘t trigger a single BB alert running the latest Ransomware samples from the HUB against.
Alright, thanks for the info. Is Tencent PC Manager even still getting updates? When I tested it like a year ago the behaviour module was quite decent. Not the best, but not bad after all. :confused:
 
  • Like
Reactions: Nevi and roger_m

Der.Reisende

Level 45
Honorary Member
Top Poster
Content Creator
Malware Hunter
Dec 27, 2014
3,423
Alright, thanks for the info. Is Tencent PC Manager even still getting updates? When I tested it like a year ago the behaviour module was quite decent. Not the best, but not bad after all. :confused:
Sorry for the late reply.
Cannot remember the latest version no., but I think they didn't update it in a while.
I strongly believe their BB is cloud connected, it might have issues with my VPN (F-Secure FreeDome, region Germany). I wonder why reaching Huorong webpage works fine though.
Updating the Bitdefender signatures however works fine.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top