Next is reproduced: antivirus software review, the choice of antivirus software is very important
2006-10-06 14:59
1, first from the monitoring point of view, Rising 2004-2005 is written with DLL injection, that is, a lot of viruses used in a way that takes up a lot of memory, the monitoring is very poor. DLL injection monitoring of the biggest weakness is the web virus monitoring difficulties. The biggest weakness of DLL injection monitoring is that it is difficult to monitor web viruses, which is also the biggest weakness of Rising Star. 2006 seems to use the hook technology, which is a great improvement. kv monitoring is much better, almost equivalent to the anti-virus wall, you use Xunlei to download a virus will know, in the process of downloading it is killed, while Rising Star has to be in the end of the download to be able to kill.
2, antivirus, this depends on the antivirus engine, KV's engine is very similar to the Kaba, I do not want to hit everyone, the world's only five companies have their own engine, the other are imitation, China's antivirus software is the same. Rising's engine is not very good, it can't completely remove self-replicating viruses. This is the second major weakness of Rising. Rising Star can not completely remove the virus, like love backdoor, ROSE. Rising Star antivirus is not complete. ROSE with Rising Star antivirus after or can not directly double-click to open, with the KV directly can be restored to its original form.
3, kill the shell, Rising now the engine is not able to kill the shell, the new engine does not know how to shell technology, now in public beta, KV can kill the popular shell, which is very good, can not kill the shell of the antivirus software means, against the shell to protect the virus variant is basically a waste product. This is also the basic standard of antivirus engine good or bad, why people use Kaba, it is it off the shell is powerful, is a variant of Trojan's nemesis.
4, virus library, in this regard, KV is much worse, now the KV virus library is very incomplete, especially the Trojan horse library. Now know why KV can not pass the West Coast Trojan certification, right, the engine is very good, but the virus library is not complete. This is now KV's Achilles heel. That's why Kingsoft has passed it, but KV can't pass it yet.
5, comes with a firewall, Rising's wall is much better than KV's wall, this I do not need to say.
But I'll say one last thing, the world's most powerful antivirus engine is DR. Basically, you can kill all the shells, with the dynamic virtual machine shelling technology, even the North can be easily killed. DR.web is a Russian antivirus software, that is, everyone said the big spider. And Kaba is basically the same, but the engine and technology is not the same, is the Russian official and military products, commercial and personal most of the use of Kaba, divided into two versions. Destroyer with its engine, but after all, it is a fake spider, antivirus effect and DR.WEB is not the same at all, there is only one external, and its technology is backed by the Russian National Academy of Sciences. This antivirus software company's goal is not to make money, purely for the technology, so now there is no Chinese version, it never binary viruses and can not be sent to do the Trojan horse included in the virus database, so the name is not in some tests is not very forward, and even seldom to participate in the evaluation, but the strength of the antivirus is definitely in the Kaba more than the memory is very small, almost 4 megabytes.
The world's top five antivirus engine:
1, the first is of course to say Norton, the first real monitoring technology, but also know Microsoft's code. Everyone says Norton is not good, in fact, Norton's engine is very powerful. From the bottom of the protection of computers, so it is not too fast to run, it is only different antivirus concepts that make Norton is not suitable for individual users. It mainly focuses on isolation to prevent corporate files from being deleted. Because some of the files infected by the virus simply can not be completely antivirus. Direct deletion will destroy the files again, so Norton is the most suitable choice for corporate users.
2, the second should be the coffee, this antivirus software to put the main ability to anti-virus, but also used the virtual shell technology, basically all the shells can be killed, now know why it is so hot, right, Norton's shell, I do not know if you can take out, but its virtual technology is not as good as DR.WEB, with the encrypted XTA algorithm (basically the same as DES is very difficult to break the virus) write! , it and Kaba would both be ruined.
3, the third is the Panda, this Spanish East, the world's first automatic upgrade, people's engine is also quite good, the speed of the absolute first-class, check thoroughly, but the virus database is a bit European, so not very good in China, accounting for a large amount of memory, Kingsoft seems to be in the imitation of the Panda now, monitoring does not seem to be, antivirus and upgrading are imitation of the Panda's, Kingsoft's monitoring is very LJ, you use it to know. I'm not sure if you're going to be able to get a good deal on this.
4, Russia's Kaspersky --- 6.0
Engine I have not analyzed, people are indeed their own engine, the previous KV is a copy of the Kaba. But now KV seems to be more optimized.
5, DR.WEB, is also a Russian engine, developed in cooperation with the Russian National Academy of Sciences, the military and the Kremlin dedicated. Heuristic plus virtual shelling, Beidou's shell, and then outside the shell, plus jump pin can also be killed, taking up very little memory. It can be said to be the strongest engine. It is the best way to deal with mutated viruses and Trojans. Can kill the encryption XTA algorithm. Remove extremely complex viruses. Destroyer with its engine, but after all, it is a fake spider, antivirus effect and DR.WEB is not the same at all, today with the destroyer fully scanned, did not find anything, but with DR.WEB a sweep found so many did not sweep out, although most of them are advertisements. It seems that the core technology is still much worse than dr.web, people don't think you really use DR.WEB, people Russia said, the core is not for sale.
About NOD32, I am not very clear about this antivirus software, but it seems that its engine is not their own, as if they have made great improvements, antivirus is very much like Panda, but not Panda, monitoring and DR.WEB is very much like, the situation seems to be the same, there are two processes, monitoring the use of virtual shells plus heuristics, but the way is definitely not the same, I'm not sure who it is the engine, monitor Very intelligent, I tried at night can deal with once the North Dipper shelled virus, added the jump pin will not work, I ran a gray pigeon even in my computer to generate an auto-connect file, NOD did not feel at all. It kept me busy for a long time before I killed it. Add a memory free kill directly over, monitoring there is a big problem, against two times to add the North Dipper shell of the virus, no feeling at all, you can add two shells reported to it, it is estimated to win awards. Then it is to deal with the domestic Trojan horse, very poor, a lot of kill can not come out, especially now that the domestic Trojan horse is so rampant, you see Rising upgraded virus database? Trojans account for almost 90%, I feel better not to use this antivirus software, I tried a few stolen QQ Trojans, the result is to find out a to, this antivirus software I feel is still good, in the domestic use will not feel appropriate. Against gray pigeons as KV, not that it is not anti-virus, is the problem of the virus database, the software is very good, I like this anti-virus software, the concept is very advanced, accounted for memory and less. I don't know much about it, don't scold me.
Today I join the trend and small red umbrella, trend is Japan Holdings antivirus software, so I have not been used, but my sophomore year when the trend came out with a good crack, I will be the school office of the computers are loaded with the trend (I was at the law school school school office and the website diligently do anti-virus and maintenance work), not because it is good, I just want to let the small Japanese upgraded server hard disk more spinning, and let the small Japanese upgrade. Give it power consumption, but also let him work for free for the Chinese people to work, trend of the first few years is very powerful, especially its enterprise version, basically can fight with the coffee, its engine is imitation of Norton, the concept is also the same as Norton. I remember when I was in middle school it came out with a le yi yang, when it was sold for 28 dollars, and monitoring with upgrades, at that time, Rising Star is still 3 floppy disks it, but its personal version is really not good, to use the enterprise version it.
Small Red Umbrella is a typical DR.WEB copycat product. At least the antivirus engine is the same, it should be about as effective as Destroyer, even the way it starts scanning is the same. Memory scan and antivirus scan are separate. This guy I do like, I used it a long time ago, surprisingly killed the love behind that Rising Star couldn't kill at the time, using the same free, too-golden version you guys like, which I gave up on at the time due to the lack of a way to upgrade it.
Anyone else said that Kaba's antivirus is too much memory, this is true, I feel that Kaba is not successful, at least not one of the best antivirus software, a good antivirus software, the most important thing to do is not to drag the computer to look at the design of the NOD32, if the NOD has a Kaba's virus database, it is estimated that I would have been using it today with the NOD32 to open up a few web pages, and poisoned, simply! is the indifference of Chinese users, the key is no market in China, no profit will be so, but if you buy a genuine, I still recommend the Chinese, I have been buying genuine, including my XP are genuine, really is more than the street to buy those Xp stable, so the test is still don't use those so-called crack, Rising 2005 pirated and genuine antivirus there is a difference, but I rarely buy the foreign genuine, has been using Jiang Jianghua, and I have been using it. foreign genuine, has been using Jiangmin genuine, Rising Star I also have a genuine, when it is for the test with it, you know the previous Rising Star will always have a prompt, please repeat the check, what is called repeatedly, that is, a clear can not be, is that the 2005 version of the Rising Star's engine jumped to kill a very serious, one can not completely remove self-replicating viruses, the Rising Star 2005, I was standing in front of the server with a boxed lunch, watching its monitoring by the love of the world, and the Rising Star 2005 is not a good idea, but a good idea. I was standing in front of the server with a boxed lunch and watched its monitoring was love behind the kill, sad death, Jinshan I bought the Jinshan Net Dart V, 90 Ocean. Kingsoft friends note, it's intermediate rules, is not to prevent others PING, adjusted to the high level and can not watch movies online, the rules are really not good, but the general family is enough, Kaspersky anti-hacking in the LAN seems to be unable to prevent others PING you, KIS6.0 firewall, I have not yet tried, but recommend that you set it into learning mode, it is the default is low, and now do not buy Kingsoft! Now do not buy Kingsoft, you want to buy if you buy KV and the new engine of Rising Star, it is estimated that the new engine of Rising Star to beat KV, provided that KV does not progress, but KV and Kaba recent cooperation is very close, it is estimated that by the next version of the engine may reach the standard of Kaba 6.0, to support the domestic, China will be strong! Look at Korean cars, basically Koreans use Korea's own cars. Kaba's scanning is all files, so it's very laggy, it doesn't help if you turn off the monitor, it runs inside the system. But antivirus is absolutely ........ Not to say
Today out of Panda's 2007 Chinese, Panda's latest engine has exceeded the speed of NOD32, seen on a foreign review, takes up a lot less memory, I'm testing it now, it's very smooth. I'm testing it now and it's very smooth. You guys can try it. It still feels good. I'll do a firewall analysis in a few days. I hope you support me, I enlarged the word, so that it is good for eyesight, there are any questions on the good, I will not be updated, must remember that antivirus software must not be TO the machine, or it violates the basic principles. What is the difference between that and your perennial poisoning. The following is a brief description of each vendor's antivirus engine, part of the text from the technical information has been made public, part of the source in the virus forum is regarded as a classic anti-editorial, and part of the source from the manufacturer's technical staff (official and private are available).
1. Norton: This is the most familiar, Norton's antivirus software actually prevent detection is not doing very well, many virus programs in the subroutine segment often draw on the Norton's code to crash, I hope that in the new version of the Norton can be used to protect itself from stronger technology. Norton's engine should be completely self-contained closed system, there is no information to confirm that Norton has ever purchased or borrowed other antivirus engine. Rumor has it that many companies have referenced Kaspersky's leaked engine design in their designs, so I once asked this question in an online chat in the Microsoft community. The consensus of the replies was that Norton had borrowed Kaspersky's antivirus engine unnecessarily, and that it had gotten its own engine to work quite well. A guy named fenssa even posted back that Norton's antivirus engine is quite advanced and has good overall protection performance, regardless of the virus database factor. In Microsoft, in addition to the use of mcafee on the use of Norton's (which I believe, rarely see other antivirus software in Microsoft is used). From the description of Norton's technical documents and in the virus forums circulating 29A of a guy to get a virtual machine environment called Norton's step-by-step tracking of the work process and the counter-compilation of the article, Norton's antivirus engine should be the traditional static code corresponds to the perfect combination with the real-time monitoring, there should be some improvement in the virtual machine technology in the inside (Norton's people are not very much to promote virtual machine technology). The slowness of Norton's antivirus should stem from the fact that Norton employs more of the traditional checking method of static code. Personally, I really like Norton's quarantine mechanism, and I don't think deletion should be employed until a completely correct way of dealing with it has been determined. A virus written by a master should be able to relate to system processes as much as possible, in which case the advantages of isolation are immediately apparent. Norton's resource usage is relatively large, but it achieves the following design goals: viruses that can be recognized and processes that are recognized as viruses can be handled completely and correctly, and virus corpses that are no longer likely to be destructive 'will not be misdiagnosed, much less appear to appear time and time again in the process of processing a particular virus after the virus is detected as a situation.
Many people think that Norton Enterprise and Personal Boards use exactly the same engine, which is not quite correct. In fact, the enterprise version of the personal board of the technology is still improved. zdnet published an article pointed out that: the enterprise version and the personal version of the core rules of the engine is exactly the same, but in the front-end of the file into the part of the enterprise is better than the personal version of the enterprise version, the enterprise version of the use of more API interfaces. The article says that the Enterprise Edition is significantly better than the Personal Edition when it comes to large-scale document scanning. And due to the use of load technology, the enterprise version of the resource consumption is a little better. It is also said that Enterprise Edition supports network-based multi-load technology.
2. Mcafee: I remember reading a report that mcafee had acquired another antivirus engine design company, and according to the posting, it was known as Solomon. On the Internet can rarely see on the mcafee antivirus engine has analyzed the technical documents, but from his own publicity information, mcafee on virtual machine technology and real-time monitoring of the research are quite thorough. For example, he recently publicized the technology to prevent application overflow (roughly the name), which is supposed to be the best combination of virtual machine technology and real-time monitoring technology regardless of the hardware platform, even though there are often false overflow detections (the software level overflow release technology is really not very stable). When dealing with large numbers of files, mcafee has a certain speed advantage (there is a discussion of this issue in the Microsoft community). There is news from the mcafee forum that mcafee is working on more advanced smart code scanning technology, and I guess it must be better than what Oriental Defender has gotten up to. According to the leader of the post, McAfee since the release of VSE8.0i focus on the front of the deterrent to prevent this new field of security, and NORTON is also in the super this direction. The former deterrent to prevent a **** is divided into two parts, one for the use of part of the firewall technology plus its intrusion detection technology to effectively block the spread of the virus source, so that the virus in the early stages of the contagion can not get a large area of the spread of the reduction of the harm; the second is to rely on the powerful features of the code detection technology (Extra.dat) on the behavior of viruses, features such as the code to detect, relying on its strong R & D team and strategic alliance partners to make it in the field of security and safety. The second is to rely on its powerful feature code detection technology (Extra.dat) to detect the behavior of viruses, relying on its strong R & D team and strategic alliance partners to make it unique in this field. Norton has been able to include some firewall features in new versions of its products. I emailed Norton's researchers to ask why they hadn't adopted signature code antivirus technology, and they responded that a perfect signature code scanning technology should be able to achieve the purpose of adding a specific file as a virus according to the user's specification, that is to say, when the user specifies a certain active program as a virus, the antivirus engine is able to define a signature code for the active program according to its own rules, and in controlling the active program, it is able to effectively disconnect it from the system. can effectively sever its association with normal system processes. Until this level is achieved, Norton will not adopt feature code technology on a large scale. From mcafee's technical documentation, it appears that mcafee is only experimenting with the technology on a limited scale and applying it where there is a reasonable degree of confidence. In fact both companies have a long way to go in this regard.
3. Kaspersky: The overly mythologized antivirus. I personally respect Kaspersky's high level of quality, but to be honest, without taking into account the resource usage, Kaspersky is not a good enough reason to be able to make me give up Norton, and there is no difference in the level of the two. In terms of stability, Kaspersky is a bit worse than Norton. Because of the earlier years of Kaspersky's engine had leaked (actually leaked is not the initial source code, just leaked the engine can be relatively easy to decompile), so you can find a lot of on the Internet about the Kaspersky engine of the very detailed technical analysis, in particular, the German virus masters write about how to optimize the Kaspersky antivirus engine of the article is considered to be the use of the Kaspersky engine antivirus software vendors must see one of the articles, as the Americans wrote that VB100 in the end how to test antivirus software (which the author of the test results in recent years speculated that VB100 in the test may be used in the type of virus, the relevant ratio, etc.) is the antivirus software vendors will send their own software to the test before the article must be looked at as well. Kaspersky's VM technology is excellent from a lot of analysis documents on the web, but last year someone posted that Kaspersky's good performance comes from its very large virus database and good upgrade speed, and that its antivirus engine is not designed at a higher level than the rest of the companies. Kaspersky's engine employs what is called a single form of rule-based judgment, and it is well known that Norton is based on categorized rule-based processing. Kaspersky's engine is considered to have good performance when comparing file identifiers against virus databases, making full use of the processor's processing power, but it is worrying that the company does not pay sufficient attention to the latest emerging technologies (as commented on by a British computer magazine at the end of last year), and it is probably anybody's guess whether it will be a radical improvement of the original engine or a significant use of new technologies. Kaspersky's engine suffers from what's called the over-and-short file code problem, which, to be clear, sometimes whipsaws, and its researchers say it's being improved. Some time ago someone pointed out in a post that virus writers only recognize Kaspersky, and to be honest after reading a lot of forum documents, it seems that no one strong enough to say so. Kaspersky has taken a path of research and development that is very different from that of American vendors. Kaspersky rarely references technology developed by other companies, but is constantly deepening and improving its own antivirus engine. Commenting on some aspects alone, Kaspersky's engine represents the highest level in the industry, but not all. Kaspersky is a good antivirus program, but it is not a god. It should be said that it stands at the top level of antivirus software along with Norton, mcafee.
In China, there have been rumors that Jiangmin's antivirus software uses Kaspersky's engine. To be honest, quite a lot of antivirus software in the industry refers to its engine design, and there is not enough information to confirm that only Jiangmin refers to its engine design, even in China. Many people have tested Kaspersky and Jiangmin with a variety of virus packages, and the test results are exactly the same. To be honest, this kind of test does not have much credibility, the detection of fossil spores of various antivirus software results are almost the same. There are only two ways to say how the two engines: 1. Send the two software to VB100 or a similar authority for testing, if the two unknown viruses in which the test results (the results are not published, the manufacturer to buy their own) is exactly the same, then nothing to say. It is next to impossible for two different engine mechanisms to produce the same results when dealing with the same large-scale unknown virus database. Unfortunately, Jiangmin did not participate in the VB100 test, as if it is unlikely that individuals have a large enough unknown virus database for detection. 2. Cracking methods similar to anti-programming, analyze the entire software work mechanism, the workload of how much I believe that can be guessed, but also have not seen anyone to engage in this kind of research. Therefore, I personally can only think that Jiangmin may (to a greater extent) reference to Kaspersky's antivirus engine design, but from the two antivirus software sensitivity, antivirus speed, and many other parties to look at, even if the Jiangmin used Kaspersky's engine, the Jiangmin should be carried out to a large extent of the source code to modify or optimize the engine, and other news that the Jiangmin engine to add some of their own development of the technology in the implementation of the method of Similar to the digital code technology. Some experts on Fayfan pointed out that if the source codes of the two software were released, no one would be able to see any relationship between them. In fact, when we found out that Jiangmin's software can't use Kaspersky's virus database, we should know that even if they have borrowed from each other, they can be regarded as different antivirus engines. It is possible that under Win3.x, the two engines were once very similar, but today we are using Winxp, and even if Jiangmin did adopt Kaspersky's engine, then it can be said that Jiangmin has developed the engine in some ways, even though such development may not be in line with the original R&D direction. But no matter what the point of view, I think Jiangmin's antivirus software is still excellent. After all, if you look back at the domestic antivirus software vendors, in the real field of technology development, there is only one flag occasionally flying. Step by step down, Jiangmin still have technical progress. Only on purely technical factors, if Jiangmin Kaspersky engine, then today the two vendors in different directions in the development of the original set of engines, which is not necessarily a bad thing, as long as they do not stick to the old ways, we do not seem to be much of a need to argue whether the two vendors a primitive ancestor, for fear of running ahead of the others when they stop, it is not much different from taking their own lives. Although the market is the first element of antivirus software vendors, but do not forget that technology is an antivirus software can be the decisive force of the evergreen.
This evening and then join the Kingsoft and F-Secure antivirus, from them to see the multi-engine These two antivirus previously known as multi-engine, look at the real situation, talking about Kingsoft, feel a little sorry and depressing. To their own genuine users are lying and cheating, we must know how Kingsoft Antivirus debut, the way and today's Virus Destroyer is the same, in the DR.WEB engine outside the package. But in China it was Kingsoft that added it. WEB and the then Rising Star and KV than, of course, China can not dry it. WEB and Rising Star and KV at that time, of course, China can't do it. So Kingsoft VC was an instant success at that time. But at that time, Jinshan was not at all the multi-engine it said, in fact, just a DR.WEB. WEB. We must think that I am talking nonsense, in fact, Vipers 2003 claimed to integrate AVP engine, 2002 version and before it claimed to be Dr. Web, visible in its so-called "domestic engine" is Dr. Web, Kingsoft does not have its own engine. In fact, DR.WEB in 2002 before the stop and Kingsoft cooperation, you now know why Kingsoft users from the 2002 version of Kingsoft is always cursing the Kingsoft AntiVirus does not work it. It's true that the quality of Kingsoft Antivirus has been very poor since 2002. One more thing, if you open the antivirus together with DR.WEB, see how much memory it takes up. WEB, see how much memory it takes up. I guess today's machine is also bad enough, to be really multi-engine, the performance of the machine can run at that time? Can scanning be that fast? It's just a scam.
People F-Secure antivirus software is really multi-engine (previous version), hometown of Finland, integrated AVP, LIBRA, ORION, DRACO four sets of antivirus engine. Basically the route of the Kaba, plus their own engine, now F-Secure accounted for very little memory, now is not a multi-engine I do not know, there are a lot of people like this east, I tell you there is a way to get the genuine version, you go to use the Microsoft recommended antivirus, which has this, but it is the English version of the can be used for a year, cracked after the raw level, easy to appear like DR. WEB. situation, from the Chinese into the English, if only anti-virus, this F-Secure I still recommend, now the virus database is not as good as the previous version, you install it will find that it has N process, very much occupied memory, this guy is the real multi-engine, this guy is very early integration of the Kaba got the engine, and even in a period of time in the VB100 more than the Kaba, you run it! I'm not sure what you mean by multi-engine antivirus, but I'm sure you'll be able to find it in a few different places.
In my opinion, Kingsoft is the most good show, the Trojan horse library out to do a Trojan horse special kill, the Trojan horse special kill at that time can only check the EXE association with win.ini, winstart.bat and system.ini, needless to say and foreign Trojan horse special kill than, I guess Trojan horse nemesis will laugh it to death, in the firewall to join the antivirus engine, these in fact, have no substantial role. No substantial role, the role of only by a, show so that the Chinese people do not understand the antivirus software to buy Kingsoft Vibe, since the use of DR.WEB engine after Kingsoft almost LJ to the home, if you are Kingsoft's FANS must have seen the Kingsoft Vibe 6 enhancements came out, they said a sentence, "We have never had so much confidence in the Vibe! "It seems that they also know that it can not, that time why have confidence, because the enhanced version can finally check the 2003 version of their publicity can completely check the RAR file virus. Now Kingsoft's new engine actually said that it can kill some very raw shell, even add a shell plus jumping pin, it is simply a lie. It does not have a virtual shell how to kill ah? This is not the pit of the Chinese people? Jinshan's FANS may see to scold me, with the facts to speak, you if you are in the virus-hit areas, you loaded Kingsoft AntiVirus 2006, from now on you don't clean up! I do not say anything, do not believe you try.
Still reproduced: I soak in the Kahan forum for a while, self-esteem on the antivirus a little bit of understanding, according to my experience, antivirus is not everything, it is impossible to find out all the poison. Security awareness and computer knowledge is the most important, and to be safe should kill soft, firewall, HIPS (novice available smart hips) together. In fact, hips than to kill the hose, but also save resources. Of course, there are also toxic can pass him. Also, to understand the kill soft please go to the professional kill soft forum (recommended card rice forum), a lot of articles on the Internet is either wrong, or gun text, or has been out of date. (For example, the 5 engines of that misleading article), online kill software reviews do not believe. Even VB, AV-c, AV-test and other authoritative organizations' reviews are just lab stuff, just for reference. The top10view is even worse, it's just a price/performance test.
Killers generally like high detection rate (in fact, very boring), there are currently six: Kaba (Kaba need not say more, super strong, the previous detection rate is super high, and now because of the free kill more so the detection rate is low. kis has a killers, firewalls, hips, and so on, and they are very good, the three-dimensional defense is great! Because of the hips, you don't have to be afraid of the many exemptions. But the resource consumption is large. And free kill more lead to the detection rate can only be ranked in these old end.
Small Red Umbrella (free version, resource consumption is small, false positives are very low, and no one said so high, the detection rate is super high, heuristic detection of drugs do great! But only the English version 。。。。 But that little bit of English is not difficult)
AVK (avast, bitdefander double engine, natural detection rate is very high. In addition avk2006 because of the use of Kaba and bitdefander engine, than the new version is also excellent.
Trustport (5-engine monster, natural detection rate is super high, but the resource consumption is huge, and there seems to be some problems with the 5-engine...).
Ikarus (slightly higher false positives, higher detection rate, higher resource usage),
a-squard (ik's OEM, anti-malware version with its own smart hips, mamutu. great. but watch out for false positives),
Trustport (5-engine monster, naturally, but super high detection rate, but super resource usage, and some issues with 5-engine coordination! But beware of false positives),
Each has its own specialties, choose for yourself, and the domestic Feltostat is also great. As for the other antivirus, especially the well-known foreign antivirus (such as nod32, AVG, avast, bitdefander), the detection rate is not too much worse than them.
List a few more good antivirus, that is, real-time scanning detection rate is good, and have hips or customized rules.
The big antivirus companies, do enterprise antivirus that a few into: Norton (enterprise version is Symantec), McCafe (can be like hips as self-defined rules and also have their own hips), Kaba, sophos, panda, trend, CA and so on
Another domestic Oriental micro-point is very good, but I think it is not an antivirus, but smart hips firewall.
This is the first time I've ever seen a firewall in my life.
A few more with a free lifetime version (free antivirus is not bad.)!
A few more free versions of the software: avast, small red umbrella, avg, a-squard, mse (Microsoft, good), 360 antivirus (the amateur to do the software, with bitdefander's castration version of the engine and the virus database, not good, do not recommend)
A few more small resource-hungry: avast, small red umbrella, nod32 (the previous version. nod32's version of the software is the same as the previous version. Previous versions. nod32 has great heuristics! The heuristics of nod32 are great!) Rising Star, Kingsoft, Jiangmin or forget it 。。。。
In short, there is no best antivirus, only the most suitable for themselves and their machines. Security awareness and computer knowledge is the most important! The first thing you need to do is to get your hands on a new computer, and then you'll be able to get your hands on a new computer.
Also, don't choose too many famous antivirus programs that are free from killing, but the detection rate of Kaba is low because it is free from killing.
This is all I have to say, so choose your own
.