What's this site all about?

[Venustus]

Apparently shows statistics on zero day detections by various av vendors:

http://www.shadowserver.org/wiki/pmwiki.php/AV/VirusDailyStats

Any feedback from members?

 

[Gnosis]

I don't want to jump the gun here, but this could be a great find.
It could be that when you find out which software is not on that list you know who the website founder(s) is (are). What I mean by that is that eventhough it appears Avast might own that site indicated by being the top performer, their percentage is not anything to brag about if deception is intended.

 

[illumination]

This site has been around for quite awhile.

 

[Gnosis]

Well, don't I feel dumb. lol

Any chance their alleged/supposed findings are accurate?

 

[illumination]

Well, don't I feel dumb. lol

Any chance their alleged/supposed findings are accurate?

I have not been to it for a while, but I remember CIS was in the top couple the last time I visited.. If you go down the left hand column you will see stats for weekly, monthly and yearly ect, take a gander in there.

 

[Gnosis]

Makes no sense. How could Emsisoft score at the bottom when they have a cloud, and probably more honeypots, and effective ones at that, than anyone in the universe?

 

[illumination]

Makes no sense. How could Emsisoft score at the bottom when they have a cloud, and probably more honeypots, and effective ones at that, than anyone in the universe?

That is a Daily Stat, subject to change from day to day...

Here is their Yearly stat
https://www.shadowserver.org/wiki/pmwiki.php/AV/VirusYearlyStats

 

[Gnosis]

Surely these are not accurate results. I could not possibly imagine.

 

[illumination]

Surely these are not accurate results. I could not possibly imagine.

When you look at the "total" amount of samples vs what they are "detecting", I think it is plausible .

 

[Venustus]

The point of the post was whether you guys trust these results?
Eset at the moment is way down the list,however several days ago it was almost at the top,which is to some extent understandable given the quality of the sigs variations etc!

 

[Gnosis]

I figured as much. I was simply marveling.

 

[Gnosis]

When you look at the "total" amount of samples vs what they are "detecting", I think it is plausible .

That is scary, but it makes me feel better about recommending Avast Free to people. So Avast or Avira could be the kings of 0-day assassination? Interesting.

 

[Venustus]

I like Avast myself,however they could improve on their on demand scanning detection.
Maybe when "dyna gen" kicks in, that will change!

 

[Gnosis]

You would think that since they have a boot-time scanner that demand scanning protection would be of the utmost significance.

 

[Littlebits]

The point of the post was whether you guys trust these results?
Eset at the moment is way down the list,however several days ago it was almost at the top,which is to some extent understandable given the quality of the sigs variations etc!

The results look pretty accurate but still there is always room for errors.
If you are a user that never pays attention, clicks on everything, downloads and runs suspicious files, then these results might mean something to you but not much since no AV's will offer 100% protection because all are failures to the careless user.

If you are a careful user who always pays attention, never downloads or runs suspicious files and utilize UAC prompts, then these results will mean nothing at all to you since all zero-day malware requires the user to manually download and manually run an infected file(s).

I never put my complete trust into any testing site since each end user may never come in contact the the malware samples used in the testing or the wild but may come in contact with other malware infections not included in the sample testing. Your actions will determine what you will come in contact with and depending on how you will deal with it will determine if you will get infected.

Thanks.

 

[cruelsister]

This is an excellent site and the folks there do good work. But the really important thing to note is that they test primarily through a command line interface or a gateway version- these are NOT the applications tested here. It is still very useful and I personally refer to the site frequently, always keeping in mind that this is definition detection in the raw.

 

[Venustus]

This is an excellent site and the folks there do good work. But the really important thing to note is that they test primarily through a command line interface or a gateway version- these are NOT the applications tested here. It is still very useful and I personally refer to the site frequently, always keeping in mind that this is definition detection in the raw.

Thanks for the heads up!

 

[Gnosis]

I wish I did not feel like I have to be so skeptical all the time when I see tests from various sites. I guess this is one more reason that I cling to Sandboxie and behavior blockers; for the most part I do not rely on AV's, whether I have one installed or not. It is more of a hobby to me when it comes to monitoring the typical AV suite, whether from our video reviews or how certain sites rate them and what they come up with. This is one of the biggest reasons I choose not to pay for protection.

 

[Deleted member 178]

Comodo's fanboys praised that site when CIS was at the top, then bash it after when CIS was going down

if you want a good advice: NEVER trust a testing lab; you want a reference? take a old computer and do malware tests yourself on a real system (VMs are not accurate)

 

[Gnosis]

NEVER trust a testing lab; you want a reference? take a old computer and do malware tests yourself on a real system (VMs are not accurate)

I can dig that.