Hello guys!

Check this link for the results of VB100 Feb 2005 (Windows NT).....

http://www.virusbtn.com/vb100/archives/tests.xml?200502

The results are very interesting:-

ArcaVir,F-Secure, F-Prot, McAfee and MicroWorld (eScan) have failed.....

I don't know why this should be as all of these are very good AntiVirus scanners.

Any idea guys?

Regards,
Firecat

{QUOTE-> Hello guys!

Check this link for the results of VB100 Feb 2005 (Windows NT).....The results are very interesting:-

ArcaVir,F-Secure, F-Prot, McAfee and MicroWorld (eScan) have failed.....

I don't know why...Any idea guys?

Regards,
Firecat <-QUOTE}

Just guessing, but probably due to a fp or two.

woaa F-Secure and Mcafee ... wish i could read the details tho.

You and me, unity. You and me.

on the other hand , all the free AV have earned a VB100 award :lurking:

The last time eScan failed, it was due to a problem with the update server. The same could be happening now.F-Secure never had many problems with false positives, especially now when they use the upcoming AVP/KAV 6.0 engine...McAfee? possible, as I heard that some people were calling the service center here to report a few viruses which were caught by enterprise versions but not the home versions....

But F-Prot has remained quite good. I wonder what's wrong? and MKS-Vir (now ArcaVir I think) has also performed very well here.. Or all users of these products are at risk and should change?

Regards,
Firecat

{QUOTE-> on the other hand , all the free AV have earned a VB100 award :lurking: <-QUOTE}
Ditto. And so has Quickheal, which has the worst detection I've ever seen in an AV thats so aggressively marketed in our country... On posters, backs of cars and buses, magazines, stores...

{QUOTE-> Or all users of these products are at risk and should change <-QUOTE}

No. It's just one test. There are others.

{QUOTE-> A VB 100% award means that a product has passed our tests, no more and no less. The failure to attain a VB 100% award is not a declaration that a product cannot provide adequate protection in the real world if administered by a professional. We would urge any potential customer, when looking at the VB 100% record of any software, not simply to consider passes and fails, but to read the small print in the reviews. <-QUOTE}

http://www.virusbtn.com/vb100/about/index.xml

Well I see. Thanks. What are your views on why these products failed, Ron?

Not clear to me Firecat. You can look at past reviews and see why they failed.
Unless you subscribe to Virus Bulletin, there is no way to know.

http://www.virusbtn.com/vb100/archives/products.xml

VB %100 has never been a deciding factor in my choice of AV's. To me this test simply confirms that no AV is %100 at Identifying virii %100 of the time. Look at Kaspersky, 25 pass and 13 fail. This test does perform a service to the AV developers, but I have never used it to make my decision on what AV to use.
I have read that sometimes VB100 does not set the scanners up correctly or some other technical problems occur. I do not know if this is true or not.
Just because it fails a few times does not mean you should dump your AV.

The Avast FAIL last year was all because they refused to CONFIGURE the scanner and used it "Out Of The Box".

I don't care about these tests they are rubbish. To see what's in the REAL WILD and what catches it I'd rather monitor Jotti (shame they don't have McAfee and Norton though - or use an XP server as opposed to a unix one).

{QUOTE-> The Avast FAIL last year was all because they refused to CONFIGURE the scanner and used it "Out Of The Box". <-QUOTE}

All are tested that way ;)

{QUOTE-> ...To see what's in the REAL WILD and what catches it I'd rather monitor Jotti (shame they don't have McAfee and Norton though <-QUOTE}

...because they either refused to participate or have withdrawn their product.
Jordi Bosveld FYI removed overall stats as for product results; thus there's no way to get an overall view by looking at Jotti's site at random times - which only focusses on non-viral malware.

{QUOTE-> - or use an XP server as opposed to a unix one). <-QUOTE}

What's wrong with that? engines and signature updates are one and the same.

regards,

paul

I am taking this set from VB100 with a grain of salt, as Microsoft has stopped supporting NT. I know that the virus signatures should work anyway but as I don't use NT at all anymore, total migration to 2000, this one test doesn't help much.

If you want more information on which product failed and why, the NOD32 home site, http://www.nod32.com, has a link to a pdf version of the full VB magazine article on the NT test. It's the "here" button in the little blurb bragging about NOD32's latest pass on the VB test.

Thx for the link :)

Too bad that they don't list false positive. Because it would probably explain
why some of the well known AV didn't have the VB100 in the lastest test.

You can also see really clearly , the AV that are focusing on the ITW samples ;D

I'm puzzled by the NOD website. They claim that they have had a perfect 100% score for the past seven years, yet when I go to Virus Bulletin, NOD has had three fails within that time. ???

Acadia

{QUOTE-> I'm puzzled by the NOD website. They claim that they have had a perfect 100% score for the past seven years, yet when I go to Virus Bulletin, NOD has had three fails within that time. ???

Acadia <-QUOTE}


I think that their exact claim is that they haven't missed an ITW virus in a VB test in the last seven years. The three fails may have been because of false positives. If this is correct, then their claim is accurate in that they haven't missed an ITW virus on a VB test.

Virus Bulletin will help to form an opinion about a product. However it is only a piece to the puzzle. Would you rather have the odd false positive that you have to scan with Jotti, or would you rather have a AV that misses viruses?? Also, could you imagine having a product that finds a 100% of all malware, but is unstable and constantly crashes.

http://www.nod32.com/news/vbreprints.pdf

VB100 Feb 2005 Result Overview !!

Why did they test with NOD version 1.529????

That number is a virud definition build,not a program version number.

The tests in the reprints show NOD's 2003-04 performance >:( Bet I can blame eScan's failure on the scan restrictions MicroWorld placed (not scanning CAB, JAR and other file types..plus having size restriction on all archives...) luckily I can remove those... 8)

They don't test free version but full featured commercial one...

Um...Yes.

RejZor,

You might know I use the commercial version of eScan, and being very close to MicroWorld (almost their 'official' representative for this forum, almost because I am not an employee, but they've told me to keep watch here in these forums), I know the latest version of eScan commercial very well.It has these restrictions thingy (v2.6.501.8 onwards). I told them not to put it and they told me that I can remove the restrictions if I want (and that's just what I did). I think thats what cost them the VB100 this time.

Regards,
Firecat

{QUOTE-> http://www.nod32.com/news/vbreprints.pdf

VB100 Feb 2005 Result Overview !! <-QUOTE}

This is reprint from 2003-2004.

Mariusz
www.stormbyte.com (http://www.stormbyte.com/?tid=10)

Hey what a heck?? F-Secure has passed that test after all??!!
http://www.virusbulletin.com/vb100/archives/tests.xml?200502

{QUOTE-> Hey what a heck?? F-Secure has passed that test after all??!!
http://www.virusbulletin.com/vb100/archives/tests.xml?200502 <-QUOTE}


My "sources" are telling me that that more products passed the test.:)

Mariusz

{QUOTE-> My "sources" are telling me that that more products passed the test.:)

Mariusz <-QUOTE}As many times recently. But those REAL ItW threats were even not tested as that false DC++ program that was dowloaded by thousands. I'm not so worried about that missed VB 100% Award because it's already a past time Award one. Today the threats are mainly among trojan like nasties. ArcaVir is VERY good against those.

Best regards,
Firefighter!

someone plz tell me, what the hell is Avira.......

{QUOTE-> someone plz tell me, what the hell is Avira....... <-QUOTE}"based on the commercial version of Antivir" ?

Kind of recent thread---> AVIRA AV (http://www.wilderssecurity.com/showthread.php?t=57900&highlight=Avira)

{QUOTE-> someone plz tell me, what the hell is Avira....... <-QUOTE}
Avira is a paid program using the AntiVir engine, as is AntiVir Professional. The main point of Avira over AntiVir Pro is its user interface in my opinion.

{QUOTE-> Hey what a heck?? F-Secure has passed that test after all??!!
http://www.virusbulletin.com/vb100/archives/tests.xml?200502 <-QUOTE}
What the heck...when I saw it, F-Secure REALLY had failed...maybe there's something wrong in the website, they might have posted wrong details...

{QUOTE-> What the heck...when I saw it, F-Secure REALLY had failed...maybe there's something wrong in the website, they might have posted wrong details... <-QUOTE}

Its not a problem with the website. In pdf version of the VBulletin its stated clearly that F-Secured failed. And the same information was on the site. But it was changed couple of days ago.

Mariusz

{QUOTE-> Its not a problem with the website. In pdf version of the VBulletin its stated clearly that F-Secured failed. And the same information was on the site. But it was changed couple of days ago.

Mariusz <-QUOTE}
Where did you get the PDF version? And any idea WHY it was changed?

{QUOTE-> And any idea WHY it was changed? <-QUOTE}

"F-Secure Anti-Virus 5.43 has been awarded the VB 100% award in the February 2005 edition of the Virus Bulletin magazine.

There were technical problems during the testing, so the print edition of the Virus Bulletin magazine actually lists us as failing the test...which it didn't. One antivirus vendor from UK (which we shall not name here but it's Sophos) even put out a press release in the meanwhile stressing how we failed in the test. But we didn't, ha-ha!

Virus Bulletin tested 28 different anti-virus products for their detection rates against in-the-wild viruses. We have long and proven track record of receiving VB 100% awards on different platforms. So there. "


tECHNODROME

{QUOTE-> "F-Secure Anti-Virus 5.43 has been awarded the VB 100% award in the February 2005 edition of the Virus Bulletin magazine.

There were technical problems during the testing, so the print edition of the Virus Bulletin magazine actually lists us as failing the test...which it didn't. One antivirus vendor from UK (which we shall not name here but it's Sophos) even put out a press release in the meanwhile stressing how we failed in the test. But we didn't, ha-ha!

Virus Bulletin tested 28 different anti-virus products for their detection rates against in-the-wild viruses. We have long and proven track record of receiving VB 100% awards on different platforms. So there. "


tECHNODROME <-QUOTE}
May I know where that comes from?

http://www.f-secure.com/weblog/



tECHNODROME

I asked that because words like ''which we shall not name but its Sophos'' and ''ha-ha'' are not what'd come out of a businessman's mouth?

This discussion reinforces my opinion that the VB100 should not weigh in on anyboby's decision as to what AV to use. The biggest technical problem I see is that they should not make the results public until they are %100 sure of the results.

{QUOTE-> This discussion reinforces my opinion that the VB100 should not weigh in on anyboby's decision as to what AV to use. The biggest technical problem I see is that they should not make the results public until they are %100 sure of the results. <-QUOTE}
Very right. For example, MicroWorld's eScan lost out on VB100 in June 2004 because their update servers were down and they advised to update using cumulative update. VB100 didn't know of this and as a result they did not update properly therefore leading to eScan missing a sample NetSky.X

{QUOTE-> Very right. For example, MicroWorld's eScan lost out on VB100 in June 2004 because their update servers were down and they advised to update using cumulative update. VB100 didn't know of this and as a result they did not update properly therefore leading to eScan missing a sample NetSky.X <-QUOTE}

So you think average Joe will know about this? This scenario could easily happen during a virus outbreak.

VB test only shows how hard is to obtain this award. It’s really up to you weather you want to follow it or not.


tECHNOROME

You're right. Sorry. But I still do not get how VB100 with its stringent quality control measures could put F-Secure's results wrongly. I'm dying to know what those 'technical problems' were.

Its the first time I'm actually speaking to YOU, technodrome :)

Have a nice day ;)

Regards,
Firecat

{QUOTE->
But I still do not get how VB100 with its stringent quality control measures could put F-Secure's results wrongly.I'm dying to know what those 'technical problems' were. <-QUOTE}

Maybe it has something to do with the OS tested (NT). Some of F-Secure products don't support NT at all.

{QUOTE-> Its the first time I'm actually speaking to YOU, technodrome :) <-QUOTE}
Hmmm...What about post number 37 in this thread. ;)

{QUOTE-> Have a nice day ;) <-QUOTE}

Thanks, you too.


tECHNODROME

{QUOTE-> Maybe it has something to do with the OS tested (NT). Some of F-Secure products don't support NT at all.


Hmmm...What about post number 37 in this thread. ;)



Thanks, you too.


tECHNODROME <-QUOTE}
I was talking about the thread in general when I said this is the first time I'm talking to YOU...Back when I was a guest I'd heard a lot about you (nothing negative so don't worry).

Oh Ok, I see...

{QUOTE-> (nothing negative so don't worry) <-QUOTE}
It doesn't worry me...On the contraray, I welcome both positive and negative comments. ;)


tECHNODROME