360 Internet Security: FREE Triple antivirus engine, BitDefender included

Discussion in 'other anti-virus software' started by PaulBB, Jun 11, 2013.

  1. tk55

    tk55 Registered Member

    Joined:
    Apr 18, 2009
    Posts:
    72
    go to toolbox/patch up/advanced settings, and under notification select "disable notification and do not patch".

    edit: "turn off windows update" is also in the advanced settings, a few lines down.
     
  2. GakunGak

    GakunGak Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    953
    That will/should disable Microsoft Windows Update, not 360 PatchUp.

    The first one you provided was correct. :)
     
  3. carbonize

    carbonize Registered Member

    Joined:
    Nov 15, 2006
    Posts:
    93
    This thread is about Qihoo's Total Security Essentials and not Total Security. Keep discussions to the appropriate threads.
     
  4. GakunGak

    GakunGak Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    953
    My apologies, my bad....
     
  5. tgell

    tgell Registered Member

    Joined:
    Nov 12, 2004
    Posts:
    1,097
    Well, the thread title says 360 Internet Security which is now Total Security not TSE.
     
  6. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,718
    Location:
    Gaia
    360 Internet Security is now TSE.
     
  7. tgell

    tgell Registered Member

    Joined:
    Nov 12, 2004
    Posts:
    1,097
    I take my statement back. Thanks for the clarification.
     
  8. carbonize

    carbonize Registered Member

    Joined:
    Nov 15, 2006
    Posts:
    93
    Hmm bit bizarre. I received an email that contained a blatant virus in a docm file so I downloaded it and scanned it with TSE. It comes back as clean. Next I upload it to Virustotal (~ Removed VirusTotal Results as per Policy ~) and on there the QVM engine detects it as Win32/Trojan.Downloader.ad7 and Bitdefender detects it as Win32/Trojan.Downloader.ad7 so why is it not being detected when I scan it?

    Just to add here is the scan log for it

    360 Total Security Scan Log

    Scan Time:2015-07-24 11:05:33
    Time Taken:00:00:01
    Object(s) Scanned:1
    Threat(s) Found:0
    Threat(s) Resolved:0

    Scan Settings
    ----------------------
    Compressed Files Scan:Yes
    Scan Engine:Bitdefender Engine, Avira AntiVir Engine

    Scan Scope
    ----------------------
    C:\Users\eff\Desktop\OrderForm2968347.docm

    Scan Result
    ======================
    No threat found
     
    Last edited by a moderator: Jul 24, 2015
  9. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,400
    Location:
    U.S.A.
    Does the AV scan settings indicate that it is scanning all file extensions? If it scans only specific file extensions, is .docm one of them?
     
  10. carbonize

    carbonize Registered Member

    Joined:
    Nov 15, 2006
    Posts:
    93
    As can be clearly seen by the log I posted it was scanning a single file as that is what I asked it to do.
     
  11. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,400
    Location:
    U.S.A.
    There are a couple of issues here. Qihoo really should have detected the malware after the file download. You should not have had to do a stand alone scan. Docx besides hosting XML docs. can also contain macros. Perhaps the malware was macro based? In that case, BD/Avira wouldn't be the first to have issues with Word macros.

    If you have MalwareBytes AM installed, do a context scan with it and see if it detects the malware.

    -EDIT- I would be very careful with that .docx file. Could be cryptolocker malware. Docx attachments is one of its favorite delivery mechanisms. Also might explain why Qihoo didn't detect anything. Actually since you already downloaded the file, you might already be ihfected. Good luck.
     
    Last edited: Jul 24, 2015
  12. carbonize

    carbonize Registered Member

    Joined:
    Nov 15, 2006
    Posts:
    93
    1 - It was docm not docx
    2 - As I said in my original post both QVM and Bitdefender detected it when I uploaded to Virustotal. ~ Removed Off Topic Remarks ~
    3 - Just downloading a file will not make me infected. God knows where you got that idea from.
     
    Last edited by a moderator: Jul 24, 2015
  13. RejZoR

    RejZoR Lurker

    Joined:
    May 31, 2004
    Posts:
    6,426
    That's not entirely true. Explorer file preview (merely looking at the file on disk) can trigger the payload as it was seen with the JPEG exploits in the past...
     
  14. GakunGak

    GakunGak Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    953
    Personal experience here. Small company I do IT received docx file in a attachment. Email client was Mozilla Thunderbird. Sure enough, text was suspicious as hell, but I decided to check it out in the Sandbox to see what it is doing. As soon as I saved the file on Desktop, Qihoo screamed with Red Alert [shields up!], saying it was macro type virus. It asked me to remove it and sure enough, I did.
    What I am saying here is, whatever malicous, one of these things will happen:
    1: Get detected on file save and quarantined
    2: Get detected on file run [sandbox or normal]
    3: Get detected if someone in the world runs it, uploads the file, file goes through cloud analysis [Skynet] and intelligence gets shared with users worldwide. Should't take more than 5 hours tops.
     
  15. carbonize

    carbonize Registered Member

    Joined:
    Nov 15, 2006
    Posts:
    93
    But as you say that is for images where Windows will parse the file to create a thumbnail. But this is moving away from the fact that my local installation of TSE failed to detect something that two of it's engines did detect on Virustotal. It didn't detect it on download and it didn't detect it when I told it to scan the file. Question is would it have detected it if I had run the file? Not to much of an issue as I actually use Libre Office and not MS but you never know.

    Again missing the point of the fact that it was not detected locally. As for point 3 this means some poor person has to get infected before it can get reported? The file should of been detected when I downloaded it and the file created on my desktop. Failing that it most certainly should of been detected when I told TSE to scan the file. But as I keep repeating the big issue I have is that it was detected by both QVM and BitDefender when I tested on VT.
     
  16. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,400
    Location:
    U.S.A.
  17. carbonize

    carbonize Registered Member

    Joined:
    Nov 15, 2006
    Posts:
    93
    And again my main issue is that both the QVM and BD engines on VT detected it yet the ones on my machine did not.
     
  18. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,400
    Location:
    U.S.A.
    Perhaps this might help. From VirusTotal's FAQS:

    A given antivirus in VirusTotal detects a file and its equivalent commercial version does not
    VirusTotal antivirus solutions sometimes are not exactly the same as the public commercial versions. Very often, antivirus companies parametrize their engines specifically for VirusTotal (stronger heuristics, cloud interaction, inclusion of beta signatures, etc.). Therefore, sometimes the antivirus solution in VirusTotal will not behave exactly the same as the equivalent public commercial version of the given product.

    In any case, this issue is something you need to ask Qihoo about.
     
  19. GakunGak

    GakunGak Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    953
    No. All he has to do is run it. Even if it evades QVM and stuff, it still has to perform malware behaviour [suspicious/malicious], which in turn HIPS will kick in, blocking any action that might be harmful to the system. That thing gets uploaded, QVM learns how it work and instant protection for worldwide users. And similar variants too.
    Point two, should of been detected..... I agree, but this works as well. Combination of Sandbox and HIPS give you an advantage.
    Sandbox to see what the unknown stuff is doing, what is spawning where, and if it's malicious, well, who cares. Delete & Forget. HIPS is a guardian watchman overseeing if things are behaving properly.

    People, relax and use your PC as it was intended for. Gaming, Entertainment, Study, take your pick. If the boys at the Pentagon were...... being this methodical about electronic security, not even POTUS would have a direct line to his....... ah, just forget it :)

    Bottom line is, you want to help, do a full system scan every weekend, upload any unknown files, patch your windows and use that Sandbox for unknown stuff. That's all it takes. :)
     
  20. atomomega

    atomomega Registered Member

    Joined:
    Jul 27, 2010
    Posts:
    1,292
    Wow! What a ~snip~ attitude. If you already know what people are explaining to you, why ask in the first place?
     
    Last edited by a moderator: Jul 26, 2015
  21. Nightwalker

    Nightwalker Registered Member

    Joined:
    Nov 7, 2008
    Posts:
    1,309
    How is the system performance with Bitdefender and Avira engine on? Is it worth?
     
  22. GakunGak

    GakunGak Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    953
    Try to enable both, then watch performance as you web, game or do heavy duty stuff. Then switch to Avira. Then switch to BD.
    If your machine is capable enough, then leave both.
    If you want performance with a little extra protection, use Avira.
    If you want performance with a little drop in speed, use Bitdefender.
    If you want good protection with as much speed as possible, use none.

    My practice is, when going to web or about to insert usb, then switch to security, but general stuff and gaming, keep Balanced. You could try the same.
     
  23. GakunGak

    GakunGak Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    953
    Somebody be kind and rename this to Total Security Essentials, thank you.
     
  24. carbonize

    carbonize Registered Member

    Joined:
    Nov 15, 2006
    Posts:
    93
    So it can be brought to the companies attention or because there was possibly something I missed oh great and wise one.

    So long as it is also said that it used to be IS.
     
  25. Rolo42

    Rolo42 Registered Member

    Joined:
    Jan 22, 2012
    Posts:
    571
    Location:
    USA
    Surprisingly light. So light that I had to torture test it to make sure it was working 'cos I wasn't sure it was doing anything! Try it; it really doesn't fail to impress...

    @ others...personal attacks to PM please (or better yet, not at all--do unto others...first seek to understand...all that jazz)
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.