Twister Antivirus

Discussion in 'other anti-virus software' started by wildvirus88, May 10, 2008.

Thread Status:
Not open for further replies.
  1. ghodgson

    ghodgson Registered Member

    Joined:
    Dec 20, 2003
    Posts:
    835
    Location:
    UK
    I installed Twister last week and at first I was liking it, very light etc, however there was quite a few FP's, although initially that wasn't a problem but Twister started to 'kill' legit programs even though I had already asked it to trust them. So uninstalled it for now. May try again later because it seems to have the makings of a good AV.
    Gordon
     
  2. demonio

    demonio Registered Member

    Joined:
    Oct 21, 2007
    Posts:
    48
  3. sec15

    sec15 Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    4
    That isn't a detenction test. It can't be called detenction test,I know.

    I only wanted to know if twister antivirus detects correctly Beagle.

    But,as you can see, it classified a registry key of outpost as infected.

    I made it scan 4 others file infected by large-diffusion viruses. It didn't find viruses. But it was only a additional mini test based on detencion that wasn't the aim of initial test.
     
  4. demonio

    demonio Registered Member

    Joined:
    Oct 21, 2007
    Posts:
    48
    He says this
    Facendo quindi una scansione della cartella di installazione di comodo identifica un file come adware.:D
     

    Attached Files:

  5. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,887
    Location:
    Stockholm Sweden
  6. sec15

    sec15 Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    4
    I said this 'cause i think that if twister found a comodo registry key classifying it as infected it would detect some comodo files as infected.
    In fact, it detect a file.
     
  7. sec15

    sec15 Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    4
    I don't understand what's the matter.

    falsi positivi is often used as a translation of false positives
     
  8. emperordarius

    emperordarius Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    1,218
    Location:
    Who cares
    I know italian perfectly. Falsi positivi IS false positives. Now stop talking about the meanings and use Google Translate to translate the page.
     
  9. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    I think i will put Twister on manual updates only. I got these weird requests a while ago.

    a.png

    b.png

    I was installing Ashampoo Burning Studio when they occured. I guess the first one has something to do with certificates and the fact that Ashampoo is german.

    But why trying to connect to windows update?
     
  10. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    Well said emporer! This thread is about Twister, NOT an OT language discussion.

    As to guard32.dll, it is a component of Comodo's Firewall Pro that sometimes is regarded as suspicious by behavior blockers. That occurs (evidently) because guard32.dll does manifest certain types of behavior that sometimes points to a malware activity. While Comodo's guard32.dll is NOT a baddie, if it's not in a certain very specific directory, it truly might be a baddie.

    Please read HERE & HERE & HERE & HERE & HERE & HERE & LOTS of other websites (do a Google).

    Twister includes a registry checker and a HIPS-like behavior-analytic capability (Filseclab Dynamic Defense System). These additional modules are targeted to detect zero-day nasties which are so new that signatures do not yet exist.

    These sorts of security modules can & do generate FPs at times. They increase protection, but also require the user to do a bit of research at times, as is true for any & all HIPS-type security programs.

    If you do not want to have that sort of protection, or if you feel uninclined or unable to do the infrequent-but-necessary research, then simply turn-off Twister's registry protector & FDDS. When you do that, Twister will become a straightforward antivirus program & FPs will become rare or non-existent for you.
     
  11. HuHitsU

    HuHitsU Registered Member

    Joined:
    May 28, 2008
    Posts:
    5
    I manually update twister as well and block all outgoing connections... I did that after it tried connecting to thawte.com and crl.microsoft.com. It was probably harmless but my thinking is to block first and ask questions later.
     
  12. Miyagi

    Miyagi Registered Member

    Joined:
    Mar 12, 2005
    Posts:
    426
    Location:
    None
  13. demonio

    demonio Registered Member

    Joined:
    Oct 21, 2007
    Posts:
    48
    @ sec15


    You talk of respect? wilder door always respect, your moderator called Twister "coso",

    filseclab software house with very good team expert, so he has failed to respect us and the filseclab team

    Best Regards
     
    Last edited: May 31, 2008
  14. tbay2athome

    tbay2athome Registered Member

    Joined:
    May 24, 2008
    Posts:
    38

    Wild guess here (I don't have a software firewall to monitor its outbound connections) but wonder if Twister somehow acts as a proxy for all programs that access the internet. What made me think of this is a while back when I was running NOD32 V3 and Online Armor, OA would show that it was ekern.exe that was connecting out and not for example Firefox. Just a thought, I might be wrong. Perhaps one of the resident whiz kids can comment.
     
  15. HyperFlow

    HyperFlow Registered Member

    Joined:
    Mar 21, 2008
    Posts:
    115
    i have not had twister AV try any thing funny and have monitored it very closely it seems to only ask for access to the net at every 3hr just as it stats in it's default setting for updates and no alerts from my FW or GesWall has flagged it trying to connect without my promotion but if any one can say and prove other wise by all means post your findings so it can be addressed.
     
  16. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    I had crl.microsoft.com too, i think after every rebooting. And had some thawte.com too.

    The first isn't unusual for other applications too. Must be something about certificates. Probably thawte.com too, but i 've never had an application asking connection to it before.
     
  17. ellison64

    ellison64 Registered Member

    Joined:
    Oct 5, 2003
    Posts:
    2,587
    Has anyone noticed a possible bug in twister av GUI?.Ive noticed that if you open the gui and and click the 3 icons (anti-trojan virus,FDD System,and registry protector) it states that they are disabled and grey out ,however realtime scanning etc is still active as can be seen from the realtime scanning log shown under the 3 icons.However if you right click the system tray icon and click "stop realtime protection" it actually does stop it.Anyone else noticed this?.Ive emailed twister support about it.
    ellison
     

    Attached Files:

  18. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    @ Ellison.

    I confirm. I always disable it from the tray, so i hadn't noticed.
     
  19. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,024
    Location:
    Christchurch, UK
    Apart from this little "bug" I have also found that the "Modify" selection does not work from the uninstall Window and that if you disable the FDDS and Registry Protector they will enable themselves after a short time period (24-48 hours).

    However, the uninstall was very clean.
     
  20. Filseclab

    Filseclab Registered Member

    Joined:
    May 27, 2008
    Posts:
    42
    Usually, it will no problem for scanning large archive files, there should be other problem.
     
  21. Filseclab

    Filseclab Registered Member

    Joined:
    May 27, 2008
    Posts:
    42
    I am sorry we have no detection results from test organization, we have made touch with them, wish they can test our program in the future.
     
  22. Filseclab

    Filseclab Registered Member

    Joined:
    May 27, 2008
    Posts:
    42
    Maybe you used the Vista system, you may try to reinstall the twister to an simple path like c:\filseclab instead of c:\program files\filseclab to try again.
     
  23. Filseclab

    Filseclab Registered Member

    Joined:
    May 27, 2008
    Posts:
    42
    This only is a sample picture, and it is very old. We have two types license, one is lifetime license, one is the time limit license, for promotion our software, we only sell the lifetime license now, it will become to unlimited for virus definition update and software update after it registered with lifetime license. About time limit license like yearly license, we will issue it in the future.
     
  24. Filseclab

    Filseclab Registered Member

    Joined:
    May 27, 2008
    Posts:
    42
    Usually, the false positive is unavoidable, but we will do our best to reduce the false positive. The users can submit the false positive to us when it encountered, we will fix the virus definition as soon as possible. there have a simple way to submit the FP, disable the twister realtime protection first, submit the FP file with Twister main frame->Submission menu->Online Submit False Positive.
     
  25. Filseclab

    Filseclab Registered Member

    Joined:
    May 27, 2008
    Posts:
    42
    Please submit to us, you may disable the Twister's realtime protection and click Ctrl+Shift+F to submit the FP file, we will fix the virus definition as soon as possible.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.