Page 1 of 1
Twister's result on SSUpdater's "Do it yourself" test!
Posted: Mon Jan 19, 2009 11:53 pm
by Twister Watcher
Hi to everyone!
I tested Twister and Avira using legendary SSUpdater's "Do it yourself" 500 malware test. Here are results:
Twister - Scanned: 618 files; Infected: 514; Left after removal: 6; Score: 98.8%
Avira - Scanned: 639 files; Infected: 541; Left after removal: 11 files; Score: 97.8%
Congratulations to Filseclab!
After that I run System Shutdown Simulator test - sss.exe (standard test on Matousec Firewall Challenge testing) with purpose to check self-defense capabilities. Here are results:
Twister - FAILED: Twister was closed and the test software droped Eicar test file.
Avira - SUCCESS: Avira remain active and picked up Eicar test file.
Conclusion: Twister has great detection capabilities but needs some improvement in the self-defense.
Thanks.
Re: Twister's result on SSUpdater's "Do it yourself" test!
Posted: Tue Jan 20, 2009 1:09 am
by ftfans
Twister Watcher wrote:Hi to everyone!
I tested Twister and Avira using legendary SSUpdater's "Do it yourself" 500 malware test. Here are results:
Twister - Scanned: 618 files; Infected: 514; Left after removal: 6; Score: 98.8%
Avira - Scanned: 639 files; Infected: 541; Left after removal: 11 files; Score: 97.8%
Congratulations to Filseclab!
Thank you for your test. I guess next time you can attach the screenshots in your post.
Twister Watcher wrote:After that I run System Shutdown Simulator test - sss.exe (standard test on Matousec Firewall Challenge testing) with purpose to check self-defense capabilities. Here are results:
Twister - FAILED: Twister was closed and the test software droped Eicar test file.
Avira - SUCCESS: Avira remain active and picked up Eicar test file.
Conclusion: Twister has great detection capabilities but needs some improvement in the self-defense.
Thanks.
Yes, Twister Anti-Virus needs to prove self-defense, I use Eqsecure( a HIPS) to do so.
By the way, can you give me the link of downloading this file (System Shutdown Simulator test - sss.exe)?
Thanks you.
Re: Twister's result on SSUpdater's "Do it yourself" test!
Posted: Tue Jan 20, 2009 2:48 am
by Twister Watcher
Hi ftfans. You made great place for all Tweestes. Best wishes.
This is the URL of the Shutdown System Simulator developer's homepage (I guess you know him, he is a member on Wilder's)
http://zeroday-software.110mb.com/
I attached two images: "Twister in action" and "Left files"
Just to add that I send the left files to Filseclab as a malware samples but after 24 hours still not received a response (-1 for tehnicians in Filseclab
).
Kind regards.
Re: Twister's result on SSUpdater's "Do it yourself" test!
Posted: Tue Jan 20, 2009 3:39 am
by ftfans
Twister Watcher wrote:Hi ftfans. You made great place for all Tweestes. Best wishes.
No problem.
Twister Watcher wrote:This is the URL of the Shutdown System Simulator developer's homepage (I guess you know him, he is a member on Wilder's)
http://zeroday-software.110mb.com/
I attached two images: "Twister in action" and "Left files"
Thank you, it is now more convictive
Twister Watcher wrote:Just to add that I send the left files to Filseclab as a malware samples but after 24 hours still not received a response (-1 for tehnicians in Filseclab
).
1. Filseclab recieves too many virus-sample emails, it may takes a very long time for them to handle your email.
2. The best way is using the reporting fuctional part on Twister Anti-TrojanVirus. May be the name of this menu item is "online report", or you can using "online scan system". I do not have english version Twister Anti-TrojanVirus here, so I am not so sure about the detail.
Re: Twister's result on SSUpdater's "Do it yourself" test!
Posted: Tue Jan 20, 2009 12:03 pm
by Fuzzfas
Twister Watcher wrote:Hi to everyone!
I tested Twister and Avira using legendary SSUpdater's "Do it yourself" 500 malware test. Here are results:
Twister - Scanned: 618 files; Infected: 514; Left after removal: 6; Score: 98.8%
Avira - Scanned: 639 files; Infected: 541; Left after removal: 11 files; Score: 97.8%
Congratulations to Filseclab!
After that I run System Shutdown Simulator test - sss.exe (standard test on Matousec Firewall Challenge testing) with purpose to check self-defense capabilities. Here are results:
Twister - FAILED: Twister was closed and the test software droped Eicar test file.
Avira - SUCCESS: Avira remain active and picked up Eicar test file.
Conclusion: Twister has great detection capabilities but needs some improvement in the self-defense.
Thanks.
Thank you for your input. It's very interesting. Thankfully i run Comodo's firewall, that should protect me from the shutdown exploit. Filseclab should look into this.
I attached two images: "Twister in action" and "Left files"
Just to add that I send the left files to Filseclab as a malware samples but after 24 hours still not received a response (-1 for tehnicians in Filseclab ).
Hmm... I have noticed too that the official mail is slower to process virus samples than the built-in uploader. When i have bigger than 2MB samples, i sent them to a hotmail address of Mr. Bright Chu. This way they get processed faster.
About the "left files". Have you tried "Power Removal"? It's under "Tools" and it's supposed to be there for removal of persistent malware.
Re: Twister's result on SSUpdater's "Do it yourself" test!
Posted: Tue Jan 20, 2009 3:21 pm
by Twister Watcher
"Left files" are files that are missed by Twister during on-demand scanning. Although the Twister missed six files the result Twister achieved is exceptional. Twister has achieved better result than Avira, Kaspersky, NOD32, Avast, Norton etc ... According to information from others who are out this test only GDATA achieved better result.
Re: Twister's result on SSUpdater's "Do it yourself" test!
Posted: Tue Jan 20, 2009 5:34 pm
by Fuzzfas
Twister Watcher wrote:"Left files" are files that are missed by Twister during on-demand scanning. Although the Twister missed six files the result Twister achieved is exceptional. Twister has achieved better result than Avira, Kaspersky, NOD32, Avast, Norton etc ... According to information from others who are out this test only GDATA achieved better result.
I see. I thought they were files that couldn't delete. Thank you for the explanation. Yes, it is a very good result in deed. Of course in each test, there are many variables. For example i am pretty sure Twister has more quick response time and better detection on the malware that circulates in China, while russian AVs are better with the most common malware that circulates in Russia and so on. Anyway, there are repeated unofficial and official tests now, that show that Twister is keeping steadily at a respected level. And as i see it, with the new version it can only get better. And that's the most important.
Personally i was pleasantly surprised with the results you brought us, because they were on demand only. And it is common knowledge among Twistees, that Twister, relies on a good part of detection on the behaviour analysis system (FDDS), which couldn't help in this test. So , i am very happy about the result.