Antivirus Solutions

Discussion in 'Windows Vista Security' started by Richard Urban, Sep 21, 2006.

  1. Richard Urban

    MICHAEL Guest

    This explains the procedure better than I did.

    http://www.virusbtn.com/vb100/about/100use.xml

    Who can use the VB 100% logo?

    In order to display the VB 100% award a product must have been tested by Virus Bulletin and in
    those tests it must have demonstrated, in its default mode, 100 per cent detection of In the
    Wild test samples and no false positives in a selection of clean files.
    Vendors whose products achieve a VB 100% award in a Virus Bulletin comparative review are
    eligible to license the use of the VB 100% logo and may thereafter display it on product
    packaging, marketing materials, user documentation and so on.


    1.. Use of the date-stamped VB 100% logo on the Internet currently remains free of charge,
    provided it is used in reference to the operating system on which it was awarded - its use may
    be withdrawn at the discretion of Virus Bulletin Ltd at any time.
    2.. The right to use the VB 100% logo - whether date-stamped or the generic, undated logo -
    for any other purpose may be licensed on a non-exclusive basis for a period of 12 months on
    prior payment of license fees and completion of a License Agreement.
    3.. Within the license period the logo may be used as required - within the product, on
    product packaging, on advertisements, on websites, marketing materials, in user documentation
    and so on.
    4.. At the end of the 12-month licensing period the license must be renewed. Renewal of the
    license will be granted providing the product has achieved at least one VB 100% award within
    the 3 comparative reviews prior to license application (and providing payment for the license
    renewal is received within 30 days of invoice date)
    5.. The cost of the license will vary according to vendor's annual turnover.
     
    MICHAEL, Sep 22, 2006
    #21
    1. Advertisements

  2. Richard Urban

    MICHAEL Guest

    I will say, AVG has gotten 100% 4 times in row,
    and 10 out of the last 11 that they have had their
    AV tested. They had a horrendous product from
    1998 until about 2004. Avast has similar results.
    They did terrible from about 1998 until 2003. They
    have now achieved 100% 9 times in a row. Remember,
    some AV vendors participate more often than others.
    They only have to achieve 100% once every 12 months
    in order to use the VB 100% award logo. The tests are
    actually rather strict- no "in the wild" misses and no false
    positives.

    One last important thing to remember- *none* of these
    AV vendors have been tested on Vista, yet. The testing
    schedule indicates AVs will be tested on Vista Feb. 2007.

    More on the testing procedures:
    http://www.virusbtn.com/vb100/about/100procedure.xml

    VB 100% test procedures

    VB 100% award denotes that the product in question showed, in its default mode, 100 per cent
    detection of In the Wild test samples and no false positives in a selection of clean files.
    For on-demand scanning of files, detection is considered to be a note in the product log file
    that the file is infected or very likely so. For on-demand scanning of boot sector viruses, a
    notification or log file entry is required.

    For on-access scanning the matter is a little more confusing, since the best method of
    testing - executing all files and using the results from this activity - is clearly
    impractical. Detection is thus judged by a product denying access to an infected file when the
    file is opened for writing.

    For boot sector on-access scanning a visible notification or log file entry is required. In
    this case denial of access is not a useful guide to detection since the VB boot sector test
    floppies are all blank as far as file contents are concerned. Since denial of access is likely
    to show a blank disk as the only detectable effect, this is not particularly useful. The
    addition of extra files to the disk for use in deciding whether access has been denied was
    decided against, for in past testing some products were only able to detect a boot sector virus
    on a floppy containing other files - a situation which would be apparent only with the use of
    disks in their current state.

    Products which cannot be cajoled into producing reasonable logs on demand are checked by
    setting the product to delete and/or disinfect. The files are then scanned until no more
    detections are present, if necessary manually noting those files which are detected as infected
    but are not deleted or disinfected. Disinfected files are removed from the test set by use of
    CRC checking, and those files left in the test set are considered to be misses.

    Near misses
    There remains ample opportunity for products to miss detection, in our tests, of files which
    they are perfectly able to detect - why? Of the many potential answers, two are most likely.
    First, there are the matters of default extension lists, a common area for failure over the
    years, in which products have failed to gain VB 100% awards because the default extension lists
    did not include possible extensions for In the Wild viruses. In most cases these
    extension-based problems are easily solved by an administrator adding extensions to the default
    list. We could perform these changes prior to testing. We feel, however, that our readers are
    better served if they know that they have to do this, than if we scan all files regardless of
    extension.

    Another example of why some products miss out on VB 100% awards, is where certain files are not
    scanned directly on-access. The usual assumption by the product developers is that the files
    will be scanned when passed on to an application which makes use of them. At the most common
    level this covers such objects as ZIP files, which are often not scanned until unzipped and EML
    files, which are not scanned until individual mails are pulled from within. From a developer's
    point of view these choices make sense in that leaving objects unscanned until use creates
    fewer overheads. The chance of infection on a protected machine is not increased, since
    scanning will occur before code execution. Such treatment of objects does, however lead to
    misses under the VB 100% testing methodology.

    Three chances
    Each product may be tested up to three times on two different test machines. Should any product
    fail to work after three attempts the testing process will be aborted for that product.

    VB 100% award
    A VB 100% award means that a product has passed our tests, no more and no less. The failure to
    attain a VB 100% award is not a declaration that a product cannot provide adequate protection
    in the real world if administered by a professional. We would urge any potential customer, when
    looking at the VB 100% record of any software, not simply to consider passes and fails, but to
    read the small print in the reviews.



    -Michael
     
    MICHAEL, Sep 22, 2006
    #22
    1. Advertisements

  3. Richard Urban

    Dave Guest

    It should also be noted that the VB tests apply to the paid versions
    of the vendor's programs. Whether or not the free version perform as
    well is unknown, since they aren't tested.

    Dave
     
    Dave, Sep 23, 2006
    #23
  4. Richard Urban

    MICHAEL Guest

    That, I did not know. Are you sure? I know it is up to the AV
    vendor which version(s) get tested. Although, I would imagine
    that the core of AVG and Avast are the same as their paid versions
    with just certain fru frus and add-ons that cost.


    -Michael
     
    MICHAEL, Sep 23, 2006
    #24
  5. Richard Urban

    Telstar Guest

    Never tried NOD32, now I'm curious. I'm a huge fan of Kaspersky.
    Version 6 has the BEST user interface I have ever seen.
     
    Telstar, Oct 6, 2006
    #25
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.