I guess i should explain some things over here as well, regarding the
test i performed. ...
Why?
Are you feeling guilty and trying to assuage that feeling?
You _need_ not explain anything. In fact, I doubt you can explain very
much at all as we have seen many useless, ill-informed, mis-directed
"tests" just like this over and over for most of the last 15 years.
The fact is, we know more about your tests than you do, which is the
worst indictment that can be made about of them...
... I once again admit that i still miss alot of knowledge about
viruses, compared to professional av'ers.
Good.
Then here's a deal for you. Before even contemplating doing another of
your shitty, worthless tests spend some time searching out some of the
very good articles out there about how to do virus detection tests.
You will recognize them because they are not written by pimply-faced,
ansgt-ridden moroniuc teenagers or other Vxers and they will be replete
with examples of bad testing processes that are found throughout your
testing methodology.
You will also want to look for the good articles on developing a top-
flight virus (or, these days, "malware") collection. Again, you will
find that the articles worth reading are all _NOT_ written by VXers...
Still, i will not accept people calling me stupid or moron or other
"specially chosen" nicknames, just because i do not know as much as they do.
So, lump it.
You are a moron because despite the voluminous, accurate and deserved
discrediting of your tests you still try to defend them.
Yes, my tests are not 100% flawless. ...
Would you like to try that again, without the marketing spin?
A statement something like "Yes, my tests are 100% flawed" would be much
more accurate and indicative that you have started to understand something
ratehr important...
... But i also believe that most of the files i have in my collection
are not garbage, as some mention. If they were garbage indeed, why do
most respectable av software detect them as malware? ...
What proportion is this "most" you are talking about?
80%
90%
92%
95%
From a very quick look at your results, I'd be surprised if much more
than 90% are "valid" malware samples (and it may be somewhat lower if
we take out boot infector sector dumps and so on...). That may seem
like "most" to you, but that leaves a pretty wide error margin in
your results...
... Is this, too, my fault? Or is it that, certain av companies
tend to add many more stuff that before, just to have a huge number
of detectable viruses? ...
They don't add them to boost the "X" in "we detect X viruses" claims.
They detect them for one of two or three reasons. Either their detection
methods for that type of file/malware/etc are rather poor or their lab
staff did a poor job analysing that malware or they specifically added
detection of the crud because such files (and I mean, precisely the same
files) have often been used in shite tests such as yours (in the latter
case, whether such detections are added to "protect themselves" against
incompetent testers or to cynically boost their product against more
honest competitors when compared in incompetent tests is something you'll
have to decide on a case by case basis).
Also, you say that most products detect most of these files. Do you
actually understand what it means when F-PROT detects a PE as "corrupted
executable" an old, would-be DOS virus as "intended", a macro in a Word
document as "inactive" and so on? It means that there's nothing of
actual concern present -- sure it is a partial attempt to protect the
product against idiots like you, but note that it these are really
"anti-detections" rather than "real" detections. Similar comments apply
to many other "protective anti-detections" used in other products too,
yet you continue to see these as evidence of the quality of your tests.
If you still do not see the problem, then "moron" is clearly not strong
enough a term...
... And, isn't it a good way to increase sales?Or is that also my fault?
Huh?? What has that to do with the price of fish?
... And, when it comes to the bottom of this, how can
i trust ANY av software, if i really cannot tell how many REAL viruses
it detects..??
There you hit the nail right on the head, though not for the reason I
suspect you think.
You are dead right -- _YOU_ are incapable of telling how many real viruses
any AV product detects. However, that is not because of a flaw in the AV
software but because of several obvious flaws in your wetware; flaws you
seem rather unwilling to address and correct.
Anyway, as some of you know, i have had quite bitter comments about this
last test. ...
Really???
Well that's a surprise -- NOT!
Could it be because it is, without a doubt, the biggest load of shite that
has tried to pass itself of as an AV test for several years?
... So, i decided to start
learning more things about viruses, hoping that sometime soon i will
be able to maintain a really good collection, without any garbage files
in it. ...
Well, that would certainly be a good start. However, I doubt you will be
able to go on to your next test "sometime soon" -- starting this late it
will take you more than a few weeks or months to build such a collection.
... What i have seen lately, is that most av'ers do not want to hear
about us, "vxers", and generally do not want anything to do with us. ...
Have you considered that this may be because most VXers are almost totally
lame and despite their own best efforts seldom are doing much more than
mocking the processes and procedures of real AV research?
Also, the really, really bad tests -- such as yours -- are either done by
VXers or enabled by the public VX sites.
... I
ask you, now, if a guy like me wants and tries to learn all the stuff that
professional avers know, how can he accomplish it?
By using his intellect.
You do have a brain, yeah??
Try using it. Despite running a fairly closed shop, there is a fairly
extensive literature out there describing everything you need to know
about designing and running a comprehensive AV tests.
To sum up, i 'd like to say that i performed the test using the best
methodology i could get, based on my current knowledge. Yet, that was not
enough, i know it and i do not deny it.
Odd that you tried to do something that was clearly technical without even
finding the most basic of information about it available through some
simple Googling...
I really try to catch up on the info i miss and i hope that in future
tests my methodology will be better. That is what i aim at anyway.
Thanks for your support and comments, good and bad
You're welcome and good luck...
