App Review Qihoo Total Security against Revenge Ransomware

[cruelsister]

No idea. I haven't been in the Vault for quite a while so can't speak for any tests done there, and quite frankly I wasn't expecting what I saw. My test was done with version 9 of Qihoo (QSE is still on version 8) and one can see from the Logs that some sort of native file protection is in place; also, there isn't any anti-ransomware protection checkbox in settings so perhaps this is new coding.

But as I suggest AV's be only used as an adjunct to CF, which laughs at ransomware, it really isn't an issue.

 

[_CyberGhosT_]

No idea. I haven't been in the Vault for quite a while so can't speak for any tests done there, and quite frankly I wasn't expecting what I saw. My test was done with version 9 of Qihoo (QSE is still on version 8) and one can see from the Logs that some sort of native file protection is in place; also, there isn't any anti-ransomware protection checkbox in settings so perhaps this is new coding.

But as I suggest AV's be only used as an adjunct to CF, which laughs at ransomware, it really isn't an issue.

Ok, Thanks Sis

 

[RoboMan]

What i can't understand is how in https://malwaretips.com/forums/malware-vault-samples they show 360 fail to protect against ransomware
most of the time but in your reviews it's solid. This got my brain mash right up. Can i please have more input form you on the topic of ransomware and 360.

For the simple reason that not all ransomware behave the same. A few ransomware files and a few tests are not enough reason to say X product fails against ransomware or is the best against it. We've come to the debate lots of time wether malware testing is efficient or not, and there are lots, literally thousand of steps to be made to make a test kind-of-perfect. That's why it is advised to take all tests as a grain of salt, because every malware behaves different on every system, and every malware evolves and gets updated. It may be a matter of days until the developers of this malware get rid of Qihoo's protection and bypass it. Tests are great guides but they should not be 100% relied on.

 

[Faybert]

I will gladly answer every point raised in that article:

1. Every country monitors foreign and domestic internet usage. If this is a barrier then the author of the article shouldn't use the internet.
2. Accusations mean nothing if proof isn't provided. Every levy against Qihoo has all be accusations with no proof to back it up.
3. The Bitdefender engine is the most widely used engine in the industry. Both Emsisoft and G-Data use it along with *many* other vendors.
4. The cheating is old news. Yes, Qihoo was at fault and was rightly punished. I also lay the blame partly on the testing organisations; they should have to download the program from the vendors' site like everyone who follows their testing has to. Being supplied with a version from the vendor directly opens said testing organisations up to that kind of abuse.
5. Every government imposes restrictions on what software is allowed to run on their systems.
6. "Much better" is subjective. Nothing's going to provide 100% protection.
7. If a user doesn't like their privacy policy then no one's forcing them to install said software.

I use Qihoo myself and I've never had a problem with it beyond the occasional false positive and a few false HIPS alerts. As far as I can see, those who distrust Qihoo do so because it's Chinese software and that attitude kind of makes me sick. I wouldn't instinctively distrust a person hailing from China so why should I distrust a Chinese company without a reason to do so?

Good thing it's not giving problems, but I think it's really lucky, just look at the tests right here on the Malware Hub, almost every test with it always the system gets infected.

 

[Arequire]

Good thing it's not giving problems, but I think it's really lucky, just look at the tests right here on the Malware Hub, almost every test with it always the system gets infected.

Yeah I've seen. It's really weird and baffling how bad it does at times and then how well it does other times. Guess it could just be luck.
It's certainly not a perfect product by any means and I wouldn't touch the thing without enabling Bitdefender and Avira's signatures on it. Really don't trust its own cloud engine to catch too much.

 

[Andytay70]

Good or not, i wont be using Qihoo!
Was the test carried out using only their engine ?

 

[cruelsister]

Andy- all the engines were active. At the time of testing this particular sample was extremely fresh and undetected; the Engines used will be highlighted in the forthcoming QSE video which I completed shortly after this one.

Robo- this data protection is new for Qihoo; previously it would have failed against Revenge if it had no definitions for it. It was a surprising result (at least to me as there is nothing in the changelogs documenting it) and I felt interesting enough to publish.

 

[FrFc1908]

I am not having any problems with qihoo , just like some people before me stated before.....the majority of companies harvests your data , qihoo cleary states their data harvesting. it is good / light product imho. thanks again for the share sis.....keep 'em coming!

 

[cruelsister]

OK- I'm on a crusade now! I just received this morning a dozen samples from my old friends, all of which are less than 12 hours old and most of which are totally FUD. Even when I allow stuff like a dll drop or code injection I can't yet encrypt the God Damned Documents.

But a product that just got a 100% from AVC did not fair as well.

 

[Handsome Recluse]

I don't know why people care about data harvesting for privacy as is from countries not of your origin - one you can't just go there and conquer.
@cruelsister What could it be...

 

[cruelsister]

I could do a rather extensive rant about this, but would anyone care to hear it?

Anyway, off to the Killarney Rose for St Paddy's day. Pray for me...

 

[reboot]

I could do a rather extensive rant about this, but would anyone care to hear it?

Anyway, off to the Killarney Rose for St Paddy's day. Pray for me...

Please rant away and hopefully the praying wont be necessary.

 

[erreale]

I just received this morning a dozen samples from my old friends, all of which are less than 12 hours old and most of which are totally FUD.

You, young lady, are attending some bad companies.

 

[monkeylove]

I get the same message from 360 when I update firewall software, etc. Am I correct in assuming that it's not so much a matter of detecting and blocking malware as flagging software that tries to make certain changes to the system and asks the user for permission? If that is the case, then can't the same feature show up in various antivirus programs regardless of whether or not they can detect certain malware?

 

[monkeylove]

I forgot to add that I read somewhere that only a few antivirus companies will ensure protection of privacy for users, but I can't remember which ones.

 

[Deleted member 2913]

I get the same message from 360 when I update firewall software, etc. Am I correct in assuming that it's not so much a matter of detecting and blocking malware as flagging software that tries to make certain changes to the system and asks the user for permission? If that is the case, then can't the same feature show up in various antivirus programs regardless of whether or not they can detect certain malware?

Thats what it is............. It may be doing that based on some suspicious behavior but doesn't matter as users will get the same alerts for safe as well as malicious stuffs.
So Yes, its kinda not a protection but permission, especially for average users............"wants to do this/that.......if its unrecognized block or allow".....means othing for average users.