A friend's computer suffered from an infection yesterday, and after getting him back on his feet I followed recommendations I've read on this forum, and patched him with AVS, the "newbie-friendly" antivirus software.

After AVS scanned and cleaned his computer, I noticed that AVS had "Backup" and "Quarantine" functions. All deleted malware went to Backup, and none to Quarantine. Being curious as to why this was the case I dredged up the help files (I've never used AVS myself), and received some pretty obscure and ambiguous wording on how AVS "can detect unknown viruses", which was what the Quarantine function was for.

Out of curiosity, can someone help clear the air for me? Does AVS actually come with heuristics, and if so, why is this not shown in the program settings and hence cannot be turned off?

Thanks.

In Kaspersky (& AOL AVS)..........backup is like quarantine & quarantine is only for suspicious detections = heuristical detections.

and of course AVS comes with the standard heuristics since it uses the same bases as KAv. the only thing it's missing is the behavioural blocker AKA proactive defense which helps detect unkown malware when it's running.

Thanks for the explanation. I was just a bit confused as how AVS never lists heuristics in its program options, which I've more or less grown used to in other antivirus products, plus the ambiguously-worded helpfiles weren't very helpful.

So AVS does include heuristics, though I've never seen the Kaspersky engine on VirusTotal trigger any heuristics before.

I have seen KAV detect some script file and some viruses by heuristics but its excepted that they are no where near as effective as Dr Web, Avira, Nod32 Bitdefender to name a few.

Although KAV make up by adding signitures very quickly and the KAV 6 has proactive defense which should take care of new threats.

If you are using AOL virus sheild I would recomend using Prevx or Cyberhawk along side to give you some added Heuristic/behavour blocker protection.

Cheers

Jlo

{QUOTE-> Thanks for the explanation. I was just a bit confused as how AVS never lists heuristics in its program options, which I've more or less grown used to in other antivirus products, plus the ambiguously-worded helpfiles weren't very helpful.

So AVS does include heuristics, though I've never seen the Kaspersky engine on VirusTotal trigger any heuristics before. <-QUOTE}
Kaspersky's heuristics are not the greatest admittedly, that will change though in the not too distant future, however i can't say for sure if AVS users will receive this upgrade.

{QUOTE-> Kaspersky's heuristics are not the greatest admittedly, that will change though in the not too distant future, however i can't say for sure if AVS users will receive this upgrade. <-QUOTE}
if kav 6 will recieve them then probably so will AVS (they use the same updates afterall)

ich don't think so.

Greetings IBK
Care to elaborate on that? :D

{QUOTE-> ich don't think so. <-QUOTE}
Me neither. ;)

that kav 6 will recieve them or that avs will recieve them? ;)

{QUOTE-> that kav 6 will recieve them or that avs will recieve them? ;) <-QUOTE}
That is the question.......isn't it? ;)

IF A is an event that kav 6 will recieve new heuristics and B that avs recieves new heuristics (and doesn't get a full program update AVS v. 2 for example)
then B implies A but A doesn't neccesarily imply B.
Hope you understand ;)

{QUOTE-> IF A is an event that kav 6 will recieve new heuristics and B that avs recieves new heuristics (and doesn't get a full program update AVS v. 2 for example)
then B implies A but A doesn't neccesarily imply B.
Hope you understand ;) <-QUOTE}
I don't believe AVS will receive whatever new cutting-edge heuristics Kaspersky Labs is working on; or, at least, it won't receive them anytime soon. Advanced heuristics is one of the more sensationalized, craved-for features in the antivirus software industry, and conventional logic dictates that Kaspersky Labs need to give people an incentive to shell out dollars for their product instead of giving their technology away for free.

I've been sufficiently interested by AVS to give it a spin, but I don't really care much for heuristics in antivirus programs. I've yet to see a heuristics engine that beats Micropoint at unknown malware prevention. ;D

{QUOTE-> IF A is an event that kav 6 will recieve new heuristics and B that avs recieves new heuristics (and doesn't get a full program update AVS v. 2 for example)
then B implies A but A doesn't neccesarily imply B.
Hope you understand ;) <-QUOTE}
You lost me at "IF A"..........;)

like in math. ;)
i just named the two events A and B...
i know what you are trying to do where, stop beating around the bush...

i susspect that we will see a newer version with these new heuristics, right, not just a regular update.....
True or false?

{QUOTE-> like in math. ;)
i just named the two events A and B...
i know what you are trying to do where, stop beating around the bush...

i susspect that we will see a newer version with these new heuristics, right, not just a regular update.....
True or false? <-QUOTE}
It will not be just an update with the signatures and if you referring to Kaspersky, not AVS.................i think.

{QUOTE-> It will not be just an update with the signatures and if you referring to Kaspersky, not AVS.................i think. <-QUOTE}
yes, and this means that AVS will also have to get a new build to use the new heuristics (this is a how the heck will users know AVS was updated build ;) )

Hi!

In general, OEM/SDK users with a valid contract with Kaspersky are entitled to receive updates to signature and engine. Signature detection by KAV should be same as signature detection by XYZ producer licensed to use KAV.

Another story is when XYZ producer will implement changes if these changes will require something more than autoupdates. By the way, don't know about AVS since they use a rebranded KAV product rather than OEM KAV engine.

Obviously, from a commercial point of view KAV has little interest in updating heuritics detection (by signature) in order to push their own products and their non-signature based detection (e.g. PDM propietary functionality). The pressure will come from indipendent AV testing and PC related magazines that uses "on demand" detection tests rather than "on access" detection. Once KAV will perform badly on these test they will move towards a revised heuristics more promptly ;)

[last paragraph is IMHO]

Cheers,
Fax

{QUOTE-> yes, and this means that AVS will also have to get a new build to use the new heuristics (this is a how the heck will users know AVS was updated build ;) ) <-QUOTE}
Yes, if AVS is going to get the new heuristic module they will need a new a version of AVS, but they most likely won't get it............get it? ;)

will kav 6 recieve it then?
btw i heared that v7 will be out in Q1-Q2 of 2007, maybe they will release heuristics together.

yes, kav will with v7 in some few months. theoretically also v6 could get/use it, but now i am no longer sure about it.

version 7 so soon?
lodore

if you want to stay in business then yes :)

i wonder what they will add to it and if it will be just as light on my pc.
i might have to check the kaspersky forum more often and post my ideas for the new version
lodore

from what i saw on the forum the team is already working on it (not released in beta yet).

cool i didnt find any thing related to that on the forum if you find any threads please give me the links.
lodore

{QUOTE-> from what i saw on the forum the team is already working on it (not released in beta yet). <-QUOTE}
Theres a team working on ideas etc for 7.0, thats correct, but there is not even a prototype released to the betatesters yet. :)

{QUOTE-> Theres a team working on ideas etc for 7.0, thats correct, but there is not even a prototype released to the betatesters yet. :) <-QUOTE}
isn't it the kav 6 core team (under the "leadership" of Nikolay Grebennikov aka grnic)?

{QUOTE-> isn't it the kav 6 core team (under the "leadership" of Nikolay Grebennikov aka grnic)? <-QUOTE}
No, it's the 7.0 coreteam!............and we're getting way off topic. ;)

agree, but what i meant is if it isn't the same team as with kav 6.

last off topic post.

I was under the impression the new heuristics will be available as signatures therefore AVS should get them as well as KAV/KIS.

Looks like even more to get excited about. Malware and viruses are nearing an end of their life cycle if you ask me.

{QUOTE-> Malware and viruses are nearing an end of their life cycle if you ask me. <-QUOTE}Far from it if the number of AV updates are anything to go by.

{QUOTE-> Looks like even more to get excited about. Malware and viruses are nearing an end of their life cycle if you ask me. <-QUOTE}
Hmm...Not so sure about that. Isn't that some sort of rule saying that "malware evolves in proportion to improvements made in AV software"? :D