How Genuine is Zero day malware/new malware test result?

[Stranger]

Today I had seen few test result on zero day malware/new malware test by different antivirus and antimalware on youtube and few websites.
I had one question in my mind that how genuine is this test result.
How can We Trust on this test result?
Can this test result are manipulated or fixed by av companies.
As we know new malware cannot be detected by av till the sample submitted to them, so assuming this there is easy way to manipulate this type of result.For Example.
Suppose Av company XX hire some geek like YY (Like our Sujay bro ) who is famous on tech forum and make new 50 samples of malware. After that Mr YY will test 5-10 av/antimalware and show result with prrof on various website that which av has best detection rate.
The other av company will not able to detect many malware as they are new and not in there virus list whereas XX av will detect most of them as they will update there virus engine with this new malware detection.

I know its dirty trick but everything is fair when its a competition.
So my question is same that is this type of test result can be trusted?

[hellnoire]

I take all reviews with a grain of salt, and try it myself on my computers to see how well they protect me.

ESET's done the best at that, the only reason why I'm paying for it. That with being lightweight... perfect for me.

[Neo]

Thats a question that has been debated for long time. This is also a reason why you see fluctuation in results for vendors. Though it may not give you exact report but you can still get an idea.

eg: you see a vendor has got good ranks from various labs . Also if it has good score for certain long time then it has a good probability than being better than another.

But Remember ,its still a probability

[leofelix]

So my question is same that is this type of test result can be trusted?

it is up to you.
Trust is subjective

[sujay]

As we know new malware cannot be detected by av till the sample submitted to them, so assuming this there is easy way to manipulate this type of result.

Actually this is not totally true. There is something called generic detection, which helps antivirus to judge unknown samples and also there are cloud computing and sandbox techniques that helps identify threats based on their behavior in virtual space or in cloud server.

For Example.
Suppose Av company XX hire some geek like YY (Like our Sujay bro ) who is famous on tech forum and make new 50 samples of malware. After that Mr YY will test 5-10 av/antimalware and show result with prrof on various website that which av has best detection rate.

I wish I could be paid for my test.
The fact is that trust is behind the success of every organization. If people loses their faith on a company that claims to achieve some unexpected result and become able to reproduce that while no neutral person can find such result (say, Clam detects 99.99% threats while Norton detects only 60%), then what can that organization do with their manipulated result? In fact some organizations publish sponsored results, which you can expect to be somewhat manipulated like that of Dannis Technology Lab's. But in my opinion independent test labs like AV- Comparative, AV-Test, Virus Buletin always publish mainly neutral results. The discrepancies that arose might be due to different methodologies in the tests, different malware samples (there are huge number of malwares originating everyday for very part of world, so its impossible to make the sample set uniform).

[Stranger]

well explain sujay bro

[Raymond]

If you think a virus can be made so easily, read the article written by Christian, the CEO of Emsisoft.
http://blog.emsisoft.com/2011/05/24/how-many-viruses-are-made-by-anti-virus-companies/

Also at underground forums where there are Marketplace selling malwares, you will see that the they only sell one or two products a time.

[Neo]

If you think a virus can be made so easily, read the article written by Christian, the CEO of Emsisoft.
http://blog.emsisoft.com/2011/05/24/how-many-viruses-are-made-by-anti-virus-companies/

Also at underground forums where there are Marketplace selling malwares, you will see that the they only sell one or two products a time.

Are you talking about Virus or Trojans.
I see many Trojans and crypters being sold. How Can Virus be sold ?? Its piece of code to perform some function. You can only do one thing out of that whereas for trojans main motive is to make it FUD

[Raymond]

Virus, crypters, trojans, worms, are all categorized under Malware (Malicious software).

Just like trojan, logically virus are made to spread (through email, USB, network shares, instant messaging, OS exploits) and it has to be FUD (fully undetected) in order to be successful in spreading. What is the use of creating a virus when it is already detected by antivirus upon compiling?

[Neo]

Thx Ray for the explanation, Though I would like to clear some doubts ( for my knowledge ) .

I can understand Trojans being made FUD so that they can steal info such that AV cant detect them
whereas

Virus targets OS . So shouldn't AV detect it when it sees some s/w affecting OS files . SO how can Virus be made FUD ?