Joe Wells on AV's

Discussion in 'other anti-virus software' started by I who know nothing, Apr 4, 2005.

Thread Status:
Not open for further replies.
  1. Interesting article from the originator of the Wildlist. It seems he is saying that AV's with higher Zoo detection may not be better in the real world and may be worse. <Link Removed>

    Post no links to malware sites--Ron
     
    Last edited by a moderator: Apr 4, 2005
  2. Tinribs

    Tinribs Registered Member

    Joined:
    Mar 14, 2002
    Posts:
    734
    Location:
    England
    A slightly aged report, and I will be honest and say I didnt read more than the first few lines, it follows a similar tact as most reports.

    If you are looking for a decent av then regardless of zoo or in the wild reports, its results that count.
    Basically, if an av is decent enough it will score high in zoo detection as well as in the wild, in fact I would be down right suspicious if my av wasn't well rounded and fell down sharply in any one region.
     
  3. malware sites?
     
  4. Ah ok I get it. I sourced the article from a google cache I didnt see the homepage content.
     
  5. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    the article in this thread is from 1999 the one you thought it might be abridged from is from 2003
     
  6. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    Unfortunately this was only an advertisement from Fortinet, which is known to be a smaller database AV.

    It's true that we have the highest probability to get infected just with those ItW viruses plus TROJAN LIKE MALWARE outside that official ItW list, which have even higher probability. But when we have seen official ItW tests, those tests were made against 2..3 months old ItW list. During that last 2...3 months there have appeared about 40...60 new ItW threats, mostly newer variants of those already listed ones, which were never be tested then when they should be tested.

    Best regards,
    Firefighter!
     
  7. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    Unfortunately there is already an av that has the highest Zoo detection but it is the fastest updater overall too against newest ItW threats. Probably you already know the name of the av?

    Best regards,
    Firefighter!
     
    Last edited: Apr 5, 2005
  8. TAP

    TAP Registered Member

    Joined:
    Aug 17, 2004
    Posts:
    344
    In my opinion ITW can't represent the real-world scenario as its claim and all tests that based on ITW list are not represent the real quality of those tested AVs and ITW test is not everything you want in order to determine which AVs suits your needs. ITW test just like a minimum requirement for an AVs to detect ITW 100% at a given time (e.g. AVs must have been certified by ICSA Labs or detect ITW sample 100% in Virus Bulletin test).

    I think what we want is the new industry standard for gathering information about other malware (virus, worm, trojan-like malware, major spyware/adware, etc.) that are still circulating in the real world (but are not listed in the WildList) and people can be infected by them anyway and of course all AVs must detect them all by no excuse. :p
     
    Last edited: Apr 5, 2005
Loading...
Thread Status:
Not open for further replies.