Twister Antivirus

Discussion in 'other anti-virus software' started by tiagozt, May 10, 2008.

Thread Status:
Not open for further replies.
  1. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    @Filseclab

    I reinstalled from scratch Twister today and i saw again that by default, some entries are in "trusted".

    a.png

    Is there a particular reason for that or is it a bug or something? I remove them all from the list.
     
  2. ellison64

    ellison64 Registered Member

    Joined:
    Oct 5, 2003
    Posts:
    2,570
    I dont think its a bug because if you click the little "default"arrow at the bottom in the extended options screen (on the "trusted" pane) they get put back in ,so i guess they are there for some reason.Maybe filseclab can comment on why they are there by default.
    ellison
     
  3. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Using Rising in an illogical way, makes sense to me (see https://www.wilderssecurity.com/showthread.php?t=213254), so why not apply the same with Twister ;)
     
  4. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Here's my Twister FP record in a single scan. Yay! And by coincidence, the filseclab server is down and i can't submit them yet as FP.

    a.png
     
  5. Miyagi

    Miyagi Registered Member

    Joined:
    Mar 12, 2005
    Posts:
    421
    Location:
    Honolulu, Hawaii
    Hope everyone is having a nice weekend.

    I've been coming back to Twister AV as it runs really light on my computers at home and their massive amount of signatures added on a daily basis. I am thinking of purchasing a license but wanted to find out first how you (those who purchased the lifetime deal) feel about it. Please don't compare to another AV as that will shutdown the opinions about this AV. Thanks.
     
  6. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    1,425
    Location:
    Paris
    Personally really like Twister. You're correct about the defs; I wish Rising would have them.

    The one interesting thing about both Twister and Rising is that the same version runs on both Home OS'es as well as Server OS'es. It's really nice having the choice of light, responsive AV's instead of top-heavy, clunky Enterprise AV's such as Sophos or Symantec Endpoint.
     
  7. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    I have written much about it already, but to sum it up,

    - If you want a very light AV, with lifetime license,
    - If you don't mind false positives (i have had a lot),
    - If you don't mind small annoyances (like slowing down defragmentation),
    - If you feel enough protected,

    then i think it's fine. In the worst of cases you can use it on demand (it doesn't need running processes to run on demand).
     
  8. Miyagi

    Miyagi Registered Member

    Joined:
    Mar 12, 2005
    Posts:
    421
    Location:
    Honolulu, Hawaii
    Thank you cruelsister and Fuzzfas. :)
     
  9. Fajo

    Fajo Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    1,814
    Honestly I would Google and look around before you deiced there is MUCH better free versions of AV's out there that require you to spend no money at all. Also massive amount of Sig updates mean nothing as it could be the same Virus added Several times tho I don't know this for sure. just seems wired they would have to update so much. and add so many. im guessing verdant. also there is Lighter alts out here. just look around a bit.
     
  10. Miyagi

    Miyagi Registered Member

    Joined:
    Mar 12, 2005
    Posts:
    421
    Location:
    Honolulu, Hawaii
    Thank you Fajo. I've already purchased 2 licenses and loving it. :)
     
  11. Miyagi

    Miyagi Registered Member

    Joined:
    Mar 12, 2005
    Posts:
    421
    Location:
    Honolulu, Hawaii
    This is my personal insight with my recent purchase of Twister AV.

    2 of my computers at home (desktop & laptop) both run very light (unnoticeable) with the default configuration, and I am glad to be using it. Love the daily updates (weekends included). I also have DefenseWall and Rollback RX which makes my setup very configurable. I was thinking of adding an AS but why even bother when I have Rollback to reboot in case of malware infection.

    I feel like Rollback RX and safe computing is all I need but still want to have fun with Twister pop-ups about anything trying to get in. So far, Twister is running very nicely and don't have to deal about slowdowns. :thumb:

    I am a new fan of this AV. :D :p
     
  12. Zetelo

    Zetelo Registered Member

    Joined:
    Sep 23, 2008
    Posts:
    110
    This program really shows some decent potential, that I wouldn't have expected from this company. Chinese technology is rising, I can feel it.

    Will Av-Comparatives add it to its tests? I really want to see some professional reviews about this extraordinary application!

    So far, I can tell you that I'm more than just satisfied with this AV, I recommend it to anybody who's seeking for a decent and light antivirus without paying loads of cash!
     
  13. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    6,690
    Location:
    Hawaii
    In its only known test, Twister scored in the 60%'s -- very weak. Its HIPS component (FDD) is equally untested, & is far less configurable than other HIPS such as SSM, RealTime Defender, Malware Defender, Defense+, Drive Sentry. Also, FDD lacks the file protection & network monitorship capabilities which are available in other HIPS.

    IMO, TAV is a nice try but it is not at all ready for prime time.
     
  14. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Correct, according to the test found (malware- test lab) and posted by DJohn, Twister scored 62,59%.

    http://img505.imageshack.us/img505/6781/capturepl8.jpg


    However, saying that alone, is, IMHO, driving a reader to the wrong conclusions. Because, one must make an idea of how reliable the test was and how the other competitors scored too.

    So, in the same test, let's see some other "famous" AVs that oddly enough scored near the levels of Twister...

    - Twister V7 : 62,59%
    - Avast Pro 4.7 : 65,19%
    - Norton Internet Security 2007: 62,63%
    - F-Prot 3.16f: 62,07%
    - Trend Micro : 61,16%
    - McAFee Internet Security 2007: 58,96%
    - ESET NOD32 2.7 : 54,29%

    NOW, i think one can form an idea of comparable strenght with the other AVs. Otherwise, it has no sense saying "it scored just 60%".

    As for the HIPS part, FDD isn't supposed to be a HIPS and it's not the job of an AV to be a HIPS. The FDD is behavour analyzer, many AVs don't have anything like it.

    IMHO, Twister must work more on eliminating False positives (i am sick and tired of having to re-send every new Abiword bin file to them, because each time they fix it and when the new Abiword comes out, the file is again flagged as a trojan Zhelatin or something) and go out with a new version, with small bugs ironed out.

    I don't get infected for years, so i can't speak about detection, some stuff i downloaded from p2p got flagged. In any case, i would say that for LOW RISK users, Twister, for its price, is more than enough for the AV sector.

    Hey, ZA with Antivirus was "ready" for prime time with a product that couldn't update or would corrupt its updates and was being sold with Vista logo while it couldn't run on Vista yet.

    Not to mention other AVs with big stability issues.
     
  15. hex_614

    hex_614 Registered Member

    Joined:
    Jul 17, 2008
    Posts:
    155
    Location:
    Manila, Philippines
    is it effective?>
     
  16. gery

    gery Registered Member

    Joined:
    Mar 8, 2008
    Posts:
    2,079
    read the above results and judge ito_O
     
  17. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    6,690
    Location:
    Hawaii
    Mediocrity compared to mediocrity? I use Avira, which scored 89.75% back then & is now in the very high 90's. Ditto Kaspersky, BitDefender, Fortinet. Those "winners" should be the basis for comparison -- not the "also-rans". Further, many other AV companies have voluntarily submitted their programs to testing. Evidently, Twister has not. I wonder why?

    Behavior analyzer (a.k.a. "behavior blocker") is a subset of HIPS. Therefore, FDD is in the "HIPS" genre.

    Other members of the "behavior blocker" subset include but are not limited to Threatfire, Mamutu, Primary Response SafeConnect, Prevx. More & more AVs DO include integral HIPS, such as Norton, Rising, Kaspersky, Comodo, Norman.

    Further, ALL the top tier AVs have some provision for spotting zero-day. Those which lack HIPS use heuristics -- many use both HIPS & heuristics. Twister doesn't use real-time heuristics -- only on-demand. I suppose it depends on FDD for real-time. My point remains that FDD is less configurable and seems less powerful than Threatfire, Mamutu, & others in the behavior blocker genre.

    I might add that, whereas not every AV has a HIPS, there is a trend whereby more & more HIPS have an AV. Such is the case for OnlineArmor (Kaspersky AV), A-squared (Ikarus AV), & Safe'n'Secure (DrWeb AV).

    Another bit of information to consider -- Filseclab's firewall has been in production for several years, but it has yet to reach top-tier status. Such being the case, it remains to be seen as to whether Filseclab's FDD will ever be equal to the likes of Threatfire or Mamutu.
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Having said all that, I must compliment Fuzzfas on a well-written and balanced comment. Further, I fully agree with him that Twister offers great promise. I continue to monitor Filseclab's website for updates to their AV engine &/or to FDD -- either of which actions will move me to purchase Twister for the simple reason that it has the potential to be a front-runner & deserves support.
     
  18. GES/POR

    GES/POR Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    1,490
    Location:
    Armacham
    I believe SafeNSec uses VBA32 nowadays and not Dr.Web anymore :'(
     
  19. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    I never claimed it was a top tier. I just wanted to give a reader of this thread, a complete idea of the picture. In the link one can see that others scored better. That's why i put the link, to give the whole story to someone. Still, mediocre, yes, if you like, but in good company, wouldn't you say? Of course Avira is now better, but one must look at the test done at the same time, right?

    I think the best basis for comparison is to give the entire screenshot so someone who knows nothing about the test, can read with his own eyes. Personally, i never said Twister was the best. I just wanted to say, that in that test, it wasn't the only "garbage" AV to get 60%. I just thought of it as more fair towards Twister, wouldn't you say so?

    And i posted earlier, this isn't an AV to get the "top tier". I reccommend it if.

    "- If you want a very light AV, with lifetime license,
    - If you don't mind false positives (i have had a lot),
    - If you don't mind small annoyances (like slowing down defragmentation),
    - If you feel enough protected,"

    Personally i don't care about who's the best of the best, cause i won't get infected anyway most probably. The times that i did buy a license, for a reason or another, i found myself not using it. I would rather use a free av. There are so many free products and combinations out there that i consider it a waste of money buying "1 year license". The only reason i bought Twister, are the combination of the reasons i gave before and especially the lifetime license. Heck, if i don't like it i can put back a free AV and use it on demand and put it back on when it comes with a better version. I bought Winpatrol PLUS, for the same reason. It is light, it was cheap, lifetime and honestly i always liked the attitude of its author and liked to say a "thanks" to him.

    That's why i also wrote that i would reccommend it for LOW risk users. It's not tested enough.

    -They are afraid?
    -They don't want to give some thousand dollars to be included in a test when their main market is in China and wouldn't benefit so much anyway?
    -They don't have a marketing network in the "western world" yet or money for pubblicity for a product that you can find only in internet? (Most ordinary people at least in Europe, usually buy AVs in "boxes" from shops. Those that know about AV Comparatives or buy online, are a small minority, the security enthusiasts.
    -They won't pass any test which includes FP? (This is something i believe as at least one reason. In VB for example, Twister will fail for the reason alone that will get FP. I am 99% certain of it).

    I don't know. That's why i say it's good for LOW RISK users. Such users, know what the dangers of such a choice are.



    Ok, i just don't consider " SSM, RealTime Defender, Malware Defender, Defense+, Drive Sentry" in the same category as FDD, Mamutu, Threatfire, PRSC, PrevX. That's all. They work in completely different way and also their level of annoyance is completely different. I made the distinction, because you mentioned those who are "classical HIPS".

    Simply, Twister isn't trying to appear as top tier... And FDD isn't as good as standalone behaviour blockers, true. (How many famous avs have such ability?). As for the heuristics, again true.

    Yes. But is it my idea, or is Twister the only AV in this forum that is also compared to such programs? (OA is basically a firewall with on demand scanner, Twister is supposed to cover that area too? :eek: )

    And never will, since its development has been discontinued for some years now and the code is for sale.

    May i ask something, since you insist in comparing FDD with 2 standalone programs. Will Threatfire or Mamutu ever be capable of catching all the malware Twister can? (Or ANY other AV product if we want to be fair with Twister? Because on a proactive test, of unknown malware, i would bet my money on Threatfire and not Avira).

    Hey, it's what i try, having to carry the burdon of the fact that i am a Twister's user.


    P.S.: IF Twister was all the things you write (Capable of file and network monitoring at the levels of SSM, D+ etc and with a behaviour blocker on par with Threatfire and Mamutu and with detection rate of Avira), you wouldn't find Norton and Kaspersky's boxes at Wall Mart, but Twister and Norton and Kaspersky would be some semi-hidden boxes down the corner. Oh and most important... You would pay for it 60 $ per YEAR. :D (maybe 100$ would be a more honest price).

    I mean, come on! What do you expect!? It's not Avira + Threatfire + Defence+ at 25 euros for life! Actually, is there ANY AV that does all that for 25 euros for life? Heck, is there ANY AV that does all that for 50 euros a year? NO WAY!!! So why ask them from Twister to do them? o_O

    It's light, it's cheap and for life, it has a behavour analyzer good or bad that may be, it's decent enough if you know about security and have more defences. That's it. It's not Avira! If you look for Avira in Twister, you are loosing your time! And if it DOES become Avira, be sure, that the licence won't be lifetime anymore.

    I can't say it simpler than that. If you ask me, i feel protected more than enough and actually think Twister as oversuspicious and trigger-happy (the first time i use Rocket Dock to launch Opera, RD is flagged as suspicious, because it uses global hooks and tries to launch the browser, so you must "trust" RD in order to continue). I also hate the false positives. Specially Abiword. 3 versions of it, all FPs.

    This isn't a Ferrari. It is more of a city car. It gets the job done of moving you around and consumes low fuel. If you want a Ferrari, you will pay it as a Ferrari. :D

    Look at me. Right now, i use Twister (25 euros for life) + PC Tools Firewall (Free) + TF (Free, so why care if FDD is better than TF anyway?!) + WinPatrol Plus (costed about 12 euros in Dad's day discount). Why should i pay 40 euros for Bit Defender? I also have still Mamutu's license from GAOTD. I don't use it, cause i like TF more. Heck if i feel paranoid enough i can install Comodo with D+ (free again). Heck, if i feel tired i can install Returnil GAOTD (free). Why pay, pay, pay, pay for the super duper ultra wow antivirus? For a good firewall? Yes, i could pay. (OA is a candidate for that). For something like Returnil, yes i could pay. Because you can use them for long without depending on updates. For an AV? HELL NO! For all i care Avira can score 100%, i will STILL won't buy it with 1 year license when i have at disposal so many different combos that can keep me JUST AS SECURE. And Twister is part of the equation in this line of thinking. And, did i mention i HATE resource hogs? Right now TF is the heaviest thing in my startup list, which is pretty small, so overall, TF isn't bothering me so much. I could run AVG Free and have more CPU usage now than all 4 programs combined.
     
    Last edited: Sep 28, 2008
  20. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Oh, since there are many pages now in this thread, i think more than unofficial testing results, the opinion of Inspector Clouseau is the most poignant of all:

    When i bought the license, i took this also in consideration. And i think that is a fair guide to all potential buyers. Plus the false positives (yes, they are often).
     
  21. Miyagi

    Miyagi Registered Member

    Joined:
    Mar 12, 2005
    Posts:
    421
    Location:
    Honolulu, Hawaii
    Thanks to both of you for your insights. In respect to Inspector Closeau, he has been quiet here and wonder if he's far gone in the ocean. :D
     
  22. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    6,690
    Location:
    Hawaii
    OA began life as a classical HIPS, and still is (with other schtuff glued on).

    Not just Twister but ALL antivirus programs will soon have to cover more than mere blacklists and simple heuristics. Or they will vanish into the sunset.

    Yes, they will. In fact, I'm fairly certain that they already can! Why? Because they are behavior blockers that have added blacklists/AVs. A-squared now includes Ikarus (a top-tier AV) plus Mamutu. TF includes PCTools AV (an improved clone of VirusBuster).

    Here again, IMO antivirus programs which seek to continue purely as blacklist-based apps will not prosper. Twister's FDD puts it in the vanguard of future AV component structure. I wish Avira would get in step with that trend -- and soon.

    No sandbox? No imager? Hmmm?

    As to a software firewall -- I don't need one. Got a router.

    Besides the router, my active security consists of just SBIE (free), MalwareDefender (1-off $39.95), Avira Prem ($25/year), & O&O Disk Image Express (free). Thus I have quality at low cost -- better, I think, than Twister.

    But again -- I see a rosy future for Twister & will buy it when they upgrade FDD & the scan engine.
     
  23. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Ok, in just few words. You can say all that being true now or in the future, i don't mind.

    For today, i extensively explained what i think of Twister.

    Here is the essense of the problem. You seek the Ferrari of Security. I don't. Believe me, it is highly unlikely that i need a sandbox, because simply it is highly unlikely that i will see a malware that i myself didnt' dl from p2p (and i don't trust such files).

    Twister, now and in the future, doesn't need to be "the best of the crop" to be preferred by some users, like me, Miyagi (and BadCompany?). I ALSO have Sandboxie , i am not in the mood of using it right now, that's all, because i FEEL protected enough. Because i don't see malware that i don't expect to see for years now. I have Returnil. I don't install it for the same reason. I have a KAV license (from a free offer), i only used it one day, uninstalled when i saw it was too heavy for my taste. I have Comodo and SSM Free somewhere. I have also a ZASS license somewhere, i don't use it (free offer).

    Next month i may change things in my setup. But i do it mostly for fun, not out or real need. I simply am low risk user.

    BTW, i have a router too, but i use software firewall, to control outbound better (for instance i don't like some progs that phone home all the time, including Threatfire- just figure that!).

    All this to say, that there is no "absolute winner" in security. I have also Macrium Reflect Free, done a snapshot after a clean Windows Installation, without drivers, one with the drivers and one with all the "usual" applications. After i did that, i disabled the Macrium's autostart service. I also have Erunt registry backups and that's it.

    Next week, i may change my signature in Twister + Comodo with D+. The next in Twister + Returnil + WinPatrol. I do that often. Theoretically one can be more safe that another. In FACT though, i almost WISH i would encounter a real malware, because it's soooo annoying having something like Comodo and never seeing it in action. :D That's why i occasionally dl keygens and stuff from p2p, that usually are infected, so that i can have the joy of seeing some malware on my PC (after i take the appropriate defence measures, never do it without a sandbox).

    Today Avira is the top. BUT, most people run Norton, because they find it in shops. And they live with it . You may have better security than mine, but the thing is, i don't NEED better security. I 've run even without AV in the past, just firewall and PG Free and nothing happened to me... Same goes for other people. I used to have the obsession of being "bulletproof", then i realised i was giving useless money away or braking my nerves answering to pop ups all the time.

    I mean, Twister, may be inferior to your Avira, but there are still people that will prefer Twister.

    Honestly, we should make a poll. How many of Wilder's members have actually seen their uber defence in real combat? Since i have been on the internet, the piece of software except for the AV that has "saved" me most times, was... Registry Prot. It has warned me several times. Since then, i 've learnt more and i have yet to be "saved" by SSM, PG, D+, TF, Mamutu, FDD, Returnil , Sanboxie and the rest.

    So, AVs may become like OA (firewall with HIPS and on demand scanner) or like TF (behav blocker plus AV on demand).

    The thing is, that there will still be some fellas out there, that will prefer a more humble AV at low price + a variety of free defences. Unless free programs cease to exist of course.

    Heck, there are people that go "nude" on the internet in this forum. You have better defence than them, but they don't need your or my defence.

    P.S: If you note my sig, i use Threatfire WITHOUT the AV (3.0.14) and PC Tools Firewall v. 3 (the one without the "enhanced security"). I don't WANT them heavier than they are, buggier than they are or phoning home without my permission (like the latest TF to update virus def).
     
    Last edited: Sep 28, 2008
  24. Badcompany

    Badcompany Registered Member

    Joined:
    Nov 18, 2005
    Posts:
    755
    Location:
    RUNCORN UK.
    Received some info today from Bright Chu ( Twister AV.) The new version of Twister is in development now, and will be released in the next half year.The FDDS will have lots of improvements for Real-Time Heuristics, and many improvements through out the program.In his words ( A very big up-date.) And the program will be tested by AV-Comparatives next year. Excellent news.:thumb:
    Badcompany.
     
  25. emperordarius

    emperordarius Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    1,218
    Location:
    Who cares

    Looks like Filseclab is really working seriously on it. If they keep a good detection rate, their heuristics + behaviour blocking functions will be good, and if they will continue providing a lifetime license, well, it will be an excellent choice for sure.:thumb: .
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.