Twister-AntiTrojenVirus Thread.

Nonsense! The scope at which AVs scan depends on how the user CONFIGURES them to scan.

Wow -- really scientific test method, wot? NOT!

All by the same outfit, & all quite well documented, & all as valid as anyone can externally determine: Hither, Thither, Yon, & One Moa.
++++++++++++++++++++++++++++++++++

Test results by a university IT...
AV TESTING RESULTS- 18-19th December, 2008.
Each scanner was the latest version, fully updated and was on optimal settings for the on-demand scanner; each result was the mean of 3 scans.

58,764 in-the-wild samples of vintage 2008 -- 31,678 trojans/backdoors, 13,678 adware/spyware, 7,075 viruses, 6,333 worms.

Detection Rates ---
DIVISION 1 (>95%)
Avira Premium 98.6
Ikarus 97.8
Kaspersky 97.6
Norton AV 96.2

DIVISION 2 (90-95%)
F-Secure 94.6
Avast 91.6
BitDefender 91.5
Dr Web 5 90.8

DIVISION 3 (80-90%)
NOD 4 89.8
McAfee Enterprise 88.0
F-Prot 85.9
Twister AV 85.2
AVG 84.8
Rising AV 84.8
VBA32 83.7
Dr Web 4 82.8

DIVISION 4 (<80%)
Command AV 73.7

DIVISION 4 (<50%)
Comodo 46.8
Quickheal 31.1
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Incidental tests by a poster of yore are Yonder
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

If Twister has an issue at the moment, it is that it sometimes detects TOO MANY possible nasties (FPs). To report a detection of zero in an defined, unsourced, ill-begotten first-post-ever-out-of-the-blue is simply trollish baloney.

May I say -- the moon in May, by any other IP or user name, shines just as dimly.

 

Yes I am well aware of that, but I just used the default settings.


And you are missing the point of my posts entirely - I'm was never trying to do a "scientific" test at all, my point is that it Twister detected zero malware out a large collection of Malware. People may dispute this, but this is a fact.

BTW regarding the number of files vs the number in the rar file, I extracted all the zip files.

 

First, i would like to thank you , that as a new member you decided to start with interest on Twister. You are an honorary Twistee! Nobody else would do that. A new member would run for KAV, Avira and the other fellas.

Second, i am disappointed that Twister didn't give not even 1 false positive! Are you certain you have it installed correctly?!? Not even one false positive in over 2000 files? Twister?

Third, please remember of Zimzi and send him the files. Rapidshare has free uploading accounts.

Fourth, do you have any idea about how old the samples were?

 

roger, the only task you have to complete is to send the files to Zimzi.

Do it.

 

The files I used were the rar archive which can found via the Google search I posted. I just extracted the contents to a folder, and then extracted the zip files in the folder as well.


I am not posting here to bash Twister in any way as it does look like a very promising antivirus. And the protection features are very good - I executed one of the malware samples and it immediately identified it as being suspicious and terminiated it (it did not identifity it as being any particular malware, just identified that it may have been malware).

I would be interested in testing the protection features against a large amount of malware, but at the moment that is not an options, as I am not running a virutal machine, and I really don't want to risk corrupting my system in any way if the malware is nasty.

 

If you mean to this archive (this is not a download link):
http://www.offensivecomputing.net/?q=node/392

I downloaded today and tested it. The Twister found and removed a bunch of malware. For what is lefted may be about 10% were possible malware files that Twister could not detect so I send those malware samples to Mr. Bright Chu just to ruin him the celebrating of the Spring festival ( )

P.S. Do you have noticed that the topics about the Twister are always the most silliest and the most funniest of all?

 

Maybe Twister isn't working properly on my computer, as it detected no malware. Yes - from the archive linked to at that webpage.

I'm running Windows 7.

Are you using the default settings for Twister Zimi?

 

Twister Realtime scanner is not working on Windows 7

 

Win7 is still very much in beta. It is likely that very few softwares will function properly with Win7 (same is true for 64-bit Vista). You might try Win7's Compatibility Mode.

 

I'll try that bellgamin. However 99% of software that runs of Vista seems to run fine on Windows 7. I did an upgrade install rather doing a new instll and all of my old programs are running fine.

However security software is an exception so I will try Twister in compatability mode, as Windows 7 may indeed be the problem. I just downloaded the Eicar test virus, and Twister also did not detect this.

 

Haha, i'm probably the only one that got that, good wordplay ^^

Good sir, you be doin it wrong. try turning your anti-virus on, for further help try turning your computer on and off again this useually will help, also replace your adsl filters.

 

Was that post meant as a joke? Do you think I am an idiot - well I'm not I've been using computers daily for 25 years.

 

Hello Roger_m.I'm sure no one belives that.You forgot to mention that you ware using a BETA OS to test Twister,so many members became confused when you posted your findings.

 

I don't think the fact that I'm using a beta os should matter.

As the scan completed with no errors or warninings, I had no reason to think the the scan wasn't working properly. It would be usual for an antivirus to crash or not run at all if it didn't work with the beta version.

 

Yes, it isn't working properly. As soon as i tried to extract the rar, Twister alerted (with extracting incomplete yet):

http://img299.imageshack.us/img299/4638/42766494xr7.png

Final detection of your malware samples:

http://img299.imageshack.us/img299/6809/14200214vw9.png

Which is simply not supported by Twister...

I used the default for the above on demand test.


P.S. : A final note with the things that the poster of the malware said:

"I have a folder (just over 300 megabytes/927 files), which contains a lot of malcious software. I uploaded it incase anybody wants to analyse it, or if anybody from anti-virus companies wants to detect it. A lot of it is already detected, but some of it is detected by some anti-viruses but not detected by others. There are all types of executable files, pif/exe/scr etc and also some .jpg/.zip which are really executable files renamed. There are also some HTML files, but a lot of those can just be ignored. Well I uploaded it all anyway."

I wonder how many dud files are there. Upload them anyway.

 

Either my PC is better than yours, or it DOES matter!

Dear Sir, you are running a product on an OS for which the product is NOT CERTIFIED. What do you expect?! The rest are your ASSUMPTIONS. It doesn't crash, apparently the scanning engine simply doesn't really work. You can always file a complain to Filseclab for not crashing on the non supported OS, so that you could tell.

 

Results on the same samples by other AV (that i could install without reboot).

Note: This isn't AV A vs AV B, please consider it as a file verification, since either the samples are very new, or they contain many dud files. Consider it a home made test (like others have presented in the forum).

Avira Free, updated prior to scanning:

http://img516.imageshack.us/img516/7717/71369991yc5.png

http://img516.imageshack.us/img516/1434/72665220wz6.png

Dr Web CureIT ,downloaded the latest version:

http://img516.imageshack.us/img516/2905/29875166ht5.png

 

I'm not arguing the point about Twister not working under Windows 7 Beta at all. It just seems rather strange that a scan actaully runs and completes even though it isn't actaully doing it's job and detecting malware, that's all. I ran Kingsoft Internet Security under Winodws 7 and it would not complete a scan at all - which to me seems like perfectly normal behaviour for a program not compatible with Windows 7.

It also didn't work when set for Vista compatability which is to be expected I guess too. Anyway when I get a chance I will install Twister on my XP partition and then run another scan. In the mean whille, Twister's FDD System is working fine, which would be helpful if I my computer ever did it infected (however it doesn't unless when I intentionally do so).

 

On the operating systems that does not support the Twister works in so-called Zen mode. I can't tell you more about this supernew antimalware technology because it is a deep, deeep secret. I have already said too much.

 

I haven't tried Win7 beta. Just curious - is it 64bit? If so, even with WoW that could be yet another obstacle to its *accurately* running legacy anti-malware software.

To me that sounds incredibly non-productive, bordering on out-and-out silly. Why would an anti-malware app give the illusion of operating properly when, in actually, it is NOT operating properly? Good grief!

 

I see that these is going way off the topic.

@ Zimzi

I suggest you pack and go to Argentina to hide yourself. Or else....

@ roger_m

I really like your courage to try Twister and tell us yours impressions.
But rather then that i would more appreciate testing to OS-s which are used now :XP, Vista.
I see that other people are searching for programs that are WIN 7 supported, which that I personally at this particular moment find it ridiculous. Not disregards to anyone, this is not meant as an insult.

In today's world where most of the people don't even use vista and vista has had a lots of problems since the start(i'm not saying that vista is bad or good). But simply vista asks for too many resources for most of the older PC's.


@ Everyone

Please stop with this kind of discussions, because they are not really productive.

Topic is Twister, and if possible user experiences in working OS's.

 

I can't tell you because it is a deep, deeep secret.

Just kidding Bellgamin. Obviously, there is problem with using Twister on Windows 7 platform. In that sense, that Twister can not detect any of the thousands of malwares it is meaningless to talk seriously.

 

There are 32 and 64 bit versions as with previous Windows. I'm running the 32 bit version for the reasons you pointed out.

Windows 7 is essentially version two of Vista. Because Vista has been an unpopular OS for many, Microsoft have changed the name.

 

I have Twister in Windows 7 beta x32 bit installed an it works fine..

 

What exactly you mean when you say "works fine"?

Does Twister recognize Eicar test file on your PC by real time protection and on-demand scanning?