Qihoo360 is Ranked No.1 in Software Industry for Vulnerability Detection and Protection Capacity

[ForgottenSeer 19494]

I guess it should detect it at least because it has the Bitdefender and Avira engines and they both detect it.

 

[Malware1]

Is this sample in question harmless for any system? Is it not malware? Is it FP?

Is the sample in question still active? Isn't it old?

I guess it should detect it at least because it has the Bitdefender and Avira engines and they both detect it.

Are you scanning it with 'exe' extension?

 

[ForgottenSeer 19494]

So does Qihoo have all of the definitions of Bitdefender and Avira or just parts of them? I cannot understand why Avira and Bitdefender detect this file and Qihoo, which USES THEIR ENGINES AND DEFINITIONS, does not.

 

[Malware1]

So does Qihoo have all of the definitions of Bitdefender and Avira or just parts of them? I cannot understand why Avira and Bitdefender detect this file and Qihoo, which USES THEIR ENGINES AND DEFINITIONS, does not.

I'm asking again:

Are you scanning it with 'exe' extension?

 

[ForgottenSeer 19494]

Yes, i am.

 

[Malware1]

Yes, i am.

Please send it to kefu@360.cn, maybe they'll add it.

 

[ForgottenSeer 19494]

Already done this, but don't you think that it is strange? I mean, both Bitdefender and Avira should have this generic signatures from months, if not years. Why Qihoo doesn't have them today?

 

[Jaspion]

If it's old, it doesn't mean it's harmless. And the lack of detection from Qihoo would suggest it uses not the full databases of Avira and Bitdefender.

 

[ForgottenSeer 19494]

LOL, i guess they just added detection.

going to reupload to Virus Total

 

[ForgottenSeer 19494]

One time i trusted them and they crashed my PC with their so called "patches". Now i trusted them again and they FAILED. Now the stupid Qihoo can think about why there won't be 3rd time. Hope after 4 more years their brains will understand. Good to know that i still have a valid key for Bitdefender Internet Security. Hopefully Comodo Firewall's Viruscope detected NetWorm.Win32.Kido.A

 

[Koroke San]

Don't u think if X AV detected a virus then Y AV will detect it too.

 

[ForgottenSeer 19494]

Yes, i do. Because it SHOULD have the same engine and definitions but it seems that it doesn't has all of the definitions. #BigFail for Qihoo!

 

[Terry Ganzi]

BY CRUELSISTER;

A few comments for Qihoo fans:

1). The last 4 digits in the build number of 360TS is just indicative of the database and does not mean that anything was added/changed to the application itself.
2). The issue with the Proactive module in TS still exists. Undetected malware will be allowed to autostart without a peep from 360TS. This is a VERY bad thing. 360IS will in most cases prevent autostart of malware.
3). The Proactive module of TS will also miss some important system changes done by malware, such as the replacement of something like notepad.exe with a malicious version (not a good thing for notepad to automatically connect to Algeria). 360IS is aware of such changes.
4). Both 360TS and 360IS will miss simple script malware. Both will allow the autostart of and transmission by malware using wscript.exe. This is not so much a Qihoo issue as just about everything else will be fooled by this.

Suggestions:

Bad- Using 360TS alone
Better- Using 360IS alone
Best- Either of the above with CF (HIPS off, Sandbox at Full V, Firewall at Safe).

 

[conceptualclarity]

Both 360TS and 360IS will miss simple script malware. Both will allow the autostart of and transmission by malware using wscript.exe. This is not so much a Qihoo issue as just about everything else will be fooled by this.

What does protect against transmission by malware using wscript.exe?

I know of a program called something like RegRun Reanimator that's supposed to specialize in detecting autostart malware.

Best- Either of the above with CF (HIPS off, Sandbox at Full V, Firewall at Safe).

Comodo Firewall, I presume.What about Private Firewall? One of my best computer-savvy friends has tried Comodo and prefers Private. Both score very high in the testing I've seen.

 

[Koroke San]

4). Both 360TS and 360IS will miss simple script malware. Both will allow the autostart of and transmission by malware using wscript.exe.

I guess HIPS are able to block wscript.exe? thnx

 

[Littlebits]

I guess HIPS are able to block wscript.exe? thnx

So will UAC if you "Deny" when prompted.

Enjoy!!

 

[WinXPert]

What does protect against transmission by malware using wscript.exe?

Disable autorun
Immunize all drives
Temporarily block wscript.exe via gpedit
Password protect wscript.exe

anyway vbs worms are the easiest to disable

...does not detect a 4 year old Downadup? https://www.virustotal.com/bg/file/...a65c6012e4b926fed5792c66f1c4baccaa3/analysis/ I can send you the sample if you want.

I'm interested with that sample, can you send me one. TIA

 

[Blackhawk]

One time i trusted them and they crashed my PC with their so called "patches". Now i trusted them again and they FAILED. Now the stupid Qihoo can think about why there won't be 3rd time. Hope after 4 more years their brains will understand. Good to know that i still have a valid key for Bitdefender Internet Security. Hopefully Comodo Firewall's Viruscope detected NetWorm.Win32.Kido.A

I'm not sure why you trusted Chinese software in the first place. Do some research on their crap and not just Qihoo.

 

[Kate_L]

I don't think TS is "stable" for PC users that is why I have IS, also the memory usage on TS it is killing the PC. They have a little work to do, a little more

Also about "trusted Chinese software" you guys should read EULA / ToS / ... of "trusted" AV and then you should see what is what. That is why I used DefenseWall and I am thinking of using it again (The Gimzo 100 years version).

 

[conceptualclarity]

Password protect wscript.exe

I just brought up wscript.exe but didn't see a way to password protect it. Is that because I'm on XP?