The main purpose of CheckVir project is testing anti-virus products and solutions independently from developers, helping users and anti-virus companies as well. Starting of this project was supported by the Hungarian Ministry of Education, Research and Development Division (IKTA-00033/2000) and by the Hungarian Ministry of Informatics and Communications (SZT-IS-5/2001/10/321, SZT-IS-14/27).
CheckVir Anti-Virus Certification
During the CheckVir anti-virus testing project the anti-virus certification program has been started in January 2004. All of anti-virus products that are tested during the CheckVir anti-virus project are participating in the certification process too.
Certification levels
There are two different level of certification:
Standard Level: Only the virus searching capability is examined. The AV software products have to find all of tested virus samples.
Advanced Level: Virus searching and killing capability is examined. Anti-virus products have to accomplish the conditions of Standard Level and they have to repair all of infected objects restoring the original status having respect for the following conditions:
| - |
If theoretically it is possible to repair correctly the whole original object (bit by bit) then after the killing procedure the object has to be the same as it was before infection. |
| - |
If theoretically it is not possible to repair correctly the whole original object (bit by bit) but it is possible to repair the object with some minor changes and the functionality of the repaired object is the same as it was before the infection then anti-virus products have to repair the object in this way: the functionality of the repaired object and the object before infection have to be the same. |
| - |
In the case of macro viruses macros in a repaired document and macros originally stored in the document before infection have to be the same (name and content). After the notice addressed to the user the anti-virus product may delete all of macros from the infected document. |
| - |
In the case of boot viruses after the killing procedure infected sectors have to be the same as they were before infection. Data stored in the boot sector (e.g. partition information) or in the master boot record may not be changed during the killing procedure. If it is not possible to restore the original master boot record then after the notice to the user the anti-virus product may generate a standard master boot record. |
| Real time testing |
|
Besides the quantitative and qualitative development of the parasites the protection systems have undergone changes in the last 5 years. New methods have been elaborated, with the help of which the protections are capable of a more effective activity. Obviously, this requires a better adaptation to the necessities of the time in the testing and qualification procedures. Following the innovations of the past few years we have introduced the system of a continual, real time testing of virus protections. After closing the testing procedures of the last 5 years we are going to publish testing and qualification summaries based on real time observations. The main difference lies in the fact that rather than observing particular versions, we will test all the versions—minimum two times a day—within one month. During the testing and qualification procedures the main principle is to comply with the requirements of AMTSO (Anti-Malware Testing Standards Organization - www.amtso.org).
Certifications of the last 5 years [PDF] |
| Contacts |
|
You may contact us by the following ways:
|
|
Digg
| 
Reddit
| 
Mixx
| 
del.icio.us
| 
Stumble it! | 
| Share it
