Prologue: "In ol' times when Vesselin Vladimirov Bontchev was active in testing AV products and Morton Swimmer was around developing his Virus Intrusion Detection Expert System (VIDES), and with many more students at the Virus Test Center of Hamburg University`s Faculty for Informatics..." Although these "ancient times" are not so far back (Vesselin left in July 1995 to work with Fridrik Skulason, and Morton left in January 1996 for IBMs High Integrity Computing Labs), significant changes have appeared. The number of boot/file viruses has more than doubled (to reach more than 11,000 file viruses and 700 boot viruses at the end of November 1996). A new species of viruses has appeared: the MACRO viruses, which soon reached world-wide distribution within about 1 year, with unlucky assistance of MicroSoft. Far beyond, the fast development of Local and Wide Area Networks (esp. of Internet) has been accompanied by more serious threats, including massive automated scanning of sites, mail bombing, spoofing, sniffing and data hijacking, to mention only few. More recently, malicious agents and "hostile applets" (assumed to be impossible by adherents of "SECURE JAVA") enlarge Pandora`s Box of malevolent anomalies. The importance of single-system threats, esp. including "computer viruses" has therefore relatively decreased, though these threats grow in absolute figures and in their damaging potential. With views of their future duties, students are more interested in Network Test Center (NTC) organized in parallel to VTC for those concentrating on studies on IT Security and Safety offered in 4-semester courses at Hamburg University`s Faculty for Informatics (for details, see VTC/NTC homepage). This is one essential reason that AV Product tests were only resumed 1996 when fresh interested students joined VTC asking for new activities. Fortunately, VTC's virus database could be updated to again reflect the actual status of the threats. Macro viruses provided interesting methods and future job demands, so allocation of related knowledge and methods seemed promissing. In this situation, the ol' VTC activities were restarted, with fresh aims. As VTCs databases are comparatively large, this test was explicitly set-up to assess not only detection of viruses, both generally and "In-The-Wild". Moreover, we try to assess the precision and reliability of virus detection. Both aspects are of major concern for users, esp. as they are prerequistite for any reliable cleaning. These text files result from a a first round of testing on-demand scanning on media. It is intended to enlarge the scope of our tests step-by-step, to also cover testing on-access scanners, virus cleaning as well as virus detection in memory. Moreover, we also plan to test virus detection on other platforms such as Windows 95. As usual in scientific work, we very much welcome critical and constructive comments. Though we did our best to avoid errors, some may hard to be avoided, as our insight into related products may be insufficient (e.g. due to missing or ill-understood documentation). We will properly analyse any suggestion and critical comment IF adequate forms and ways are used, though we will not react on any indecent or flaming attacks. In presenting these test results, it is NOT our goal to blame any AV producer for problems of their product. Nor is it our goal to help any marketing expert in selling poducts which reach beneficial results. Indeed, it is outside our possibilities to influence such side-effects. But besides collecting methodical insights into such test processes, it is our ESSENTIAL GOAL to help customers orient themselves in jungles of mis-information. If this test may help some customer in overcoming or avoiding related problems, we would regard our goals to have been successfully reached. On behalf of the VTC Test Team: Klaus Brunnstein (February 14, 1997) brunnstein@rz.informatik.uni-hamburg.d400.de