Discussion in 'other anti-virus software' started by PaulBB, Jun 11, 2013.
No idea. Still waiting for it. Should be pretty soon.
There is no news yet.
I guess 360 IS doesn't include a fully 64-bit architecture. It certainly uses the WoW64 emulator as far as I've noticed today. anyway, I hope this wouldn't turn into a security risk
your signature says you use 32 bit. If so, qihu shows right stuff.
well, That's my other system (laptop)
besides windows 8.1 task manager is quite different from the one in the image in my previous post. actually it belongs to windows 7 64-bit
Only tray icon and additional tools such as the updater are 32 bits. Rest, including drivers and main service, are 64 bit.
my thoughts exactly
RAP test of VB
Lavasoft and Qihoo show that powered by is something different as the real thing, by at least 10% detection see http://www.virusbtn.com/vb100/RAP/RAP-quadrant-Aug13-Feb14-1200.jpg
It doesn't really matter. System drivers have to be 64bit, interface and trey icon doesn't.
you're right RejZor
this is what you'd get when you run CLT against 360 IS
btw have you ever noticed how the color of 360 hips prompt box varies in different cases ? Orange, Red and green; as far as I've seen
I don't know what those green prompt boxes are for Once I happened to encounter one of them green boxes, unfortunately it disappeared so quickly that left me no time to figure out what that was.. it happened exactly after I installed maxthon browser then a HIPS-like prompt box appeared with a time-out and block was the default choice. also I wasn't able to recreate the situation as a chance of getting that strange green colored box again. On the other hand 360 lacks a pro event logger, (not sure if this feature is included in TS version though) otherwise I could have easily find that esp event through 360 event logger. :\
If that green alert box appears in the lower right of the screen (instead of dead center as is the case with the others), it is the Startup Program being Modified alert.
Sadly Qihoo will only alert the user to an auto-start entry being created instead of asking one to Allow/Block (like Scotty of WinPatrol fame). I've been harassing them for the past few months about this, so one can always hope...
Keep it up!
On the other hand, I disabled "website filtering" in CF, but I didn't notice any gains on the detection side.
In fact, in my latest test with fresh malware samples from MT, MBAM did better.
Can you shed some more light on that particular setting?
Did your results on the malware pack correspond to the other Qihoo data that was posted for that pack?
As to the Website Filtering module I personally consider it a trivial addition as the true work of system protection against malware is being done by the Comodo Sandbox. It may be seen as blasphemous here, but in real world computer use any pure AV is of dubious value in the presence of stronger protection.
You may refer to my set up for your first question and you will know (since, A vs B not allowed here).
If you have a chance, run Q against today's malware pack (257) and verify you are getting results that are consistent with those published.
It appeared in the center of the screen actually, just like the other HIPS messages u saw in my previous post.
Mainly it's because 360 has extremely tried to include whatever feature you can think of, of course it's ok and most welcomed but as long as they keep the balance between quantity and quality satisfied.
This HIPS alert popped up while opening aimp (portable media player). how on earth CLT should be the one flagged as a keylogger?
I'm telling you, it had absolutely nothing to do with CLT, I was just opening aimp player (portable version). CLT was totally closed.
btw I don't get it, how would you determine whether the 'program' or the 'source' is infected
I think the terms 'program' and 'source' both means the same. Normally you see a combination of 'program' and 'destination' (or affected file) in a standard HIPS alert. (surely not 'program' and 'source')
for what it's worth, aimp and clt are both in the same drive.. but it still doesn't make any sense!
btw I noticed download protection won't always work; or at least I don't always see the download scanning notification after downloads are completed. maybe scanning happens in the background or something
Did very well with the malware pack you mentioned above.
@Amin: It's the best free product out there at the moment. I have tried everything out there in the past including Kaspersky, BD, etc.
If you install CF alongside it, you will never get infected. And above all, you don't have to sacrifice a single penny.
Thanks for trying it out. I just wanted to verify that there wasn't any issues with your particular setup.
And adding Comodo Firewall is really the key for Full Protection. Although Qihoo by itself is excellent, it does indeed miss some things from time to time (thankfully not often); also it really leaves a LOT to be desired in detecting PUPS. CF, with only the Firewall and Sandbox active has always caught Qihoo when it has fallen.
I just installed 360 again and did some testing against malware packs from MalwareTips, and the detection rate is outstanding. Many of the detections are heuristic ones due to the excellent heuristics. However, the strong heuristics do cause minor false positive issues with clean files.
test it against -malc0de.com/database, as it has PUPs and adwares, rogues, spywares as well.
My own testing should it to be a bet poor from malc0de.com links. Speicaly when it comes to PUPs and web malwares.
I just ran a test of 360IS with maximum setting against malc0de databse choosing the first batch of links and 360IS web did not detect any, but when ran them only 20% were detected. The rest installed their bundles and ran well.
So far the only AV that blocked everything from running or installing from malc0de was comodo firewall or IS with highest proactive setting. comodo still has a killer HIPS/behavior blocker.
I not longer have 360 installed. The problem with the links from malc0de in my opinion anyway is that they are not limited to just malware. I care most about the detection of actual malware, and don't mind if PUPs or installers which can optionally install 3rd party software are not detected. One of the PUPs I download from a link at malc0de is detected by just 3 out of 49 scanners at VirusTotal, this is fine by me as it is not an actual threat, and the program itself is quite harmless.
I have found a glitch...
I scanned 127 pieces of malware, it detected and removed 126 of them, I opened the folder to check the deletions and there are still three files left (should have been only one file left). On a subsequent scan with Malwarebytes, it removed the three files left by 360 IS.
So, does that mean 360 IS doesn't delete what it says?
Separate names with a comma.