Current location - Quotes Website - Signature design - What's the shelling ability of Rising?
What's the shelling ability of Rising?
Difference:

1, the frequency of virus database upgrade is different, rising once a day (except weekends), Jinshan is not as fast as Rising.

2. The anti-virus engine is different. Jinshan has no shelling technology. As long as the virus is shelled, it can't be recognized. Rising has its own world-class virtual machine shelling technology.

3. The memory size occupied by antivirus is different. Rising takes up very little memory when killing viruses, so it can continue to do other things without hindrance, but Jinshan can't.

★ Personal experience ★ I gave Kingsoft Internet Security 2007 when I bought a computer, but I got a virus as soon as I got online. Kingsoft Internet Security logos is all rubbish! I will only ask again and again, but I can't do anything about the virus! It is clear after poisoning, but it has no anti-virus ability. What a pity! ! ! So I changed to Rising 2007, and I got it all at once! Awesome! But after a friend's introduction, Kaspersky, the world's top player, found out a lot of viruses, but Rising knew nothing about it! Let me down! But it is indeed a' card bar crash'. The CPU is usually 100%. But safety comes first! !

● Strongly recommended ● Kaspersky V6.0! (Never use Jinshan! )

====================================================================

1 First of all, from the point of view of monitoring, Rising 2004-2005 was written with DLL injection, which is the way used by many viruses, so it takes up a lot of memory and the monitoring is poor. The biggest weakness of DLL injection monitoring is that it is difficult to monitor web viruses, which is also the biggest weakness of Rising. It seems that hook technology was used in 2006, which made great progress.

KV monitoring is much better, almost equivalent to a firewall. Download the virus with Thunder and you will know that it will be killed during the download process, while Rising can only kill it after downloading.

2. In terms of antivirus, it depends on the antivirus engine. KV's engine is very similar to Kabbah's. I don't want to hurt anyone. Only five companies in the world have their own engines, others are imitations, and so are domestic antivirus software. Rising's engine is not very good, and it can't completely remove the self-replicating virus. This is Rising's second biggest weakness. Rising can't completely remove viruses, such as love the back door and roses. Rising antivirus is not thorough. ROSE can't double-click to open it after antivirus with Rising, but it can be recovered directly with KV.

3. In terms of shell killing, Rising's current engine can't kill the shell, and the new engine doesn't know how to shell. Now the public beta, KV can kill the popular shell, which is very good. What does antivirus software that can't kill the shell mean? Treating virus variants with shell protection is basically a waste. This is also the basic standard of antivirus software engine. Why do people use Kabbah? This is a powerful shell, which is the bane of Trojan horse.

4. In terms of virus database, KV is much worse in this respect. At present, the virus database of KV is very incomplete, especially the Trojan horse database. Now you know why KV can't pass the Trojan horse certification on the west coast. The engine is good, but the virus database is incomplete. This is the Achilles heel of KV now. So Jinshan has passed, but KV has not.

5. With its own firewall, Rising's wall is much better than KV, so I don't need to say this.

But I finally say that the most powerful anti-virus engine in the world is Dr. WEB, which is more powerful than Kabbah's. Basically, all shells can be killed, even Beidou's can be easily killed by using dynamic virtual machine shelling technology.

DR.web is a Russian antivirus software called Okumo. It's basically the same as Kabbah, but the engine and technology are different. It is a product adopted by Russian officials and the army. Most enterprises and individuals use Kabbah, which is divided into two versions.

Destroyer uses its engine, but it is a fake spider after all, and its anti-virus effect is completely different from that of Dr. WEB.

There is only one abroad, and the technology is backed by the Russian National Academy of Sciences. The goal of antivirus software companies is not to make money, but purely for technology, so there is no Chinese version now. It never lists binary viruses and trojans that can't be made into virus libraries, so in some tests, the name is not very high, and even rarely participates in evaluation, but the anti-virus strength is definitely above Kabbah, occupying very little memory, almost 4 trillion.

The world's top five antivirus engines:

1, the first one, of course, is Norton, who pioneered practical monitoring technology and knew the code of Microsoft. Everyone says Norton is bad, but in fact Norton's engine is very powerful. Protect the computer from the bottom, so it won't run very fast. It's just that the anti-virus concept is different, which makes Norton not suitable for individual users. Mainly focus on isolation to prevent enterprise files from being deleted. Because some files infected by viruses can't be completely disinfected. Deleting files directly will destroy files, so Norton is the best choice for enterprise users.

2, the second should be coffee, this anti-virus software is mainly anti-virus, but also uses virtual shelling technology, basically all shells can be killed, now you know why it is so hot, Beidou shell, I don't know if it can be killed, but its virtual technology is not as good as Dr. WEB, and the virus written by encrypted XTA algorithm (basically as difficult to crack as DES) is useless as Kaba.

3. The third one is a panda. Haha, this Spanish stuff is the first automatic upgrade in the world. Its engine is also quite good, the speed is absolutely first-class, the virus database is a bit European, it is not very easy to use in China, and it takes up a lot of memory. Jinshan seems to be guarding against pandas now, but the monitoring seems not. The monitoring of Jinshan is LJ, you will know it when you use it.

This is Kaspersky of Russia. I haven't analyzed the 6.0 engine yet. Man is really his own engine. KV used to be the Kabbah of anti-manufacturing. But now KV seems to be more optimized.

5. Dr. 5.WEB, also the engine of Russia, was jointly developed by the Russian National Academy of Sciences for the exclusive use of the military and the Kremlin. Heuristic plus virtual shelling, Beidou shell, outer shell and jumping needle can also be killed, occupying less memory. It can be said to be the strongest engine. It is best to deal with mutant viruses and trojans. You can cancel the encrypted XTA algorithm. Remove extremely complex viruses.

Destroyer uses its engine, but it is a fake spider after all, and its anti-virus effect is completely different from that of Dr. WEB.

I scanned it with the destroyer today. I didn't send anything, but I used the doctor to scan the website and found that so many didn't come out, although most of them were advertisements.

It seems that the core technology is still much worse than Dr. web. Don't think that you really use Dr. WEB. People in Russia say that the core things are not for sale.

Let me talk about NOD. I'm not sure about this antivirus software, but its engine doesn't seem to be its own. It seems that I have greatly improved myself. Antivirus is like a panda, not a panda. Monitoring is like Dr. WEB, and the situation seems to be the same. There are two processes in monitoring, virtual bombardment and heuristic, but the methods are absolutely different. I wonder whose engine it is. Monitoring is very intelligent. I once tried to deal with the virus with a shell of Beidou at night, but I couldn't even use a jumping needle. When I run Grey Pigeon, I actually generate an automatically linked file on my computer. Nodding didn't feel anything. I spent a long time killing people. If you add memory, you can kill it directly. There is a big problem in monitoring. You don't feel much about dealing with the virus with the big dipper shell twice. You can add the shell twice and report to it. It is estimated that you will win the prize.

Then it is very bad for domestic trojans, and many of them can't be killed, especially now that domestic trojans are so rampant. Have you seen Rising's upgraded virus database? Trojan horses account for almost 90%. I think it's better not to use this anti-virus software. I tried several trojans to steal QQ, and I found one. I feel that this antivirus software is still good, but it is not suitable for domestic use. It's worse to deal with gray pigeons than KV. Not that it can't kill the virus. It's the virus database. The software is good. I like this antivirus software very much. The concept is very advanced and takes up less memory. Not really. Don't scold me.

Today, Trend and Red Umbrella were added. Trend is anti-virus software controlled by the Japanese, so it has never been used. But when I was a sophomore, I cracked the trend very well, so I installed the trend on all the computers I studied at school (I worked as an antivirus and maintenance worker at law school and website at that time), not because it was easy to use, but because I just wanted to make the Japanese upgraded server hard disk turn a few more times and consume electricity, so that he could work for the people of China for free a few years ago. I remember when I was in middle school, it produced a Yang Leyi. At that time, it sold for 28 yuan, and the surveillance tape was upgraded. At that time, Rising was still three floppy disks, but the personal version was really not so good. If you want to use it, use the enterprise edition.

Red umbrella is a typical product that imitates Dr. WEB. At least the anti-virus engine should have the same effect as the destroyer, even the scanning method is the same. Memory scanning and antivirus scanning are separate. I like this guy very much. It was used a long time ago, and even killed the love that Rising couldn't kill at that time. I still used the free gold version you liked, but I gave it up because there was no way to upgrade.

Others say that Kabbah's antivirus takes up too much memory. It's true. I feel that Kabbah is not successful, at least not the best antivirus software, good antivirus software. The most important thing is to look at the design of NOD32 without a computer. If NOD has Kabbah's virus database, I guess I will always use it. Today, opening several web pages with NOD32 was poisoned again, which was simply a disregard for domestic users. The key is that there is no domestic market. This will only happen if there is no profit. But if everyone buys genuine copies, I still recommend China. I have been buying genuine products, including my XP, which is really more stable than those bought on the street. So it's best not to use those so-called cracks when testing. There is a difference between piracy and genuine anti-virus in Rising 2005, but I seldom buy foreign genuine products, and I always use Jiang Min genuine products. Rising also has genuine ones. I have tested them. You know there is always a hint in the previous rise, please kill it again and again. What do you mean, it can't be cleared at one time? That is to say, in 2005, Rising's engine crashed seriously, and the self-replicating virus could not be cleared at one time. When Rising was in 2005, I stood in front of the server with a box lunch and watched its monitoring being killed by love. It was so sad. 90 yuan bought the Golden Mountain Netdart V. Pay attention to friends who use KPINGgsoft. Its PINGtermediate rule does not prevent others from pinging. If you switch to the advanced level, you can't watch movies online. The rules are really not good, but the average family is enough. Kaspersky's anti-hacker seems unable to stop others from ppingging you in the LAN. I haven't tried the firewall of KIS6.0, but I recommend you to switch to learning mode. Its default value is low. Now you don't buy Jinshan. If you want to buy it, buy Rising with KV and a new engine. It is estimated that Rising, a new engine, will be better than KV, provided that KV is not upgraded. However, KV and Kabbah have been working closely together recently. It is estimated that by the next version, the engine may reach the standard of Kabbah 6.0, and it will be strong for China to support domestic production! ! Look at Korean cars. Basically, Koreans use their own cars. Kabbah's scanning is to scan all files, so it is very stuck. It's no use turning off the surveillance. It runs inside the system. But anti-virus is absolute ... in your dreams.

By the way, the Chinese version of Panda 2007 was published today. Panda's latest engine has exceeded the speed of NOD32. Judging from the evaluation abroad, it takes up a lot less memory. I am testing it now, and it is very smooth. You can try. It still feels good. Do another firewall analysis in a few days. I hope everyone will support me. I enlarged the words, which is good for my eyesight. If you have any questions, just say it. I will continue to update. Be sure to remember that anti-virus software must not trust the machine, otherwise it will violate the basic principles. What's the difference between this and your perennial poisoning?

Here is a brief introduction of antivirus engines of various manufacturers, some from public technical materials, some from anti-editors regarded as classics in virus forums, and some from manufacturers' technical personnel (both official and private).

1. Norton: This is the most familiar one. In fact, Norton's antivirus software is not very good at preventing detection. Many virus programs often learn the code that crashes Norton in the subroutine section. I hope Norton can adopt stronger self-protection technology in the new version. Norton's engine should be completely self-contained, and there is no data to prove that Norton bought or borrowed other antivirus engines. It is said that many companies have consulted Kaspersky's leaked engine design when designing, so they once asked this question when chatting online in Microsoft community. The reply agreed that Norton didn't need to learn from Kaspersky's antivirus engine, and his own engine was quite good. A guy named fenssa even replied that Norton's anti-virus engine is quite advanced, regardless of virus database factors, and its comprehensive protection performance is very good. In Microsoft, Norton's software is used in addition to McAfee's software (I believe it is rare to see Microsoft using other software). From the description of Norton's technical documents circulated on the virus forum and an article about Norton's step-by-step tracking and anti-editing in the virtual machine environment, Norton's anti-virus engine should be the perfect combination of traditional static code correspondence and real-time monitoring, and there should be some improved virtual machine technology in it (Norton's people don't admire virtual machine technology very much). Norton's slow antivirus speed should be related to Norton's traditional inspection method, which uses more static codes. Personally, I like Norton's isolation mechanism. I don't think deletion should be adopted until the correct handling method is determined. The virus written by a master should be related to the system process as much as possible. In this case, the advantages of isolation immediately appear. Norton occupies a lot of resources, but it has achieved the following design goals: the virus that can be identified and the process that is identified as a virus can be handled correctly, and there will be no misjudgment of the' virus corpse' that can not cause damage, and there will be no situation that a virus is detected as a virus again and again after being handled.

Many people think that Norton Enterprise Edition and Personal Edition use the same engine, which is incorrect. Enterprise edition actually improves the technology of personal board. An article published on zdnet pointed out that the core rules of the enterprise version and the personal version of the engine are exactly the same, but the enterprise version is better than the personal version in importing some front-end files, and the enterprise version uses more API interfaces. According to the article, when scanning large-scale documents, the enterprise version is obviously superior to the personal version. And because of the use of load technology, the enterprise edition takes up a little more resources. In addition, it is said that Enterprise Edition supports network-based multi-load technology.

2. McAfee: I remember reading a report that McAfee acquired another anti-virus software engine design company, which was called Solomon according to the reply. It is rare to see the technical documents about mcafee anti-virus engine analysis on the Internet, but from his own publicity materials, mcafee has thoroughly studied virtual machine technology and real-time monitoring. For example, the technology he recently promoted to prevent application overflow (roughly this name) should be an excellent combination of virtual machine technology and real-time monitoring technology, regardless of the hardware platform, although false overflow detection often occurs (software-level overflow technology is really unstable). When dealing with a large number of files, mcafee has a certain speed advantage (this issue is discussed in Microsoft community). It is reported from McAfee forum that McAfee is studying more advanced intelligent code scanning technology, which is estimated to be better than Oriental Guardian. According to the team leader's reply, McAfee has been focusing on the new security field of "proactive prevention" since the release of VSE8.0i, and Norton is also developing in this direction. "preemptive strike" is divided into two parts. One is to use some firewall technology and its intrusion detection technology to effectively block the spread of the virus, so that the virus can not spread in a large area at the initial stage of infection, reducing the harm; Secondly, it relies on powerful signature detection technology (Extra.dat) to detect virus behaviors and signatures, and its strong R&D team and strategic alliance partners make it unique in this field. Norton can also add some functions that originally belonged to the firewall to new products. The email asked Norton researchers why they didn't use signature antivirus technology, and responded that a perfect signature scanning technology should be able to add a specific file as a virus according to the user's designation, that is, when the user designates an active program as a virus, the engine of antivirus software can define a signature for the active program according to its own rules, and when controlling the active program, it can effectively cut off its connection with the normal process of the system. Before this level, Norton will not adopt signature technology on a large scale. According to McAfee's technical documentation, McAfee has only conducted limited experimental research on this technology and applied it in a more confident place. In fact, these two companies still have a long way to go in this regard.

3. Kaspersky: anti-virus software that has been over-mythologized. Personally, I respect Kaspersky's high standards, but to be honest, Kaspersky doesn't have enough reasons for me to give up Norton without considering the resource occupation. There is no difference between the two levels. Kaspersky is worse than Norton in stability. Because Kaspersky's engine was leaked years ago (in fact, it is not the original source code that was leaked, and the leaked engine can be easily edited), many detailed technical analyses about Kaspersky's engine can be found on the Internet, especially the article written by German virus experts on how to optimize Kaspersky's antivirus engine, which is considered to be one of the articles that all antivirus software manufacturers using Kaspersky's engine must read. Just like the article written by Americans about how to test anti-virus software with VB 100 (in which the author speculates the virus types and related proportions that VB 100 may use in the test according to the test results in recent years), it is a must-read article for anti-virus software manufacturers before sending their own software to test. Judging from a large number of analysis documents on the Internet, Kaspersky's virtual machine technology is excellent, but last year someone posted that Kaspersky's good performance comes from its huge virus database and good upgrade speed, and its anti-virus engine design level is not higher than other companies. Kaspersky's engine uses the so-called single form of rule judgment, while it is well known that Norton is based on rule classification. Kaspersky's engine is considered to have good performance in file identification and virus database comparison, which makes full use of the processing power of the processor. "But what is worrying is that the company doesn't pay enough attention to the latest technology" (British computer magazine commented at the end of last year). It is estimated that no one knows whether to completely improve the original engine or use a lot of new technology. Kaspersky's engine has a problem called "too much file code and too short". To put it bluntly, it sometimes whips corpses, and its researchers say it is improving. Some time ago, someone posted that the virus author only recognized Kaspersky. To be honest, I have read a lot of forum documents, and it seems that no strongman has said so. Kaspersky takes a completely different R&D road from American manufacturers. Kaspersky seldom refers to the technology developed by other companies, but is constantly deepening and perfecting its own anti-virus engine. In some ways, Kaspersky's engine represents the highest level in the industry, but not all. Kaspersky is a good antivirus software, but it is not a god. It should be said that it is at the peak level of anti-virus software such as Norton and McAfee.

In China, there are rumors that Jiang Min's antivirus software uses Kaspersky engine. To tell the truth, quite a few anti-virus software in the industry refer to its engine design. Even in China, there is not enough information to prove that Jiang Min only refers to its engine design. Many people use various virus packages to test Kaspersky and Jiang Min, and the test results are exactly the same. To tell the truth, this kind of detection has no credibility, and the results of various anti-virus software for detecting fossil spores are similar. There are only two ways to say how the two software engines are: 1. Send the two softwares to VB 100 or similar authority for testing. If the detection results of the two softwares for unknown viruses are exactly the same (the results are not published, and the manufacturers buy them themselves), there is nothing to say. It is almost impossible for two different engine mechanisms to have the same detection results when dealing with the same large-scale unknown virus database. Unfortunately, Jiang Min has not participated in the VB 100 test, and it seems unlikely that individuals will have a large enough database of unknown viruses to detect. 2. We use a similar cracking method to do reverse editing and analyze the working mechanism of the whole software. I believe everyone can guess how big the workload is, and no one has done this kind of research. So personally, I can only think that Jiang Min may (to a great extent) refer to Kaspersky's anti-virus engine design, but judging from the sensitivity and anti-virus speed of the two anti-virus softwares, even if Jiang Min adopts Kaspersky's engine, Jiang Min should also modify or optimize the source code to a great extent. In addition, it is reported that Jiang Min has added some self-developed technologies to the engine, which are similar to digital code technology in implementation method. Some experts in Fan Fei have pointed out that if the source codes of these two softwares are made public, perhaps no one can see the relationship between them. In fact, when we find that Jiang Min's software can't use Kaspersky's virus database, we should know that even if we have used it for reference, they can already be considered as different antivirus engines. Perhaps under the win3.x platform, the two were very similar; But today we use winxp. Even if Jiang Min did use Kaspersky's engine, it can be said that Jiang Min developed this engine in some aspects, although this development may not be consistent with the original research and development direction. But no matter from which angle, I think Jiang Min's anti-virus software is still excellent. After all, if you look back at the domestic antivirus software manufacturers, the real technology research and development field only occasionally flies such a flag. Step by step, Jiang Min still has technological progress. As far as purely technical factors are concerned, if Kaspersky's engine is adopted in Jiang Min, it is not necessarily a bad thing for the two manufacturers to develop the original engine in different directions today. As long as we don't rest on our laurels, it seems unnecessary for us to argue whether the two manufacturers are a primitive ancestor. What we are afraid of is stopping when others are running forward, which is no different from self-destruction. Although the market is the first factor for antivirus software manufacturers, don't forget that technology is the decisive force for the long-term success of antivirus software.

Join Jinshan and F-Secure for antivirus tonight, and see multiple engines from them.

These two antivirus products were once known as multi-engines. Look at the real situation. Speaking of Jinshan, I feel a little sorry and depressed. Deceive your genuine users, everyone must know how Kingsoft Internet Security made its debut, just like today's virus destroyer, wrapped outside Dr. WEB Engine. But in China, it was added by Kingsoft. In fact, the drug tyrants in those days were really good, which can be said to be better than Rising and KV at that time, and this is also appropriate. Take Dr as an example. Compared with Rising and KV at that time, China certainly couldn't do it. So Kingsoft Internet Security succeeded at that time. But at that time, Jinshan was not a multi-engine at all, but actually a doctor based on WEB. Why? People must think I'm talking nonsense In fact, drug tyrant claimed to be an integrated AVP engine in 2003, and it was also called Dr. Web in 2002 and before. It can be seen that its so-called "domestic engine" is Dr. Web, and Jinshan does not have its own engine. In fact, Dr. WEB stopped working with Kingsoft before 2002. Now you know why users of Kingsoft Internet Security have been scolding Kingsoft Internet Security since the 2002 edition. Indeed, judging from the 2002 version of Kingsoft Internet Security, the quality is very poor. One more thing, turn on Kingsoft Internet Security and dr. with WEB to see how much memory they occupy. It is estimated that the present machines are also terrible. If it is really a multi-engine, can the performance of the machine run at that time? Can the scan be that fast? This is a lie.

F-Secure's antivirus software is really multi-engine (last edition). In Finland, my hometown has integrated four anti-virus engines: AVP, Libra, Orion and Tianlong. Basically, I take the Kabbah route, plus my own engine. Now F-Secure takes up very little memory. Now I don't know if it's multi-engine. Many people like this kind of thing. I'll tell you there's a way to get the original. You can use the antivirus recommended by Microsoft. There is this one, but it can be used for one year. After cracking the product, it is easy to appear like Dr. In the case of the WEB, it changed from Chinese to English. If it's just anti-virus, I still recommend this F-Secure. The current virus database is not as good as the previous version. When you install it, you will find that it has n processes and takes up a lot of memory. This guy is a real multi-engine. This guy has been integrating Kabade engine for a long time, and even surpassed Kabbah in VB 100. You can run it once.

In my opinion, Jinshan is best at putting on a show. Take the Trojan Library and kill a Trojan horse. At that time, Trojan Horse Killing could only check the relationship between EXE and win.ini, winstart.bat and system.ini, not to mention the comparison with Trojan Horse Killing abroad. It is estimated that Trojan horse thieves will laugh to death. Add an antivirus engine to the firewall. These have no substantive effect, only one function is to let people who don't know anti-virus software in China buy Kingsoft Internet Security. After the WEB engine, Jinshan is almost home, LJ. If you are a fan of Kingsoft, you must have seen the enhanced version of Kingsoft Internet Security 6. They said, "We have never had such great confidence in Internet security." It seems that you know you can't do it. Why did you have confidence then? Because the enhanced version can finally kill the RAR file virus they promoted in 2003. Now Jinshan's new engine actually says that it can kill some very fierce shells, and even adds jumping needles after adding shells, which is simply a lie. How to kill without virtual shelling? Isn't this cheating the people of China? Fans of Jinshan may scold me after reading it. Tell the truth. If you are in the hardest hit area of the virus, you should install Kingsoft Internet Security 2007, so don't be idle from now on! ! ! I won't say anything, just try if you don't believe me.