Twister-AntiTrojenVirus Thread.

Discussion in 'other anti-virus software' started by Taliscicero, Dec 3, 2008.

Thread Status:
Not open for further replies.
  1. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Ah, i see they have the same "recipy". That it has connections to another chinese site that sometimes distributes download with adware.

    Great, so you judge a site as dangerous, because it has banner/clickable link to another site that may have adware download links. Years ago i had downloaded adware from download.com, but i don't see anyone marking as red the sites that point to download.com...

    I have also visited those "incriminated" sites and although i don't speak chinese i saw no attempt to forcefully download something on my PC. The funniest thing is that the english version of filseclab site doesn't have any such banners at all.

    These people at McAfee are nuts. Or they have prejudice just because they are chinese sites. Apart the fact, that they don't REDIRECT you to the other sites. You have to go on your own will. And that makes the original site "dangerous"? Yeah, right...

    The funny is that in the description they say the same thing, they also show all the "red" links, but they have marked the main site itself as "green". o_O

    http://www.siteadvisor.com/sites/kingsoft.com

    Someone must alert them to make it "red" too. The "pearl" amongst all comments. He voted it "red", because: "um,i thought kingsoft was used to be a harmful website according to site advisor". So he voted it red, because he remembers that it USED TO BE RED! Maybe he can't prove it to be dangerous, but he has a good memory and that's more important! Way to go! That's the spirit! Why do people even bother to register and do a review, before checking their IQ first?


    Rising antivirus is "Yellow":

    http://www.siteadvisor.com/sites/rising-global.com

    As soon as the usual village idiot goes there and marks it red, it will join the others. As guilty as any other chinese! This will teach them who's the king! (McAfee). The funny is that the "reason" is that "brothersoft.com". I have encountered that site googling many times, it's a legitimate download site. And so it has adware programs too, but that doesn't make the site malicious! Adware is a legal form of selling for software vendors.
     
    Last edited: Jan 8, 2009
  2. renegade08

    renegade08 Registered Member

    Joined:
    Aug 26, 2008
    Posts:
    432
    Should i alert them or you will ?:D

    O.K. I let "You have the honour" to do that.




    Actually i didn't see that. But i suppose it was coming.

    Hey, they can't be all red. It would be too suspicious!!

    Some one has to be yellow.


    I've just tested about 10 warez sites to see what will show SiteAdvisor and all of them are marked Green.

    PURE GREEN !!!

    How Ironical.

    Oh, "What A Wonderfull World" .

    A little off topic:

    Has anyone has any suggestion for alternative to siteadvisor?

    I've see that Browser Defender is getting more exposed but i don't think is too mature. And i haven't tested WOT.
     
  3. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    LOL! No, i 'd better not visit that siteadvisor crap again, i would start swearing if i were to contact them... Their ratings are completely bogus. They even say that they found "trojans" (obviously false positives) in those sites, still they are green. Others are red without. And any idiot is allowed to add to the rating, even if he writes irrational things. In filseclab one voted it red (negative shopping experience" because... "This firewall has been rated as EXTREMELY POOR on the following security research site:

    matousec.com/projects/windows-personal-firewall-analysis/leak-tests-results.php

    There are better ones out there"


    1) The firewall is free, so i don't understand how this is "shopping" experience.

    2) The rating is about the safety of the site, not the leak score of the firewall.

    But who cares!

    Another one. The "MYSTERIOUS COMODO!"

    http://www.siteadvisor.com/sites/personalfirewall.comodo.com

    Not verified yet! :D I am sure it is very difficult to tell if Comodo is a legitimate one...


    Yeah. It's still yellow, because no village idiot has gone yet to vote red. Just wait...

    Well you know, sometimes it's hard to analyze well sites. Like in Comodo's case. I am sure it was hard to see they were warez sites, just like it's hard to see that antivirus sites aren't malicious.

    I 've never used site advisors and now i am happy i didn't.
     
  4. gery

    gery Registered Member

    Joined:
    Mar 8, 2008
    Posts:
    2,175
    Link scanner also marks it green but when you click to go to that site it will stop you warning it is a rogue alert smth. Am i missing something here?:D o_O :rolleyes:
     
  5. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    filseclab is green with browserdefender :) rising's site is also green.
     
  6. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    8,251
    Location:
    The land of no identity :D
    It has changed but all emails sent to this address are automatically redirected anyway so it is still alright to send samples to this address. It is now virus {at} avg[dot]com. This change occurred due to the change of name of Grisoft to AVG technologies. It is unknown how long the redirection will work but it is better to send emails to this address in the future.
     
  7. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    8,251
    Location:
    The land of no identity :D
    Filseclab's site no longer pops up any alerts for me from AVG's LinkScanner, which means they de-listed it from the "blacklist". As for Kingsoft, I have never had any problems accessing their site. So now the only problems seen are from SiteAdvisor.
     
  8. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Thank you Firecat. In fact i was suspecting it had changed exactly for that reason, that's why i asked. Anyway, i sent the FilMsg.exe yesterday to the "old" email, together with a brief explanation and a link to Filseclab's site where it explains what the messenger does. I will scan the file again at Jotti's and if i see that the false positive persists, i will send it again to the new mail, that you provided me.

    Thanks for the help!


    Probably because they don't have just any idiot with the capability of changing the rating of the site by voting.
     
  9. Mirin

    Mirin Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    41
  10. Miyagi

    Miyagi Registered Member

    Joined:
    Mar 12, 2005
    Posts:
    426
    Location:
    None
    Bottom line is: Twister is a reputable product and Mr. Bright Chu (Bright Kiss in Japanese) is always responsive no matter what kind of question you have with Twister AV. As long as this thread exists, people don't have to rely on the site advisor thing to find out if it's legit or not. :)
     
  11. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,099
    Location:
    Hawaii
    I thought Jn for kiss is "sepun".
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Siteadvisor is largely based on opinions. Opinions are like derrieres -- everybody has one, and they mostly stink.
     
    Last edited: Jan 8, 2009
  12. Baz_kasp

    Baz_kasp Registered Member

    Joined:
    May 1, 2008
    Posts:
    593
    Location:
    London
    Honestly, don't use siteadvisor to base your judgement on any sites. It has been dumped and neglected by mcafee for a long time. It used to be very promising before Mcafee purchased it....but over the last few years they have pretty much stopped all development on it, and the rating system is slow, unreliable and very inaccurate. I was one of their top reviewers but closed my account after I saw that they had no intention of nurturing the site or the concept...but were perfectly happy to keep taking people's money.
     
  13. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    I believe you... An advanced reviewer i saw there now was writing crap... But it's the best they have left i suppose.

    LOL! A similar quote about Site advisor:

    "It seems there are good web sites, there are bad web sites and there are those that are just plain incompetent. In the incompetent category comes McAfee SiteAdvisor."

    http://www.autopatcher.com/
     
  14. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    To all the Twistees. Just in case you haven't noticed it. I haven't for example. :eek:

    In case of particularly persistent malware that doesn't get deleted, there is actually a last resort, in Tools ---> Power Removal.

    http://img60.imageshack.us/img60/9198/98490702io5.png

    I can't believe than i have never noticed that before. :blink:
     
  15. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    wow, thats a nice little tool they have included there.
     
  16. Tony

    Tony Registered Member

    Joined:
    Feb 9, 2003
    Posts:
    725
    Location:
    Cumbria, England
    @ Fuzzfas
    Did you successfully find out exactly what to exclude for the Twister updates when using Shadow Defender?
     
  17. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Well i know what to exclude (i asked Filseclab support), but Shadow Defender won't cooperate into that.(It will only work under "commit", not under "exlusion list).
    Tony from SD confirmed that he reproduced the issue, but no solution yet.

    Twister when updating, only writes in the Twister folder in program files and sometimes in the Filseclab Folder in Common files. Particularly important is the def folder in Twister folder, because at reboot it checks it for definitions and if something is wrong, the service won't load.

    So i update Twister before entering Shadow Mode.
     
  18. jlo

    jlo Registered Member

    Joined:
    Nov 29, 2004
    Posts:
    475
    Location:
    UK
    Is there a virus sample submission email address for Twister antivirus?

    Cheers

    Jlo
     
  19. jlo

    jlo Registered Member

    Joined:
    Nov 29, 2004
    Posts:
    475
    Location:
    UK
  20. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
  21. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    Funny thing i have just realized, This thread is one if not the only place an "English" Discussion of twister is going on, there seems to be nobody elsewhere talking about it.

    Hopefull if anything its helped some people, And got Filseclab some well earned English/American Customers.
     
  22. Tony

    Tony Registered Member

    Joined:
    Feb 9, 2003
    Posts:
    725
    Location:
    Cumbria, England
    Thanks Fuzzfas :thumb:

    Guess its no big deal as Twister updates as soon as Windows loads.

    I`ll exclude the folders and see how it goes later on.

     
  23. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    I think exactly the same.

    Errr... Twister will show definitions date 1970 and won't be able to start the service at startup. I had to reinstall. So be careful! You 're asking for trouble! :D The updates only work correctly if you manualy commit the folders (not exclude).

    Yes, the old thread is locked and probably this is the only place in the internet where a user can learn some things in english about Twister.

    And Europeans too! :) If it wasn't for Wilders' i would have never known about Twister and wouldn't have bought it.
     
  24. Tony

    Tony Registered Member

    Joined:
    Feb 9, 2003
    Posts:
    725
    Location:
    Cumbria, England
    Thanks :)
    I will leave well alone then :thumb:
     
  25. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Yes... It's not system specific problem, because Tony told me he was able to reproduce it. But you can try it for fun one day if you want! It's funny seeing the defintion date 1/1/1970 in red! Twister didn't even exist in 1970! :D And then it tries to update, but in vain...
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.