Twister-AntiTrojenVirus Thread.

[Taliscicero]

Lost of people have been confused over a few settings in Twister-AntiTrojenVirus and i want to try to explain them a little better, And what setting i use, I have made tests to find the most effective twister configuration, with the help of Maymoons virus collection "Thanks" and thats what ile show you now.

http://i38.tinypic.com/2vmwxf9.gif

This is the configuration i use its fairly straight forward and it keeps the FPS to a minimum after you have done a full scan and Trusted the Few FP's that there are.

First off, Heuristic detection in twister works a little differently, if you enable it in options, Semi-heuristics is active for the real time scanning engine and Full heuristics for the Full scan mode,

Next is Detect packed file, I myself don't use this because it create way too many FP's so i wouldn't recommend anyone else use it either and there would only be rare cases that people would gain anything from it.

Immunize Frequent Malware/Spyware, Its basically the same deal you get with Spybot, same thing just less samples because twister is not primarily focused on this.

Last but not least as "Virus Immunity option" most people were confused about what this option did because there were so many warnings attached, And they are well warranted i wouldn't recommend this setting for an anti-malware novice, Basically what it dose is you run a full scan and tick the Auto-Immunize button and it should Auto-Immunize key files for you, What this is for is when anything tries to modify or delete these files you will get a warning like HIPS to ask you wether you would like to allow or disallow changes, So it not really dangerous to use but you have to be careful what you block, So its a useful feture.

Also just to add, The FDDS "Filseclab Dynamic Defence System" is basically a HIPS program with a different name.

This is just my observations of this program and hopefully its filled in a few questions people had about twister and if anyone else has anything to add be my guest.

Since Twister-AntiTrojenVirus hasn't been officially tested yet i can't comment without reasonable doubt on its detection rate, But with my own tests i am sure it is in the 90% - 100% range.

3DFireStarteR,

[maymoons]

some guy said it is look like a md5 scanner, it hasnt have deletion capability for file infector viruses.

You can test it, i sent to virus collection.

But i can say,
it cant delete AV XP 2008, some vundo variants.

And its delevope speed slow (there isnt any upgrade about 1 years: Version V7 R3 (01/01/200)

But its "Online Scan feature" is great.

[Taliscicero]

Quote:

Originally Posted by maymoons

some guy said it is look like a md5 scanner, it hasnt have deletion capability for file infector viruses.

You can test it, i sent to virus collection.

But i can say,
it cant delete AV XP 2008, some vundo variants.

And its delevope speed slow (there isnt any upgrade about 1 years: Version V7 R3 (01/01/200)

But its "Online Scan feature" is great.

When it can't delete something it will have the directory of where that virus/malware is located, What i would do is use the power removal option they have, that should get rid of anything that wants to hang around, Or even scan in safe mode.

And yeah i agree, Online Scan is awsome.

[cruelsister]

"But with my own tests i am sure it is in the 90% - 100% range."

I mean no offense to anyone who actually tests on her/his own, but I strongly suggest that you get recent (<3months) malware and retest. I think you'll find that detection (defs + HIPS) is more in the range of below 50%.

I honestly wanted this product to do well, but at the present time it is not an effective solution.

[Taliscicero]

It depends on your settings, And if you know how to use the program and get the full benefits out of all its settings, I'm useing maymoons malware so i'm not sure when its dated, Maybe he can shed some light on that.

[bellgamin]

Quote:

Originally Posted by 3DFireStarteR

Since Twister-AntiTrojenVirus hasn't been officially tested yet i can't comment without reasonable doubt on its detection rate, But with my own tests i am sure it is in the 90% - 100% range.

3DFireStarteR,

A test of Twister HERE, and another (labelled "Filseclab") HERE, both by PC Security Labs. Twister detects at high 90th percentile per those 2 tests.

[Fuzzfas]

Well, i 've no idea how much Twister would score in a test, but i know that every time that i downloaded a malware from p2p (and had the suspicion that it was malware), it always flagged it. As a matter of fact a few days ago, it flagged it while only 4 more AVs at Jotti's did.
It's good enough for my taste. Besides, if malware does pass by Twister, it must also pass by the rest of my defences... So really, who needs the 99,999% antivirus? Prolly nobody here in Wilders...

[Zetelo]

Will Twister have a part of another AV-Comparatives test in the near future? As far as I can remember, Mr. Bright told us something related to it. Any evidence?

[Taliscicero]

No idea, most likely it wont be in Av-Comparitives, Probably because of the roumers its used by the chinese goverment.

[Zetelo]

Quote:

Originally Posted by 3DFireStarteR

No idea, most likely it wont be in Av-Comparitives, Probably because of the roumers its used by the chinese goverment.

Chinese government? Holy sh** You mean you can buy a lifetime license of an antivirus, which is used by the government of one of the biggest countries in this world, for about 30 $?

If that was true, then I made a very cool bargain

[IBK]

Quote:

Originally Posted by 3DFireStarteR

Probably because of the roumers its used by the chinese goverment.

? I think I have not heard this rumour?

[Fuzzfas]

Quote:

Originally Posted by IBK

? I think I have not heard this rumour?

See here a certain "MindDoctor" guy:
http://answers.yahoo.com/question/in...8044418AAQVU6B

This has never been confirmed by the Filseclab representative here (nor denied).

[bellgamin]

Quote:

Originally Posted by Fuzzfas

See here a certain "MindDoctor" guy:
http://answers.yahoo.com/question/in...8044418AAQVU6B

This has never been confirmed by the Filseclab representative here (nor denied).

Speaking of rumors -- I heard a rumor that MINDDOCT just flew in from Hong Kong. Amazingly enough, he did so without an airplane.

Quote:

Originally Posted by IBK

? I think I have not heard this rumour?

Interesting. Is there anything else you haven't heard of?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Are we done with the urban legends yet? If so, back on topic: What Twister is is an effective security program consisting of antivirus module, behavior blocker module, and registry protection module. Its system tray icon resembles a logo for Viagra. It's a bargain at just $29.95 USD for an eternal subscription (& I definitely intend to live that long because I ALWAYS get my money's worth).

Twister (TAV) is aggressive, so it sometimes yields a gaggle of FPs. To modulate this tendency, I had TAV do a full scan of my clean computer, then I trusted the short list of trustworthy applications that appeared on TAV's *possible nasties* list. Thereafter, when TAV pops an alert, it is 99% probable (+ or - 2 standard deviations) that it is fully worthy of my immediate attention.

LEMMA: At the present state of antivirus technology, it is a fact that the number of false positives generated by an anti-malware scanner is roughly proportional to that scanner's effectiveness in attaining a high percentage detection of zero-day threats.

OT: Advocates of Twister are known as "Twistees".

TESTIMONY: TAV is great -- I know, because I use it & I haven't been infected by a malware. By the same token, I eat garlic and I have never been attacked by a vampire.

[Fuzzfas]

Quote:

Originally Posted by bellgamin

It's a bargain at just $29.95 USD for an eternal subscription (& I definitely intend to live that long because I ALWAYS get my money's worth).

Long live the Twistees!

[firzen771]

how is twister on system slow downs and resource usage? start up times?

[Saraceno]

Count me in as a twistee. Great program.

firzen771, I'd say it's as light as Avast! Not quite as light as Avira free, but as bellgamin mentioned, Twister consists of an antivirus module, behavior blocker module, and registry protection module.

So although its light, it's effective. Comparable to running an AV with say ThreatFire and Winpatrol. Similar alerts/notifications.

Read the following thread to see how it was mentioned on here, then users found it gave great detection rates. http://www.wilderssecurity.com/showt...hlight=twister

[firzen771]

does it have at least decent scan times, just dont want something that scans as ridiculously slow as KAV 7 did which i used to use. and start up times, is there a noticeable increase in that?

[Saraceno]

I noticed no change/increase in start-up times.

Scan speed on my system wasn't at blazing speeds, as in it's very thorough (around 30 mins scanning for me) but it's far from being like others which take hours (1.5 hours +) and slow your whole system down.

And while running a full scan, you're able to browse the net without any noticeable slowdown.

[firzen771]

thx for the info, and while reading the thread i hear thers no webav/HTTP scanner

[Taliscicero]

Quote:

Originally Posted by IBK

? I think I have not heard this rumour?

Yeah i had no idea if that was true or not, i have just heard it about 3 times now, so i though it was worth a mention, on my system TAV uses about 6,368K and about 15,000K wile running a full scan, so its defenitly lightweight, and yeah it dosen't have a HTTPs scanner but it dosent need one since it picks the Viri up the second you Unzip a infected file, or a file hits your HDD.

I sent a message to Filseclab and asked when they were going to release a new version and this was there reply,

We are developing the new version now, we are plan to release it at the middle of next year. About the new technology, it has more improvements, like FDDS, kernel engine and interface etc.

And also the Lifetime Carry's on to all further versions

[firzen771]

ill give twister a shot, it sounds promising. maybe if i like it enough ill replace my avira with it.

[Taliscicero]

Quote:

Originally Posted by firzen771

ill give twister a shot, it sounds promising. maybe if i like it enough ill replace my avira with it.

Alright, If you have any question just ask here and ile try to help.

[clocks]

Quote:

Originally Posted by 3DFireStarteR

I sent a message to Filseclab and asked when they were going to release a new version and this was there reply,

We are developing the new version now, we are plan to release it at the middle of next year. About the new technology, it has more improvements, like FDDS, kernel engine and interface etc.

And also the Lifetime Carry's on to all further versions

I think the current twister is dated Jan08. So if that is correct, they are going 1.5 years between updates?

[Fuzzfas]

Quote:

Originally Posted by firzen771

does it have at least decent scan times, just dont want something that scans as ridiculously slow as KAV 7 did which i used to use. and start up times, is there a noticeable increase in that?

IMHO, Twister has minimum impact on system (prolly only Avast with only standard shield installed is so light). The only slow down is when scanning jar files and on my pc it slows down defragmentation with Auslogics, because while the defragment process is on, Twister insists on scanning all files that are processed. So i temporarily disable the resident shield when i defrag.

[bellgamin]

Quote:

Originally Posted by clocks

I think the current twister is dated Jan08.

Based on the update information at TAV's website, they issued version 7.3 in January 2008. The current version is 7.3.1.9969, which I am now running.

Quote:

...they are going 1.5 years between updates?

I assume your question applies to a major version upgrade (reworked scanner engines, heuristic/emulator upgrades, etc), and not just to minor stuff such as engine tweaks, bug fixes, GUI tweaks, etc.

Having already issued a major version upgrade in 2008, the question of when Filseclab will issue yet another major upgrade is a matter of pure speculation. ESET worked well over a year on their major upgrade. DrWeb has been working nearly 2 years (that we know of) & still hasn't released a public beta of version 5 (AFAIK).

I seriously doubt the possibility of getting any kind of an *official* projected date from Filseclab. I give them credit for too much wisdom for them to fall into that trap. Scuttlebutt estimates? Maybe. Buddy-buddy guesses? Possibly. But an *official, for-attribution date*? NOT bloody likely!!!