Hi,

In the (not so long ago) past the Kaspersky site was giving info about the definitions here:
http://www.kaspersky.com/updates.html

Things have been changed at the Kaspersky site recently.

Info can now be found here at Virus Watch:
http://www.kaspersky.com/viruswatchlite

But to me it seems that that site is not giving the info as they are saying at that same page.

That page says:
-{ Quote: "
The first column shows the exact time that a program was added to the antivirus databases. The second column shows the time that an antivirus database update containing this detection was released.
" }-

Let's have a closer look at these two sentences.

1.
It makes a difference between the time a program was added to the antivirus database and the time that database was actually released.
2.
And according to that quote, both times are showing in the table on that page.

But:
For most of the "programs" I see only one time mentioned; that means only in the column "Detection Time".

So:
Am I mis-understanding things here?
Is the explanation at that page not saying all it should?
Should perhaps an extra explanation be added (something like "if you see only one time mentioned, the second time is the same as the first time")?
Or something else?

(Update posters at several forums have been asking themselves about these kind of things.)

As I understand it, only the first column is what you really want. Because otherwise I wouldn't see the point in publishing such a number of "detections" without them being added to databases first :D Take the case of Trojan.Win32.FraudPack.sth on page 20, would be this the only added threat to the bases then? :P
Any clarifications welcomed..

-{ Quote: "As I understand it, only the first column is what you really want. Because otherwise I wouldn't see the point in publishing such a number of "detections" without them being added to databases first :D Take the case of Trojan.Win32.FraudPack.sth on page 20, would be this the only added threat to the bases then? :P
" }-

Yep, but I didn't write those two lines there at that page:
-{ Quote: "
The first column shows the exact time that a program was added to the antivirus databases. The second column shows the time that an antivirus database update containing this detection was released.
" }-

I still think that those lines should be more clear.
If I'm right in thinking that "if only the first time is mentioned, then the second time is the same as the first time", then that should be mentioned there.

I'm not sure I get your question right.
It is viruswatch you need to look at

-{ Quote: "If I'm right in thinking that "if only the first time is mentioned, then the second time is the same as the first time", then that should be mentioned there." }-The way it reads it implies the first column shows when the detection was added to the database, but the second column, when filled in, indicates when that release was delivered. Time of addition to database and time of release of database appear to be two different things from this perspective.

-{ Quote: "As I understand it, only the first column is what you really want. Because otherwise I wouldn't see the point in publishing such a number of "detections" without them being added to databases first :D Take the case of Trojan.Win32.FraudPack.sth on page 20, would be this the only added threat to the bases then? :P" }-That's not what it's saying. To take your example, Trojan.Win32.FraudPack.sth was added to the database at 2.08 on 2 September, but the database containing that detection - along with others - was not released until 5.44.

The timings are a bit unclear, especially when you also look at this KL Virus Watch (http://www.kaspersky.com/viruswatch3).

-{ Quote: "The way it reads it implies the first column shows when the detection was added to the database, but the second column, when filled in, indicates when that release was delivered. Time of addition to database and time of release of database appear to be two different things from this perspective." }-

Yes, that's exactly how I read those two lines too:
-{ Quote: "
The first column shows the exact time that a program was added to the antivirus databases. The second column shows the time that an antivirus database update containing this detection was released.
" }-

And this was only a guess by me, because I don't know whether I'm right and because that page is so unclear:
-{ Quote: "
If I'm right in thinking that "if only the first time is mentioned, then the second time is the same as the first time", then that should be mentioned there.
" }-

-{ Quote: "
The timings are a bit unclear, especially when you also look at this KL Virus Watch (http://www.kaspersky.com/viruswatch3)." }-

Thanks for that link. Unfortunately I cannot read that whole page because I cannot see parts of it on my old 17 inch (not flat) screen :o

-{ Quote: "Thanks for that link. Unfortunately I cannot read that whole page because I cannot see parts of it on my old 17 inch (not flat) screen :o" }-I've only got a 15" monitor, but I found that if I use the arrow keys I can move around the page. However, once I click anywhere with the mouse I cannot so I don't do that. ;) Not sure if that'd work for you, but worth a try if you haven't done so already.

-{ Quote: "I've only got a 15" monitor, but I found that if I use the arrow keys I can move around the page. However, once I click anywhere with the mouse I cannot so I don't do that. ;) Not sure if that'd work for you, but worth a try if you haven't done so already." }-

Thanks for the tip, Tony ! Alas, it doesn't work for me.

-{ Quote: "That's not what it's saying. To take your example, Trojan.Win32.FraudPack.sth was added to the database at 2.08 on 2 September, but the database containing that detection - along with others - was not released until 5.44." }-
Thing is they don't specify whether it's a particular 'detection released on..' for just one threat or several of them. I didn't know that.

-{ Quote: "The timings are a bit unclear, especially when you also look at this KL Virus Watch (http://www.kaspersky.com/viruswatch3)." }-
They should start making a standardize and comprehensible :wacko: listing of definition updates.

-{ Quote: "The way it reads it implies the first column shows when the detection was added to the database, but the second column, when filled in, indicates when that release was delivered. Time of addition to database and time of release of database appear to be two different things from this perspective." }-
Thanks for clarifying Tony.

Another strange thing is, what about the Kaspersky's KSN detections? I think these detections come between the interval of Kaspersky detecting it and Kaspersky releasing an update for it.

-{ Quote: "Another strange thing is, what about the Kaspersky's KSN detections? I think these detections come between the interval of Kaspersky detecting it and Kaspersky releasing an update for it." }-
That is exactly what it is, but i am not sure if every file is checked against KSN.