收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 国外杀毒软件 Checkvir一月和二月评测结果
返回列表 发新帖
查看: 2590|回复: 7
收起左侧

[资讯] Checkvir一月和二月评测结果

[复制链接]
The EQs
发表于 2007-4-21 20:40:45 | 显示全部楼层 |阅读模式

February 2007

Certification
The ability of virus protections to recognise and remove the most wide-spread viruses was observed by CheckVir test-lab in February. We checked the search and destroy algorithms of antivirus systems with The Bat mail system under Windows XP Professional + SP2 operation system. We used the samples of the most wide-spread viruses. STANDARD qualification was given to virus protections that recognised the virus in every infected sample and prevented the user from initiating the code of the virus. ADVANCED qualification is given if the antivirus is capable of destroying the virus by restoring the original state if possible. In On-access protection and on-demand search the antivirus must operate in the same fashion. During the qualification procedure we checked the input and output messages of the mail system. MAILSCANNER qualification was given to products that were able to recognise, block and remove every spread virus.

Recovery
Virus protections carry out actions as instructed by users in case a virus or worm is found. Recovery means to restore the original state. In the case of worms the recovery of the original state means to delete the worm code. In the case of viruses this is a bit more complicated as the state preceding the infection should be restored. During this test we observed the restored files in cases like the above. In the case of most wide-spread viruses the virus protections were able to restore the pre-infection state so that the operability of the restored files was the same as that of the original file. There were a few virus samples that did not fully agree with the pre-infection samples. However, in most cases this is obvious as there are viruses that cannot be completely destroyed even in theory. The files that contain viruses and worms compressed by the user, for example into zip format, mean a special problem. When a worm like this is removed the perfect solution is to delete the complete zip file as well as to delete the file of the worm from the zip file. In the latter case an empty zip file is left.
[/td][/td][/td]
The following products received CheckVir STANDARD certification:




The following products received CheckVir ADVANCED certification:




The following products received CheckVir MAILSCANNER certification:




Platforms
Platform
[td=1,1,20%]
Version
[/td][/td]
Microsoft Windows XP Professional [td=1,1,80%]v2002 SP2 [/td][/td]
Microsoft Windows 2000 Server [td=1,1,80%]5.00.2195 SP4 [/td]


Used virus samples
The list of viruses that will be used for the test in February 2007 can be downloaded here.


[ 本帖最后由 EQ2 于 2007-4-21 20:41 编辑 ]
回复

举报

The EQs
 楼主| 发表于 2007-4-21 20:42:21 | 显示全部楼层
Anti-virus products (Windows XP)


Product
Developer
Version
Results

AVG Anti-Virus 7.5 Professional  Grisoft  7.5 (Build 447)  here  
BullGuard Anti-Virus  BullGuard  7.0.0.4  here  
Central Command Vexira Antivirus Professional 2006  Central Command  5.2 (Build 62)  here  
eTrust Antivirus  Computer Associates  8.0.447.0  here  
McAfee VirusScan Enterprise  Network Associates  8.5i  here  
NOD32 Antivirus System  ESET Software  2.70.31  here  
Norton AntiVirus 2007  Symantec Corp.  14.0.0.89  here  
Panda Internet Security 2007  Panda Software  11.00.02  here  
Trend Micro PC-cillin Internet Security 2007  Trend Micro  15.00.1450  here  
VirusBuster Professional 2006  VirusBuster  5.2 (Build 54)  here  



Anti-virus products (Windows 2000)


Product
Developer
Version
Results

AVG Anti-Virus 7.5 Network Edition  Grisoft  7.5 (Build 447)  here  
BullGuard Anti-Virus  BullGuard  7.0.0.4  here  
Central Command Vexira Antivirus 2006 for Windows Servers  Central Command  5.2 (Build 50)  here  
eTrust Antivirus  Computer Associates  8.0.447.0  here  
McAfee VirusScan Enterprise  Network Associates  8.5i  here  
NOD32 Antivirus System  ESET Software  2.70.31  here  
Symantec AntiVirus  Symantec Corp.  9.0.0.338  here  
Panda AdminSecure 2006  Panda Software  4.01.10  here  
Trend Micro OfficeScan  Trend Micro  7.3  here  
VirusBuster 2006 for Windows Servers  VirusBuster  5.2 (Build 48)  here
回复

举报

The EQs
 楼主| 发表于 2007-4-21 20:43:29 | 显示全部楼层
January 2007
Certification
Within last month’s test lab of CheckVir we observed the search and disinfect algorithms of antivirus systems under Windows XP Home + SP2 operation systems. We used the samples of the most frequent viruses. During the test STANDARD qualification was given to virus protection systems which recognised the virus in every infected sample and prevented the user from initiating the code of the virus. In case of ADVANCED qualification the antivirus is capable of destroying the virus by reconstructing the original state as much as possible. In on-access protection and on-demand search the antivirus must operate in the same fashion. During the qualification procedure we checked the observation of the input and output messages of Microsoft Outlook 2000 mailing system separately. MAILSCANNER qualification was given to mailing systems which were able to recognise, block and remove each of the frequent viruses.

Testing of compressing files
During testing we observed the search processes of the antivirus software to see whether they recognise the compressed files of different formats. Besides the most general formats (ZIP, ARJ, RAR, JAR, LZH, TGZ, CAB, TAR, GZ, ACE) we extended the testing supply with further compress types produced by Total Commander (BZ2, HA, Z, 7Z, BFC). To check them we chose ten well-known viruses and then checked whether each antivirus recognises them or not. Afterwards we compressed the infected files and prepared the appropriate formats. We carried out the testing on these files. Besides the compressed types we dealt with a few special properties as well. In ZIP and ACE compressed files we observed the formats that can be run, checked the recognition of the bugs hidden in compressed files protected by password and the use of long file names.
[/td][/td][/td]
The following products received CheckVir STANDARD certification:




The following products received CheckVir ADVANCED certification:




The following products received CheckVir MAILSCANNER certification:



Platforms
Platform
[td=1,1,20%]
Version
[/td][/td]
Microsoft Windows XP Home Edition [td=1,1,80%]v2002 SP2 [/td]

Used virus samples
The list of viruses that will be used for the test in January 2007 can be downloaded here.
回复

举报

tracydk
发表于 2007-4-21 20:43:39 | 显示全部楼层
看不懂,什么意思
回复

举报

The EQs
 楼主| 发表于 2007-4-21 20:43:46 | 显示全部楼层
Anti-virus products


Product
Developer
Version
Results

AVG Anti-Virus 7.5 Professional  Grisoft  7.5 (Build 441)  here  
BullGuard Anti-Virus  BullGuard  7.0.0.3  here  
Central Command Vexira Antivirus Professional 2006  Central Command  5.2 (Build 53)  here  
eTrust Antivirus v7.1  Computer Associates  v7.1.192  here  
McAfee VirusScan Enterprise  Network Associates  8.5i  here  
NOD32 Antivirus System  ESET Software  2.50.32  here  
Norton AntiVirus 2006  Symantec Corp.  12.6.0.1  here  
Panda Internet Security 2007  Panda Software  11.00.02  here  
Trend Micro PC-cillin Internet Security 2007  Trend Micro  15.00.1450  here  
VirusBuster Professional 2006  VirusBuster  5.2 (Build 54)  here
回复

举报

buycard
发表于 2007-4-21 20:47:19 | 显示全部楼层
总共用了751个样本,测试扫描、解毒率
回复

举报

The EQs
 楼主| 发表于 2007-4-21 20:48:27 | 显示全部楼层
样本全部来自于ITW
回复

举报

95518
发表于 2007-4-21 22:09:47 | 显示全部楼层
看不懂啊
555
回复

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-4-23 18:29 , Processed in 0.141352 second(s), 17 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表