Qihoo360 is Ranked No.1 in Software Industry for Vulnerability Detection and Protection Capacity

Status
Not open for further replies.
F

ForgottenSeer 19494

I guess it should detect it at least because it has the Bitdefender and Avira engines and they both detect it.
 
F

ForgottenSeer 19494

So does Qihoo have all of the definitions of Bitdefender and Avira or just parts of them? I cannot understand why Avira and Bitdefender detect this file and Qihoo, which USES THEIR ENGINES AND DEFINITIONS, does not.:oops:
 
  • Like
Reactions: kiric96

Malware1

Level 76
Sep 28, 2011
6,545
So does Qihoo have all of the definitions of Bitdefender and Avira or just parts of them? I cannot understand why Avira and Bitdefender detect this file and Qihoo, which USES THEIR ENGINES AND DEFINITIONS, does not.:oops:
I'm asking again:

Are you scanning it with 'exe' extension?
 
F

ForgottenSeer 19494

Already done this, but don't you think that it is strange? I mean, both Bitdefender and Avira should have this generic signatures from months, if not years. Why Qihoo doesn't have them today?
 
  • Like
Reactions: kiric96

Jaspion

Level 17
Verified
Jun 5, 2013
835
If it's old, it doesn't mean it's harmless. And the lack of detection from Qihoo would suggest it uses not the full databases of Avira and Bitdefender.
 
F

ForgottenSeer 19494

LOL, i guess they just added detection.

going to reupload to Virus Total
 
F

ForgottenSeer 19494

One time i trusted them and they crashed my PC with their so called "patches". Now i trusted them again and they FAILED. Now the stupid Qihoo can think about why there won't be 3rd time. Hope after 4 more years their brains will understand. Good to know that i still have a valid key for Bitdefender Internet Security. Hopefully Comodo Firewall's Viruscope detected NetWorm.Win32.Kido.A
 
Last edited by a moderator:
F

ForgottenSeer 19494

Yes, i do. Because it SHOULD have the same engine and definitions but it seems that it doesn't has all of the definitions. #BigFail for Qihoo!
 
  • Like
Reactions: kiric96

Terry Ganzi

Level 26
Thread author
Verified
Top Poster
Well-known
Feb 7, 2014
1,540
BY CRUELSISTER;

A few comments for Qihoo fans:

1). The last 4 digits in the build number of 360TS is just indicative of the database and does not mean that anything was added/changed to the application itself.
2). The issue with the Proactive module in TS still exists. Undetected malware will be allowed to autostart without a peep from 360TS. This is a VERY bad thing. 360IS will in most cases prevent autostart of malware.
3). The Proactive module of TS will also miss some important system changes done by malware, such as the replacement of something like notepad.exe with a malicious version (not a good thing for notepad to automatically connect to Algeria). 360IS is aware of such changes.
4). Both 360TS and 360IS will miss simple script malware. Both will allow the autostart of and transmission by malware using wscript.exe. This is not so much a Qihoo issue as just about everything else will be fooled by this.

Suggestions:

Bad- Using 360TS alone
Better- Using 360IS alone
Best- Either of the above with CF (HIPS off, Sandbox at Full V, Firewall at Safe).
 

conceptualclarity

Level 21
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Aug 23, 2013
1,072
Both 360TS and 360IS will miss simple script malware. Both will allow the autostart of and transmission by malware using wscript.exe. This is not so much a Qihoo issue as just about everything else will be fooled by this.

What does protect against transmission by malware using wscript.exe?

I know of a program called something like RegRun Reanimator that's supposed to specialize in detecting autostart malware.


Best- Either of the above with CF (HIPS off, Sandbox at Full V, Firewall at Safe).

Comodo Firewall, I presume.What about Private Firewall? One of my best computer-savvy friends has tried Comodo and prefers Private. Both score very high in the testing I've seen.
 

WinXPert

Level 25
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Jan 9, 2013
1,457
What does protect against transmission by malware using wscript.exe?

Disable autorun
Immunize all drives
Temporarily block wscript.exe via gpedit
Password protect wscript.exe

anyway vbs worms are the easiest to disable

...does not detect a 4 year old Downadup? https://www.virustotal.com/bg/file/...a65c6012e4b926fed5792c66f1c4baccaa3/analysis/ I can send you the sample if you want.

I'm interested with that sample, can you send me one. TIA
 
Last edited:
  • Like
Reactions: conceptualclarity

Blackhawk

Level 3
Verified
Jun 11, 2014
149
One time i trusted them and they crashed my PC with their so called "patches". Now i trusted them again and they FAILED. Now the stupid Qihoo can think about why there won't be 3rd time. Hope after 4 more years their brains will understand. Good to know that i still have a valid key for Bitdefender Internet Security. Hopefully Comodo Firewall's Viruscope detected NetWorm.Win32.Kido.A

I'm not sure why you trusted Chinese software in the first place. Do some research on their crap and not just Qihoo.
 

Kate_L

in memoriam
Verified
Top Poster
Well-known
Jun 21, 2014
1,044
I don't think TS is "stable" for PC users that is why I have IS, also the memory usage on TS it is killing the PC. They have a little work to do, a little more :)

Also about "trusted Chinese software" you guys should read EULA / ToS / ... of "trusted" AV and then you should see what is what. That is why I used DefenseWall and I am thinking of using it again (The Gimzo 100 years version).
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top