Hi guys, I feel extremely compelled to write this after watching some youtube reviews. I hope I can help raise the standards of youtube malware testing through this article. 
General Dos and Don'ts
1. Please save the samples that you have used. Many AV companies are very cooperative and they may try to contact you to obtain the samples that their products missed. Its almost always nice to work with them.
2. Please use only recent samples. I don't think we want to see how products fare against MS-DOS samples.
3. Please know what your samples are. When you just download some random malware pack, almost 50-60% are repeated samples.
Testing Dos and Don'ts
1. If possible, try not to determine if the AV you are testing failed by scanning with another engine (Hitman Pro etc.) They can miss samples too.
2. Do not use those leak test, keylogger tests etc. (such as Zemana Keylogger test) Trust me, any good antivirus will not detect them, and those that do should be counted as false positive. These tests have various telling attributes that they are non malicious, such as having a GUI, digitally signed etc. Like seriously, do you think a malicious keylogger will have a GUI that tells you what it has captured?
3. Try not to perform static detection tests anymore. Most AVs are moving beyond these kinds of tests. Symantec withdrew from AV-Comparatives because it did not want to participate in static tests. That's because most AVs are now very complex pieces of software which utilise a whole spectrum of technologies and most vendors do not focus on static signatures anymore.
4. If possible, try to test samples using different techniques of achieving their malicious aims. For instance, to test Keyloggers, try to test various Kernel and User mode ones. This will allow you to gauge the performance of the AV to each kind.
5. Run current OSes in your testing. E.g. many vendors use Kernel hooks in XP, but have moved away from this in later versions of Windows.
Thanks for reading my post! Hoped you have learnt something and enjoyed my sense of humour
General Dos and Don'ts
1. Please save the samples that you have used. Many AV companies are very cooperative and they may try to contact you to obtain the samples that their products missed. Its almost always nice to work with them.
2. Please use only recent samples. I don't think we want to see how products fare against MS-DOS samples.
3. Please know what your samples are. When you just download some random malware pack, almost 50-60% are repeated samples.
Testing Dos and Don'ts
1. If possible, try not to determine if the AV you are testing failed by scanning with another engine (Hitman Pro etc.) They can miss samples too.
2. Do not use those leak test, keylogger tests etc. (such as Zemana Keylogger test) Trust me, any good antivirus will not detect them, and those that do should be counted as false positive. These tests have various telling attributes that they are non malicious, such as having a GUI, digitally signed etc. Like seriously, do you think a malicious keylogger will have a GUI that tells you what it has captured?
3. Try not to perform static detection tests anymore. Most AVs are moving beyond these kinds of tests. Symantec withdrew from AV-Comparatives because it did not want to participate in static tests. That's because most AVs are now very complex pieces of software which utilise a whole spectrum of technologies and most vendors do not focus on static signatures anymore.
4. If possible, try to test samples using different techniques of achieving their malicious aims. For instance, to test Keyloggers, try to test various Kernel and User mode ones. This will allow you to gauge the performance of the AV to each kind.
5. Run current OSes in your testing. E.g. many vendors use Kernel hooks in XP, but have moved away from this in later versions of Windows.
Thanks for reading my post! Hoped you have learnt something and enjoyed my sense of humour
