- Apr 13, 2013
- 3,224
Just a few points regarding QTS. Note also that although a new build was released after this video was recorded nothing that I highlight would have changed.
Qihoo Total Security- Random Musings
- Thread starter cruelsister
- Start date
It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
- May 1, 2015
- 314
Qihoo is one of the best free av (sometimes better than payware) but the boot protection is cannot protect against crypto like in your video, I think, it will be good, to send this video over the Qihoo employees.
Overall - thanks!
Overall - thanks!
Very interesting video. I would like to see Avast against this tesla file.
Qihoo+CF rock solid
Thanks for the video always good points!
Thanks for the video always good points!
Last edited:
Thank you for the video @cruelsister, very interesting
Which AV did protect from getting infected after startup?
I guess HMP.Alert will stop the infection (I know I asked it before)?
Which AV did protect from getting infected after startup?
I guess HMP.Alert will stop the infection (I know I asked it before)?
- Jan 22, 2014
- 577
- Apr 13, 2013
- 3,224
Guys- I'm planning to do videos about how other freeware (and some paid) products are effected by that particular malware. Probably will have to wait until after the Holidays, but I assure you it will be coming,
RmG- not really overrated. Qihoo has some really good points and is pretty efficient in what it does. I am certainly no fan of any AV, but I kind of like Q.
RmG- not really overrated. Qihoo has some really good points and is pretty efficient in what it does. I am certainly no fan of any AV, but I kind of like Q.
- Jan 22, 2014
- 577
The engine use old technics, their implementation of BD and avira is useless, the "essential" version have slow update ring, and non "essential" is bloated.
Bloated - agree in parts. A typical Internet Security Suite with the bonus cleaning tools (compare it to Avast, Bitdefender, Kaspersky and other suites).
It replaced additional tools like CCleaner for me...
Qihoo's signatures a pretty strong to my experiene. Have activated both BD + Avira, as it does not affect memory noticeable at my machines, and offers offline protection (seldom offline though). Cannot tell whether the engine is outdated.
Used Essentials for more than one year, but replaced it now with the "bloated" 360 TS, because of the faster update rig (they fixed problems of the old version within a week, so did they with some German translations).
Compared to KIS, BD IS and Avast Pro it really does a great job for me and is free. Most important point for me is that they react to new Windows Versions very fast, concerning compatibility. Had a massive issue with KIS 2015 there... BD IS was replaced two years ago, cannot tell about that (very bloated too). Avast Pro was quite ressource hungry on high sec settings, so I didn't renew the licence
Never had contact to other customer services but Qihoo (KIS + BD had their issues, but I used Internet to fix that), but I think, they do a great job (regarding SUD and technical issues) and reply fast. That might be the point I prefer personal contact.
- Sep 12, 2015
- 617
Does anybody see that Santa Claus Malware application? Does this mean this year he will robbing us instead of giving us good?!
- Mar 19, 2015
- 217
Again, thank you for sharing your video on Qihoo Total Security. Total appreciate all the video's that you have taken time to do!
> Malwarebtyes and vb scripts. Time to look for a replacement!!!
> SFX Archive via 7zip and Flase Positives.
> Custom scanning
> Sandbox
> Removal of the Tesla/Malware are being infect??? > Could you show?
> Qihoo at startup missing Tesla/Malware.
> Boot Protection against Ransomware.
> And would CryptoPrevent have stop the above at startup?
And could you tell us more about this Santa malware that you coded
and is totally undetectable by any AV products?
Waiting on a review of WinAntiRansom by WinPatrol?
Love your video's, keep me coming please!
Kind regards,
> Malwarebtyes and vb scripts. Time to look for a replacement!!!
> SFX Archive via 7zip and Flase Positives.
> Custom scanning
> Sandbox
> Removal of the Tesla/Malware are being infect??? > Could you show?
> Qihoo at startup missing Tesla/Malware.
> Boot Protection against Ransomware.
> And would CryptoPrevent have stop the above at startup?
And could you tell us more about this Santa malware that you coded
and is totally undetectable by any AV products?
Waiting on a review of WinAntiRansom by WinPatrol?
Love your video's, keep me coming please!
Kind regards,
Last edited:
- Apr 13, 2013
- 3,224
Moose- Excellent points:
1). You are correct about Malwarebytes (and the same issue can be seen with HMP); both a horrible against worms in general and scriptors in particular. I’ve been harping on this topic numerous times in my videos and I’m still waiting for users to be outraged.
2). The lack of network protection is typical of sandboxes that are just thrown on to security products. Much better off using a more refined product like Comodo or Sandboxie.
3). About Tesla- this particular variant doesn’t restart after doing the damage to your files, so no removal is needed. And as there is no private key generated locally the encrypted files can’t be recovered.
4). CryptoPrevent would have stopped the files from getting trashed. Policies would be in place to protect. But note well that something like CryptoFortress would still have encrypted files in other directories beside those in the Documents folder. And of course my POC encryptor would get past everything (thinking about a paper on this).
5). I’ll be doing a few videos on boot protection for other AV’s in January.
6). Still eagerly anticipating WinAntiRansom to come out of Beta prior to testing (only fair).
7). I’ll have to keep how the Santa malware worked to myself except to say that as Qihoo has a Startup alert module it was more difficult than anticipated. Things like Avast or Avira are much easier.
Also quite a while ago I coded a really simple malware file and a few weeks later this showed up:
Malware scan of cruelsister's rootkit analyzer.exe 5c98edd4976fd3208cf333fad68c8d9af12c80fa - herdProtect
Really embarrassing!
M
1). You are correct about Malwarebytes (and the same issue can be seen with HMP); both a horrible against worms in general and scriptors in particular. I’ve been harping on this topic numerous times in my videos and I’m still waiting for users to be outraged.
2). The lack of network protection is typical of sandboxes that are just thrown on to security products. Much better off using a more refined product like Comodo or Sandboxie.
3). About Tesla- this particular variant doesn’t restart after doing the damage to your files, so no removal is needed. And as there is no private key generated locally the encrypted files can’t be recovered.
4). CryptoPrevent would have stopped the files from getting trashed. Policies would be in place to protect. But note well that something like CryptoFortress would still have encrypted files in other directories beside those in the Documents folder. And of course my POC encryptor would get past everything (thinking about a paper on this).
5). I’ll be doing a few videos on boot protection for other AV’s in January.
6). Still eagerly anticipating WinAntiRansom to come out of Beta prior to testing (only fair).
7). I’ll have to keep how the Santa malware worked to myself except to say that as Qihoo has a Startup alert module it was more difficult than anticipated. Things like Avast or Avira are much easier.
Also quite a while ago I coded a really simple malware file and a few weeks later this showed up:
Malware scan of cruelsister's rootkit analyzer.exe 5c98edd4976fd3208cf333fad68c8d9af12c80fa - herdProtect
Really embarrassing!
M
- Dec 5, 2015
- 202
Hi sorry to thread hijack but it appears that WinAntiRansom came out today, or so the newsletter from Ruiware that just arrived informs me! Would love to see your take on it now that it's 'done'.
I copy/pasted their announcement in the post WinAntiRansom Released (beta is over)
Been looking for a replacement for Malwarebtye Anti-Malware anybody know anything about this
Secure Hunter Anti-Malware? Link below:
Secure Hunter Free Anti-Malware Internet Security Products
Looking forward to your comments!
Secure Hunter Anti-Malware? Link below:
Secure Hunter Free Anti-Malware Internet Security Products
Looking forward to your comments!
- Apr 13, 2013
- 3,224
Michael- Don't even consider Secure Hunter! It is a horror. An excellent replacement for MB (as a second opinion scanner) would be the free version of Zemana:
Zemana AntiLogger - The #1 Privacy Protection Software
Zemana AntiLogger - The #1 Privacy Protection Software
- Mar 15, 2011
- 13,070
We should not surprise that licensing an engine contains purely signatures/generic detection at all, everything are set to maintain the database and continuously improve the detection capabilities.
Actually Qihoo's component like Sandbox can be use clearly as reference based on their detection cause it defeat the overall purpose on relying multi-engine even cloud implemented.
Actually Qihoo's component like Sandbox can be use clearly as reference based on their detection cause it defeat the overall purpose on relying multi-engine even cloud implemented.
So far my replacement for Malwarebtyes Anti-Malware are as following:
> Zemanan AntiMalware PREMIUM
> Portable Emergency Emsisoft Kit
> WinPatrol
> WinAntiPansom Plus+
Appreciate the head up on Secure Hunter, never heard of the software until yesterday.
That is why, I posted yesterday!
Happy Holiday's!
> Zemanan AntiMalware PREMIUM
> Portable Emergency Emsisoft Kit
> WinPatrol
> WinAntiPansom Plus+
Appreciate the head up on Secure Hunter, never heard of the software until yesterday.
That is why, I posted yesterday!
Happy Holiday's!
Last edited:
- Mar 19, 2015
- 217
I've been working in this filed since 2008 and believe me I know what I'm saying.Been looking for a replacement for Malwarebtye Anti-Malware anybody know anything about this
Secure Hunter Anti-Malware? Link below:
Secure Hunter Free Anti-Malware Internet Security Products
Looking forward to your comments!
Cleaners that I used and trust.
msert.exe , MBAM , combofix. in most cases the first 2 will do the job. Most of the time Microsoft will have a signature for most malware and remove it.
Other advanced method
Eset boot cd
Kaspersky boot cd.
ZAM seems to be a good program I did not use it yet
Similar threads
