roger_m

Level 30
Verified
Content Creator
I just came across this antivirus. It uses multiple scan engines including Tencent's TAV Engine and uses both local and cloud signatures. The detection rate does not seem to be that good, but it can automatically upload suspicious files to the cloud for analysis.

Jingyun 1.png


Jingyun 2.png


Jingyun 3.png


Jingyun 4.png


Jingyun 5.png


Jingyun 6.png


Jingyun 7.png


Jingyun 8.png


Jingyun 9.png


Jingyun 9a.png


Jingyun 9b.png


Jingyun 9c.png


There is a download link in the second link below. Although the website says it is a trial version, it has been listed on Chinese download sites as being freeware and it does appear to be the full version with no limitations.


 

roger_m

Level 30
Verified
Content Creator
Right... How is it detection rate now? I'd tested it long ago and it's very poor...
It's still not that good. But, I'm only using it to test it, not as my main antivirus. As I mentioned in my first post, it submits suspicious samples to the cloud for analysis. In theory this should help with detection rates, once files have been analysed. However, it does not show a record of what files it uploads, unlike 360 TS or Comodo for example, so I have no idea what (if anything) get uploaded. With 360 TS for example, it shows what files it has uploaded and gives a verdict on them within 24 hours.

So far there have been no database updates, other than initial one after installing it. I scanned a folder containing malware this morning and there were 4 files detected, that were missed yesterday.

When I installed it yesterday and ran a quick scan, it detected a lot of malware in a folder of malware on my desktop. When I ran a context menu scan of the same folder removing all the threats, it found a few hundred more threats, that had been missed in the quick scan.

Edit: It has updated now. It looks like they only update their definitions once a day.
 

roger_m

Level 30
Verified
Content Creator
Jingyun's cloud analysis of unknown samples is working. When I installed this four days ago, I scanned a very large malware pack with it and the detection rate was not very good. I've been scanning the same malware collection every day, to see if they added detection for some of the unknown samples, as it uploads suspicious files to the cloud for analysis. This morning, another 963 threats were detected. I ran another scan just now and 3 more were detected. The threats were detected by Jingyun's cloud engine.

Even with the extra threats detected today, the detection rate is still not good. But it's good to see that they do add detection for some unknown threats, even if takes time.

The local signatures are updated just about every day.
 

Mahesh Sudula

Level 17
Verified
Just speculating here, but maybe it's using Baidu? Tried matching a signature detection on virustotal with ctrl+f and Baidu was the closest similarity.
Chinese vendors have similarities, and most importantly exchange of the samples might have taken place,, so similar close detection names.

Jinguyn, Baidu, Tencent, Qihoo, Rising, CMC.... So on...
 

roger_m

Level 30
Verified
Content Creator
I've had this installed on a test computer for a few months now. The cloud scanning is very unreliable. Sometimes when you run a scan, it fails to detect files that it had previously detected. However, they are still adding signatures for threats missed from a large malware pack that I scanned after I first installed it. More than 99% of the missed threats, that have later been detected, are detected by the cloud engine, rather than local signatures.

While it's not a very good antivirus, there are a few things which stand out. You can get it to prompt you when a threat is detected and let you choose what action to take. You can change the level of protection, to get better performance, or better protection, but less system performance. You can also change the scan priority, to choose between faster scan speeds, or slower scans, to reduce system performance less.

I wish all antiviruses would have such options. I despise auto quarantine.
 

roger_m

Level 30
Verified
Content Creator
After having not been updated for a few years, v4.0.1.1445 was released last month. It has more real-time protection modules, as you can see in the screenshot.

Jingyun 10.png


It no longer uses Tencent signatures, but still has the other scan engines and the detection rate from its own engines has improved. The ZAV scan engine has been renamed to V-Hunter. Sometimes (as with the previous version) it fails to download signature updates, but it still has up to date cloud protection.

Edit: This is the download link. http://u.v-secure.cn/client/jyprivate/2.4/JingyunSd_Setup_4.0.1.1445.exe
 
Last edited:

roger_m

Level 30
Verified
Content Creator
A new toy to play with and maybe less FP`s now that they`ve ditched Tencent ?
It still has minor issues with false positives. In general it is unreliable, I presume due to a poor connection to their servers. As a result sometimes when running a scan, some threats will be missed, but will be detected on subsequent scans. However one thing of note is that the cloud analysis of unknown threats is working. When I first installed it and scanned a very large malware pack, it only detected just over half the threats. Over time they have added signatures for the vast majority of the missed threats. As a result, over time the detection rate for the large malware pack has become similar to that of big name antiviruses. It's taken time, but they continue to add signatures for missed threats.
 
Top