New Virus Bulletin VB100 Results - June 2007

http://www.virusbtn.com/vb100/archive/2007/06

Windows XP - June 2007


Passed :

-AEC (Trustport)
Result history: AEC (Trustport)
Product name: AEC Trustport Workstation Antivirus 2.5.0.970


-Alwil
Result history: Alwil
Product name: Alwil avast! v.4.7 Professional Edition


-Authentium
Result history: Authentium
Product name: Authentium Command AntiVirus for Windows 4.94.5


-Avira
Result history: Avira
Product name: Avira AntiVir


-Bullguard
Result history: Bullguard
Product name: Bullguard v.7.0


-CA Home
Result history: CA Home
Product name: CA AntiVirus 8.4.0.11


-CA eTrust
Result history: CA eTrust
Product name: CA eTrust r.8.1.634.0


-CAT QuickHeal
Result history: CAT QuickHeal
Product name: CAT Quick Heal 2007 v.9


-eEye
Result history: eEye
Product name: eEye Blink Personal Edition 3.0.9


-Eset
Result history: Eset
Product name: ESET Nod32 Antivirus System 2.70.32


-Fortinet
Result history: Fortinet
Product name: Fortinet Forticlient 3.0.412


-FRISK
Result history: FRISK
Product name: Frisk F-Prot Anti-Virus 6.0.70


-GDATA
Result history: GDATA
Product name: Gdata AntiVirusKit 17.0.7089


-K7 Computing
Result history: K7 Computing
Product name: K7 Total Security 2006


-McAfee
Result history: McAfee
Product name: McAfee VirusScan Enterprise v.8.5i


-Microsoft Forefront
Result history: Microsoft Forefront
Product name: Microsoft Forefront Client Security 1.5.1937


-Microsoft OneCare
Result history: Microsoft OneCare
Product name: Microsoft Windows Live OneCare 1.5.1890.35


-MicroWorld
Result history: MicroWorld
Product name: Microworld eScan Internet Security for Windows 9.0.714.1


-Norman
Result history: Norman
Product name: Norman Virus Control 5.90


-PC Tools AntiVirus
Result history: PC Tools AntiVirus
Product name: PC Tools Antivirus 3.1.1.6


-PC Tools Spyware Doctor
Result history: PC Tools Spyware Doctor
Product name: PC Tools Spyware Doctor v.5.0.0.182


-BitDefender (SOFTWIN)
Result history: BitDefender (SOFTWIN)
Product name: Softwin Bitdefender Antivirus Plus v.10


-Sophos
Result history: Sophos
Product name: Sophos Anti-Virus 6.54 R2


-Symantec
Result history: Symantec
Product name: Symantec AntiVirus 1.0.0.359


-Trend Micro
Result history: Trend Micro
Product name: Trend Micro PC-cillin Internet Security 2007 15.30.1151


-VirusBuster
Result history: VirusBuster
Product name: VirusBuster VirusBuster Professional 2006 v.5.2


-Webroot
Result history: Webroot
Product name: Webroot SpySweeper 5.5




Failed:

-Agnitum
Result history: Agnitum
Product name: Agnitum Outpost Security Suite Pro 2007 5.1214.616

-AhnLab
Result history: AhnLab
Product name: Ahnlab V3 Internet Security 2007 7.40.1

-Doctor Web
Result history: Doctor Web
Product name: Doctor Web Dr.Web 4.33.3.04230

-F-Secure
Result history: F-Secure
Product name: F-Secure Protection Service for Consumers 7.00

-Grisoft
Result history: Grisoft
Product name: Grisoft AVG 7.5 Professional Edition

-Ikarus
Result history: Ikarus
Product name: Ikarus Virus Utilities 1.0.52


-iolo
Result history: iolo
Product name: iolo AntiVirus 1.1.9


-Kaspersky
Result history: Kaspersky
Product name: Kaspersky Anti-Virus 6.0.2.621


-NWI
Result history: NWI
Product name: NWI VirusChaser 5.0a


-Proland Software
Result history: Proland Software
Product name: Proland Protector Plus 2007

 

Thanks. For some reason(s), people on this forum don't concentrate on the VB100 results. They concentrate on AV-Comparatives and AV-Test results.

 

Perhaps some forum members like to "opinion shop" when it comes to their chosen AV & test results

VB100 results appear to be a good enough marketing statement for a lot of AV companies (i.e "look how many VB100 tests we've passed - in a row") & 37 AV vendors allowed their products to be tested.

Based on the above & this link: VB100 test info, I'd say the VB100 test is every bit legitimate as another other AV test.

So thankyou to OP "ianlai" for taking the time to post the results

I'd like to find out why Kaspersky failed the test...that was a real surprise. I have limited access to the reports. Perhaps False Positives??

 

Ditto. Interested in hearing why Grisoft failed as well, if anyone has access to the report details.

 

and kaspersky/f-secure, and drweb.

very strange results, for companys with such good records in VB, the details of 'why' need to be found out somehow.

also surprised that fortinet can pass it, with its 1000+ FP's in the latest test results, shocking they could pass anything.

 

"Suspicious" detections aren't counted as FPs by VirusBulletin. The FPs must be signature-based.
It's strange that AVK (KAV + Avast) and eScan pass while KAV alone fails. Also, VirusBuster and PC Tools pass, while Agnitum fails.

 

Kaspersky failed but eScan passed? This is the first time I've seen that happen...

Still, its quite interesting to know what exactly happened, since so many great products have failed...

 

If you recall KAV 6 & 7 had a single FP in the June 2007 AV-Comparative Proactive test. I wonder if the same file sealed their fate with VB 100%

 

If KAV had an FP, then eScan should have had it as well, unless the VirusP rule applies (i.e. there is a small detection rate difference between a parent company's product and its clone AVs, the reasons of which are unknown. VirusP's tests were the first and I think only one to show this, but I did notice it personally also).

 

Here is the condensed version of their award criteria:

The requirements for VB100 (virus) certification are:

1. 100% detection of malware listed as 'In the Wild' by the WildList Organization.

2. No false positives when scanning VB's collection of known-clean files.

All tests will be performed both on demand and on access. Any failure to detect a sample from the WildList set, in either mode, or a false positive alert in either mode, will result in a product failing to qualify for the VB100 award.

 

Not surprised at KAV & AVG failing.
Goes well with their bottom of the barrel performance of 8 and 9% on
the AV-Comparatives ProActive test.

As said in above posts, I am also surprised that e-Scan passed (being a KAV clone).

the testing procedure:

http://www.virusbtn.com/Session-92c2afbd13be1e31899134e3aa7098b5/vb100/about/100procedure.xml

 

Obviously the test parameters for passing/failing is very stringent...which is a good thing.

It would be nice if VB would allow non-subscribers to read an excerpt of their report for each vendor or an abridged version of the entire report.

Even a comment listing the reason(s) for failing a test would be good & very appreciated.

 

good test results one feels........one might see people questioning the integrity of this test since dr.web and kaspersky failed it......like they did with av-test's malware test....

 

I am useing eEYe Blink Internet Security beta 3.10 good to see Blink pass

 

What surprises me is that Microsoft OneCare passed!

 

I concur. In fact there are a lot of surprises in this particular VB100% test.

 

It's because of the Norman engine, which also passed

 

Three words...

Bug Me Not! (google it)

 

lol, If I were Kas, I would just about now have marketing officialy release version 7, to try and save some credibility.

 

avg missed on access one itw sample, because it was detected by the spyware side of the product. note that VB tests with default settings.
kav missed one itw sample, which detection was at time of testing temporarly removed for some fixing.

 

Nope. Bugmenot doesn't have any logins for the site. Only a paid member can create a bugmenot login for others to use.

 

I have my own username & p/word for the VB100 website...which gives me very basic access. I am not spending USD$175 for 12 months access to reports.

Thanks for the info regardless. Hopefully someone with full access to VB100 will provide a few answers...

 

Theres your answer everyone! Thanks IBK!

I think it may be a little bit of an unfair coincidence that KL had removed detection for that one peice of malware - just when the May 2007 VB100 was being compiled. Im happy.

 

If VB100 knew about this, it's unfair to penalise just because of some internal modifications being made to that particular detection. Obviously, if they didn't know, that's different.

 

It seems that the thing about VB100% certification lately is: passes and fails aren't always indicative of a product's real-world ability to detect malware anymore.