Inscrit le: Mer 7 Sep 2005 - 09:53 Messages: 1358
|
AgnesD a écrit: Pour Guardian car je sais que tu adore les comparatifs antivirus...
Ha oui ? C'est gentil de m'en informer
Je sais exactement combien vaut mon AV : 34.95$/an
Pour ce qui est des tests, mon opinion n'a pas encore évolué : je reste septique.
Pas de description complète du mode de test, des virus utilisé, de la procédure suive, du moins dans l'article des Nouvelles du Net (celle qui figure sur le site est reproduite ci-dessous).
Enfin, ce test ne porte que sur un scan et non sur le bouclier qui me semble pourtant le plus important..
Une visite du site originel nous montre que ce test remonte à la période du 14 au 22/12/2005. On ne peut plus appeler cela des nouvelles fraîches. Les Archives du Net serait peut-être mieux adapté comme titre.
Par contre, on y trouve une description sommaire du test (édifiante)
The test was made on 14-22 December 2005, using Windows XP Professional SP1 on a P4 2800 Mhz, 512MB DDRAM. All programs tested had the latest versions, upgrades and updates and they were tested using their full scanning capabilities e.g. heuristics, full scan etc. The default settings of each program were not used, in order for each program to achieve its maximum detection rate. Because of this, there is a possibility for the tested programs to detect a few false positives. The 113334 virus samples were chosen using VS2000 according to Kaspersky, F-Prot, Nod32, Dr.Web and McAfee antivirus programs. Each virus sample was unique by virus name, meaning that AT LEAST 1 antivirus program detected it as a new virus. ALL virus samples were unpacked and the only samples that were kept were the ones that were packed using external-dos-packers (that means not winzip, winrar, winace etc). The virus samples had the correct file extension using a special program (Renexts) and were unique, according to checksum32 filesize. Most of the virus samples used were not previously replicated at the time the test was made, which means that some of them, although probably only a few, may be false positives. The procedure of testing each and every virus sample is still under process. The program PER was not tested because there was no english demo version available. The programs WinAntivirus , Anti-Hacker Expert , Command , Extendia and G-Data AVK , BOClean , VET , Titan , RisingAV , Ikarus and Freedom were not tested because there was no demo version available. Thourough mode was not used in VBA32 due to extremely slow scan process. Advanced heuristics were not used in Tauscan due to extremely slow scan process. VirusBuster uses the exact same engine as Vexira. TheShield uses the exact same engine as VirobotExpert. AntiVir uses the exact same engine as Avira. MKS_VIR uses the exact same engine as ArcaVir. The program InVircible did not include a "typical" scanner-function and could not be tested. The program V-Catch checks only mail accounts and could not be tested. DOS-Based scanners were not tested. The following file types were used.
EXE, ELF, SH, COM, VBS, SIT, BAT, DOC, XLS, MDB, BIN, VBA, OLE, PPT, CLS, SMM, HTM, CLASS, JS, VI_, HTA, INI, PL, HLP, PHP, TPU, SCR, IMG, TD0, PRC, PIF, XML, REG, SHS, MAC, CSC, INF.
The virus samples were divided into these categories, according to the type of the virus :
File = BeOS, FreeBSD, Linux, Mac, Palm, OS2, Unix, BinaryImage, BAS viruses, MenuetOS. MS-DOS = MS-DOS viruses. Windows = Win.*.* viruses. Macro = Macro, Multi and Formula viruses. Malware = Adware, DoS, Constructors, Exploit, Flooders, Nukers, Sniffers, SpamTools, Spoofers, Virus Construction Tools, Droppers, PolyEngines. Script = ABAP, BAT, Corel, HTML, Java, Scripts, MSH, VBS, WBS, Worms, PHP, Perl, Ruby viruses. Trojans-Backdoors = Trojan and Backdoor viruses.
L'explication de la différenciation entre ce test et les autres tests, selon l'auteur, n'est pas faite pour rassurer
Introduction - What makes our test differ from other tests Several antivirus programs have been developed to protect pc users against viruses, that both include both detection of the virus and repairing of the infected files, whenever it is possible. Unfortunately, once again, the dominant ones are those that have the best methods of advertisement and not the ones that "do their job best".
Why is this test different from all the others (e.g. pc magazines' antivirus tests) This test was made by the only Greek virus collector, known as VirusP, webmaster of www.virus.gr, whose collection consists of approximately 245,000 virus samples (crc32 different files) and is one of the biggest virus collections worldwide. On the contrary, all other greek tests' database never exceeds the 6,000 virus samples, while internationally most tests' database doesn't exceed the 20,000 virus samples. So, if you take under consideration the number of both antivirus programs tested and unique virus samples used, you will understand that, statistically speaking, the results of the test would not be too different even if we used 95% of all computer viruses ever made.
Je rappelle que McAfee par ex. parle de 63.000 souches de virus et Sophos de 118060 virus, de quoi embrouiller tout le monde.
Bref, tout ceci est extrèmement confus et je ne pense pas qu'il faille changer d'AV à cause des résultats (douteux) d'un test quel qu'il soit
|
|