ive got a question regarding update frequency and speed in these programs.

the multi engined avs will necessarily score better in test than kav, i guess thats natural. but how do these compare to kav (or any other original engine) when it comes to new viruses ? say viruses that have appeared in the last 48 hours ? my kav gets updates fromt eh kav server every 3 hours or so, while, according to a guy i know who works for f-secure, it takes about 24 hours from the new definitions are released by kav b4 they are available to f-secure users.

this makes me believe that f-secure etc are always lagging 24 hours or more behind kav...not sure if teh same applies to the other kav based av's

so im thinking, these avs would score quite poorly in a test with only brand new viruses ?

any thoughts?

Quote:-"the multi engined avs will necessarily score better in test than kav"
Why do you assume this when most test results don't bear this out?

tahoma,

{QUOTE-> say viruses that have appeared in the last 48 hours ? my kav gets updates fromt eh kav server every 3 hours or so, while, according to a guy i know who works for f-secure, it takes about 24 hours from the new definitions are released by kav b4 they are available to f-secure users. <-QUOTE}

That's true indeed. Most/all Antiviruses using a KAV engine as well are depending on Kaspersky for releasing dababase updates to imply. This could well take 24 hours or more. GData/AVK (a very nice AV) as a standard releases even less KAV engine-based database updates as a standard (unless in emergencies); once a week. One has to cough up a handful of extra bucks for "premium" updates, delivered on a (intra) daily basis. And - even then the delay as mentioned above comes into play.

{QUOTE-> this makes me believe that f-secure etc are always lagging 24 hours or more behind kav... <-QUOTE}

In principle and solely in regard to the KAV engine: yes - at maximum that is.

{QUOTE-> not sure if teh same applies to the other kav based av's <-QUOTE}

It does.

regards.

paul

Just a thought could the AVs that use the Kav engine use the Kav defs? if so couldn't they be downloaded from the Kav ftp site and then copied to the "bases" folder of whichever AV the user is using then the updates would be available at the same time as Kav users,or are they altered in some way to make each AV using the Kav engine unique(hope that makes sense the way I've phrased it!)

{QUOTE-> Just a thought could the AVs that use the Kav engine use the Kav defs? if so couldn't they be downloaded from the Kav ftp site and then copied to the "bases" folder of whichever AV the user is using then the updates would be available at the same time as Kav users,or are they altered in some way to make each AV using the Kav engine unique(hope that makes sense the way I've phrased it!) <-QUOTE}

For sure AVK/Extendia will not allow this; I'm pretty sure same goes for F-Secure :)

regards.

paul

Thats a pity!

{QUOTE-> Just a thought could the AVs that use the Kav engine use the Kav defs? <-QUOTE}

It's worth a try... ;)

From my experience, it works with both mentioned AVs (although AVK displayed a warning about wrong checksum or something- but it still worked...) 8)

{QUOTE-> It's worth a try... ;)

From my experience, it works with both mentioned AVs (although AVK displayed a warning about wrong checksum or something- but it still worked...) 8) <-QUOTE}

Did you read the EULA from both AVs?

regards.

paul

thanks for the replies guys

do we know if the same lag applies to the other engines used, such as bitdefender and rav ?

and if so, wouldnt it be pretty dangerous to use avk/f-ecure etc as they wouldnt protect you against the new viruses, especially in case of an epidemic like mydoom or netsky etc? 24+ hours with no protection against those sounds scary

Just a quick note...

It's useful to remember that EULA has no legal power in many countries.

It is called a "one-sided legally non-binding agreement" in many countries and as such has no legal consequence whatsoever. Except in the USA :)

I for one wouldn't use a single Microsoft/Apple/Sun/<add your favourite software supplier here> software if I had to agree & obey their EULAs.

regards,
halcyon

{QUOTE-> It's useful to remember that EULA has no legal power in many countries.

It is called a "one-sided legally non-binding agreement" in many countries and as such has no legal consequence whatsoever. Except in the USA :)

I for one wouldn't use a single Microsoft/Apple/Sun/<add your favourite software supplier here> software if I had to agree & obey their EULAs. <-QUOTE}


That's news to me :o

just to add to this discussion in the UK there are what are regarded in law as "unfair contracts" and are not legally binding,I think that a fair no. of software EULAs would fall into that category,I bet no software manufacturer would try to enforce them through the courts for fear of losing and setting a legal precedent that would apply to all EULAs

i too have tried f-secure with kav bases downloaded from kaspersky ftp( i used x-bases)

but the updates thing is the main reason why i prefer KAV..

i've sent some undetected nasties to samples@f-secure.com, but even in those cases kav had detection first..

BUT in a res alert virus emergency i think the situation is different and f-secure gets faster updates, AFAIK they don't solely rely on kav updates, they do make their own too..

{QUOTE-> BUT in a res alert virus emergency i think the situation is different and f-secure gets faster updates, AFAIK they don't solely rely on kav updates, they do make their own too.. <-QUOTE}

According to the data that av-test.org collects about the reaction time of different vendors KAV is still much faster than F-Secure. So no advantage of F-Secure in emergency cases. :(

wizard

{QUOTE-> Just a thought could the AVs that use the Kav engine use the Kav defs? if so couldn't they be downloaded from the Kav ftp site and then copied to the "bases" folder of whichever AV the user is using then the updates would be available at the same time as Kav users,or are they altered in some way to make each AV using the Kav engine unique(hope that makes sense the way I've phrased it!) <-QUOTE}

I am not sure - is it possible with eScan antivirus?

Not sure about Escan, but AVK for example has some sort of protection that doesn't allow to use the original KAV signatures.

wizard

i agree Lars.. kav is the fastest.. no other av comes even close to their reaction time
i've submitted lot's of (undetected)nasties to kav, fastest response was 15 minutes= detected with next update

that's why i use it!