360 Total Security - English

Discussion in 'other anti-virus software' started by ifacedown, Apr 23, 2014.

  1. GakunGak

    GakunGak Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    953
    Bitdefender's the one that can lag a day from time to time..... From a security standpoint, it is not a major issue for regular usage as the chance of infecting with a 0-day or 0-month not caught up with 360 engines is low.
    Even with 1-day lag, you should be able to detect at least 95% of anything you encounter, with sandbox usage, it should be virtually impossible to get infected.
    I will get back to you officially on this.
    Until then, https://www.qubes-os.org/ :)
     
  2. Morro

    Morro Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    355
    Location:
    Netherlands
    Welcome back from traveling GakunGak, but you did not miss much, the only thing I can think of with is that 360 TSE updated to version 8.2.0.1031. :)
     
  3. GakunGak

    GakunGak Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    953
    Thanks for the warm welcome :)
    Thanks for the info :)
     
  4. Cazotte

    Cazotte Registered Member

    Joined:
    Mar 8, 2016
    Posts:
    7
    Dear GakunGak, could you be so kind to investigate the following behavior:
    • Switch off antivirus by clicking corresponding slider in tray.
    • Install e.g.
      • Notepad Replacer and set another editor (e.g. Sublime Text) instead of default Notepad.
      • Process Hacker and make sure to tick “Replace Task Manager” on Options-Advanced page.
    • Check our substitutions work so far:
      • Press Win+R, then type “notepad” and hit Enter. Another editor should pop up.
      • Press Ctrl+Shift+Esc. Another task manager should pop up.
    • Now pick some file in Explorer, right-click it and choose “Scan with 360”.
    • As scan is completed, check our substitutions again… They’re gone, we see default notepad and task manager.
    It seems 360 TS Essential messes with the registry without approval, could it be?
     
    Last edited: Mar 8, 2016
  5. GakunGak

    GakunGak Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    953
    Did not test it, will do tomorrow, until then, 360 WILL and SHOULD:

    - detect system anomalies such as replacement for system components, such as task manager, text editor etc...
    - Should detect in realtime [it might take a while to pick up such modification] and on demand scan.

    It's a defense mechanism against hijacking. If you want to force such changes, then I would recommend doing a full scan [under virus scan], then add to exclusions such changes.
    Also switch to interactive realtime protection until you have manually whitelisted such changes, to prevent reactive protection changing stuff to default.

    If something has to do with Windows, regarding default keys and changes, they will/should get detected and reported. 360 TS/TSE does not and will not have juristiction outside of MS Windows
    registry keys, unless it is specific to malware, in which case it is required to be removed from registry. Same goes with Windows FILES [malware compromises windows component/executable]... Other than that, it will not crawl and attempt to fix registry errors as seen with other programs, for example iobit Advanced System Care.

    If you believe this to be mistake, or should be aproached differently, do let me know. I would appreciate detailed feedback, thank you.
    Also, if I need to clarify what I wrote above, do let me know that as well.
     
  6. Cazotte

    Cazotte Registered Member

    Joined:
    Mar 8, 2016
    Posts:
    7
    GakunGak, my point is 360 acts on its own in this case
    • while being mandatory switched off,
    • with no visual clues,
    • with no logs.
    In sum, it silently breaks finely-tuned user’s environment.
    Please, do try to reproduce the issue.
     
    Last edited: Mar 8, 2016
  7. GakunGak

    GakunGak Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    953
    Understood. Will look into it and reproduce step by step. Thanks for reporting this issue.
     
  8. GakunGak

    GakunGak Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    953
    So, regarding Qihoo update engines...
    The more people participate, the better.
    Mail.ru cloud link is mine and safe to use, just run BAT file, wait for it to finish, fire up log attachments to support email. They will do the rest.
     
  9. Morro

    Morro Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    355
    Location:
    Netherlands
    If for me both Avira and Bitdefender show todays date 09-03-2016, would it still be wise/needed to run the bat file that you linked to? ( Downloaded it already ... just in case. )

    If so is there any specific title I need to put in the subject line, or in the email itself?
     
  10. GakunGak

    GakunGak Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    953
    In case where's delay [1 day or more], then run the tool, and send it to Qihoo [subject line can be 360TSnet log], and do a proxy check in download manager.
     
  11. Morro

    Morro Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    355
    Location:
    Netherlands
    Okay I will remember that in case it is needed, thank you GakunGak. :)
     
  12. Mops21

    Mops21 Registered Member

    Joined:
    Oct 5, 2010
    Posts:
    2,409
    Location:
    Germany
  13. GakunGak

    GakunGak Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    953
    In the near future, if all goes well, there might be some new stuff comming in... :)
    Can't say more than that :)
    New update out, those with issues pls check if yours got the bugfix.
    If not, let me know.
    @Mops21 Much appreciated, thank you :)

    Stay classy, Wilders!
     
  14. Cazotte

    Cazotte Registered Member

    Joined:
    Mar 8, 2016
    Posts:
    7
    This update relates to 360 TS, whereas I reported about TS Essential, which is not updated yet, so cannot confirm whether issue is fixed.
     
  15. GakunGak

    GakunGak Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    953
    Hi, I'm working on that issue you've reported already and investigating with 360 folks, will let you know.

    In the meantime, could you reproduce something for me just to confirm it:
    1: Set realtime protection on interactive [Settings>Active Protection>System>Action on threat detection: let me determine an action]
    2: Disable realtime protection
    3: Do a modification you did with those programs
    4: Do a full system scan [or file scan of your choosing]
    5: Attach a screenshot of the result page on the scan completition
    6: Skip repair
    7: Enable realtime protection
    8: Start task manager [as you usually do]
    9: Screenshot any popup you might receive

    Those you can attach here or link them via image hosting site.

    EDIT: It is my suspicion that in the results page there IS a report of modification of DEFAULT WINDOWS programs association, which it recommends reverting to defaults, with an option to TRUST those modifications you've made, hence, not a bug, just an oversight in report.
    I am trying to determine that with you, your patience and assistance with this is most appreciated.
     
    Last edited: Mar 11, 2016
  16. Cazotte

    Cazotte Registered Member

    Joined:
    Mar 8, 2016
    Posts:
    7
    1. Always.
    2. Disabled.
    3. Default task manager is replaced with Process Hacker.
    4. Arbitrary file is scanned via context-menu option. Oh, why scan initialization takes so long: 20+ secs.
    5. Results: 1, 2, 3. No log of default programs modifications with option to trust, however dramatic changes silently happen here.
    6. Skip repair? What repair? Never mind, I guess.
    7. Enabled.
    8. Default task manager is in my sight.
    9. No 360 popups.
     
  17. GakunGak

    GakunGak Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    953
    I believe this is all the information I need at this time, thank you.

    If I need more, I will let you know.

    When next update happens, if it is not fixed, drop me a line and I will expedite fixing.

    Thanks for your report.
     
  18. warwagon1979

    warwagon1979 Registered Member

    Joined:
    Nov 17, 2009
    Posts:
    21
    I can no longer recommend 360 total security. It looks like 360 Total Security has now added a dodgy phone number during scans and also after the scan. I called the number to confirm my suspensions and they did exactly what I Thought they would do. Connected to my virtual box (installed 20 mins before the call) and started telling me I had a bunch of viruses and started pointing at core windows processes and calling them viruses.


    https://c2.staticflickr.com/2/1656/25787010545_0d4c5df924_c.jpg
    https://c2.staticflickr.com/2/1656/25787010545_0d4c5df924_c.jpg
     
  19. GakunGak

    GakunGak Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    953
    Hi, thanks for reporting this.
    I am looking into this and will investigate and report back.

    What I have as my result is this:
    http://s10.postimg.org/brxs1byg9/Q360_TS.jpg
    When clicking on it, this page should present itself:
    https://www.360totalsecurity.com/en/support/?ref=ts&mid=c6ac154047ddc17904ebd5817a25f4f7&act=s
     
  20. warwagon1979

    warwagon1979 Registered Member

    Joined:
    Nov 17, 2009
    Posts:
    21
    I think it cycles through different ads on the scan result page as well as the scan page. Sometimes it shows up on the scan page, sometimes it doesn't. I first saw it during a scan on a customers computer a few days ago which is why I looked into it.
     
  21. GakunGak

    GakunGak Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    953
    Please confirm for me that the computer is physically located in the US or it's IP address, thank you.
     
  22. warwagon1979

    warwagon1979 Registered Member

    Joined:
    Nov 17, 2009
    Posts:
    21
    I don't really want to post my IP address, but i'm located in the United States in Iowa.
     
  23. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    1,049
    Location:
    Baden Germany
  24. GakunGak

    GakunGak Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    953
    That is all I need at this time, thank you.
     
  25. warwagon1979

    warwagon1979 Registered Member

    Joined:
    Nov 17, 2009
    Posts:
    21
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.