> In my personal opinion, the tests published by Gega IT sometimes show some really strange results.
> Just compare the results of NOD32 in some tests performed by Gega IT (especially in bat, script viruses) where result was once on about 87,5 pec cent and the latest test from german Pc welt (http://www.pcwelt.de/ratgeber/viren/29660/
, done by the very same Gega IT and the same Andreas Marx where the result in the same filed is at once on 2 (TWO) per cent.
This has not escaped our attention.
GEGA IT's test set needs an overhaul by someone who knows what they're looking at. Anyone who expects respect as an antivirus tester from the antivirus industry itself must
adhere to a proper testing methodology and test products only
against validated and verified viruses. There is no
place in antivirus product testing for simulated/broken/renamed/inert or otherwise "dead" viruses. To a real
antivirus man, it's either a virus or it's not. There are no grey areas.
> This is a really indepentent smell of Cnet, what do you think ?
Eeeek! No comment!
> Anyway, there are rumorz, Andreas Marx offers for a lumpsum "independent" test with results "as you wish"....
I've heard the same rumors ... but that's all they are ... just rumors.
It's no secret that I haven't regarded Magdeburg/GEGA IT's tests very highly for many years, but this is based on my doubts about the validity of their testing methodology, not concerns about their honesty.
I doubt that Andreas would try to "sell" a favorable test result to a vendor. There are very few secrets in the antivirus industry, and if he had ever offered to do this, everyone would know about it.
"Careless" ... OK ... I'll accept that.
"Dishonest" ... no, I don't believe it.
> I can tell you, with my experiences in the field of antirus system testing, with some effort I can produce doctored test sets where result would be as your request.
Sure ... it can
be done. I have no doubt that it has been
done. However, no ethical
antivirus vendor (yes, there are a few)
would be a party to this kind of snake oil.
I don't think that even the shonky test figures posted by the antivirus wannabes who haunt security forums are deliberately doctored to make a particular product look good ... I think they're simply the result of amateurish testing procedures on what we refer to in the antivirus industry as "crud" virus collections.
Some years ago, when there were only around 15000 known viruses, I scoured the fledgeling Internet and downloaded over 55000 samples from various VX sites ... all "tested and guaranteed to be real live viruses". After eliminating duplicates with Frans Veldman's TbWeeder and running them through ThunderByte I ended up with just over 4000 live virus samples. Over 35000 of the "guaranteed real live viruses" were "crud".
Q. Where does a wannabe virus expert who has no access to a verified virus test set get his viruses ?
A. From VX sites!
I rest my case!
> I personally do not care about zoo viruses which are very unlikely to attack my 'puters. But singe i am using nod32, i had for ages no virus incident which is what counts. Any other opinion...
Between January 2003 and March 2003, every one of the more than three million viruses intercepted by MessageLabs in transit across the Internet was an In the Wild virus. No Zoo viruses were detected. That's a pretty high ration of ItW:Zoo.
> I am waiting for ESEt guys comments and ESET posotionm to this issue
We're not sitting on our hands. We've had a lot of internal discussion, and moves are being made even as I type this reply. Anton (our beloved CEO) will no doubt make a public statement about it once we get everything sorted out.