My review of eXtendia AVK Antivirus System.

To AMRX from Firefighter!

I've scanned my collection with eScan too before. No significant differencies with eXtendia KAV. I think eXtendia KAV has extended database in it! But don't know how it is against Dialers.

Best regards,
Firefighter!

 

dear Firefighter, just locate riskware.avc, pornware.avc etc. in your database. if you succeed then AVK is using the extended database.

 

Now I should say...

I have not tested extendia AVK, but the G-Data version, as it exists in a french version with a french patch.

What I have noticed is that this is one of the only antivirus software that can really "delete" an infected file, whereever this file is.

An example : I have downloaded an eicar test in a level 5 recursivity zip file. I have tried to scan this file for viruses with : AVK, Kapersky 5, Avast, and F-Secure.

All those three software found the virus, so it is a good thing.

Then, as an action I choose "delete". Kapersky did nothing (the file is still there), neither did Avast. F-Secure displayed a message "file cannot be deleted because inside an archive".

AVK was the only one who deleted the file inside the archive successfully.

I used NOD32 before and my biggest complain was, often it was impossible to delete an infected file. I have to look at the path and delete the file myself.

So that is why I like AVK : it can delete the file itself without a problem...

I don't like AVK tray icon, but it doesn't really matter isn't it ?

 

To AMRX from Firefighter!

Just checked some Dialers with eXtendia AVK Pro. Only RAV engine was able to detect them, not KAV.

Best regards,
Firefighter!

 

dear The Gloomy Kestrel, cleaning files inside archives is not an important task considering the malware is in benign state.

dear Firefighter, sometimes the RAV engine really shows that it packs some punch. i wonder if the BD version would detect it with BD engine. BitDefender is good but no way comparable with RAV. what do you say? have you done any testing as RAV vs BD?

 

To AMRX from Firefighter!

RAV is still pretty good against my samples, just after eXtendia KAV. Here you can compare eXtendia RAV to BitDefender 7.2 Free. But to be honest, BDF 7.2 is also pretty hot stuff.

Trojan like malware [449];
334 Backdoor & Trojan, 21 Exploit, 16 Script, 15 TrojanDownloader and 63 TrojanDropper

407/449 eXtendia RAV

366/449 BitDefender 7.2 Free


Viruses [908];
77 BAT, 65 Macro, 5 WinHLP, 296 Win32, 418 Worm and 47 Other Viruses

842/908 eXtendia RAV

836/908 BitDefender 7.2 Free


Riskware [137];
27 Constructor, 6 Joke, 6 Keylogger, 63 PolymorphicEngine and 35 VirTool

67/137 BitDefender 7.2 Free

66/137 eXtendia RAV

Best regards,
Firefighter.

 

Here are some information regarding the KAV engine used by AVK

I am running Windows XP SP2 RC2.

AVK store its virus base in \Program Files\Common Files\G DATA\AVKScanner\
The directory Base are for Kaspersky Engine
The directory Rave is probably for RAV Engine

Comparing the file there with a KAV 5.0.142 base file stored in
C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\Bases

Show that they use the same virus base
Nearly all the avc file seems in sync.
avp.klb, avp.set, avp.vnd and ca.avc are different
avchmk.dll,engine.cfg and engine.dt are not present in AVK base

The files pornware.avc, advware.avc and riskware.avc are missing from AVK so it is not the extended database. See
http://www.kaspersky.com/extraavupdates?chapter=146235718
for definition of extended database.

It Seems that the KAV Engine used by AVK is in avpbase.dll
mine is dated from May 26,2004 and show version 3.55.161.3491
AVK also use avp_io.vxd, avp_io32.dll and avp_iont.dll labeled as low level io libraries from Kaspersky

Sisko

 

dear Firefighter, thanks for your tests. but actually i was looking for a comparison between eXtendia and AVK, thats why RAV vs. BD. can you arrange it for us? many thanks again. RAV will end and users will switch to BD. i want to know if they'll gain or lose.

dear Sisko, you've done some good works. yes RAV uses the folder RAVE for storing its database. the file AVCHMK.DLL is used with KAV 5 engine. if you have HexWorkshop or WinHex you can compare the files byte by byte. or perhaps you can use a checksummer. both of the above has it. you can compare CRC values from WinZip or something like that. those IO libraries has the engine version. thats why i was pampering Firefighter to get the engine version of KAV in AVK.

 

Yes and no, because a virus in an archive is still a virus, I mean when we do a scan it is to clear the viruses, so if we have to delete the file or the archive ourself, it is stupid. Why having to do this ourself ? It is the job of the antivirus. Example : imagine you do not delete the virus, later on for some reason you uninstall your antivirus or disactivate it, and open the infected archive. Then bam you have the virus.

Oh and I found another antivirus which can cleans virus inside archives, it is Avast.

I used NOD32 before, and most of the time it was unable to delete any file, I always have to do this myself.

What I like with avast is the "scan upon next reboot" option, so less files are protected and the scan and cleaning can be done for more files.

 

To AMRX from Firefighter!

Unfortunately I just don't have AVK Pro 2004 installed in my PC. Supposing that AVK Pro 2004 will detect all those samples too what eXtendia KAV left behind but BitDefender 7.2 Free was able to detect. After that my "ugly seven list" looks like this.

Trojan like malware [449];
334 Backdoor & Trojan, 21 Exploit, 16 Script, 15 TrojanDownloader and 63 TrojanDropper

433 AVK Pro 2004

430 eXtendia KAV & RAV

427 eXtendia KAV

407 eXtendia RAV

386 MKS with AH

378 Panda Platinum 7.07.01

366 BitDefender 7.2 Free


Viruses [908];
77 BAT, 65 Macro, 5 WinHLP, 296 Win32, 418 Worm and 47 Other Viruses

874 AVK Pro 2004

870 eXtendia KAV & RAV

868 eXtendia KAV

842 eXtendia RAV

836 BitDefender 7.2 Free

836 Panda Platinum 7.07.01

810 MKS with AH


and finally Riskware [137];
27 Constructor, 6 Joke, 6 Keylogger, 63 PolymorphicEngine and 35 VirTool

91 eXtendia KAV & RAV

89 AVK Pro 2004

88 eXtendia KAV

74 MKS with AH

67 BitDefender 7.2 Free

66 eXtendia RAV

51 NOD32 with AH


Best regards,
Firefighter!

 

dear The Gloomy Kestrel, i agree with you regarding the NOD32 problem. sometimes it is very annoying. but when you say those thing about archived viruses, i can't agree with you anymore. well looks like we have some difference in opinions. atleast i'm not that careless so i'm happy without this virus cleaning capability.

dear Firefighter, thanks for those stats.

 

Based on all the positive stuff in this thread, I bought ExtendiaAVK Pro from the boomerangsoftware site. This was last Saturday, 24 july 2004 at 18.20 GMT.
After sending 2 emails I still have not received my Registration Code.
Also, all files (after installation) are dated 2002/2003.

With Win2K/SP4, AMD AthlonXP 1900 and 512MB ram, I also find the PC has become very sluggish. It takes about 5 seconds for opening lousy utility programs such as Notepad, and the same for closing.

Have I been "done"?

 

You need to do some tweaking in order fo the programs to open faster, for example:

In the monitor tab, exclusions, check c:\program files folder.
This really stopped the long delay in opening mozilla and other programs or you can set it to user defined and put the extensions in you want ta have monitored.
I may not have explained this well but there are some threads on this and I also got some help from another forum from a member that is very experienced with AVK. But it does take some tweaking and you will hardly notice it is there.

You can also run just one engine (KAV) for on access and use both for on demand.

As for tech support and registration, There tech support frankly sucks, it says 30 minute response to questions on week days during certain hours and I have not tested it, my AVK is working wonderfully and with just a few exceptions I do not even notice it. My registration was received instanly via email so I don't know what to tell you on that.
I hear they are working to improve it so we will see. It would be ashamed to have this excellent AV, not sell because of crappy tech support.

 

Since you have downloaded the program and installed AVK Pro, you would have been sent an email which gave;

1. A Password- to use to download the program.

2. An Antivirus Program Activation Code to register the software and to receive updates.

Your User Name and Password for the Internet update is obtained as soon as you log on to AVK Update Server with the activation code.

Then by double-clicking on the Virus Update command entry from the Action Area in the main GUI, an immediate update of virus signatures can be carried out. Simply enter the User Name and Password in the text boxes that appear.

Once installed, unless you have a new computer, AVK Pro with the double-engine selected for the running Monitor, can slow down your system considerably. You will find this with most of the multiple-engined AV's. Some tweaking is therefore necessary.

Deselect email archives and packed files in the monitor settings and leave file types on 'Automatic type recognition', then select only ONE of the engines.

You are paying the 'lower' price of $29 for an AV without adequate support and which only updates the virus definitions, NOT the engines. Therefore, IF you can run this AV smoothly on your computer and you will not need support then to answer your question, you have not been done! However, if you run into problems then you have, as there is no refund policy.

However, if you look closely at the original email that was sent which enabled you to download AVK Pro, you will find the information to update the program. Apply some tweaks and then see if you can use this AV successfully on your computer.

 

AVK is only good for slowing a PC.

 

I run both engines in on access mode with no noticeable slowdown except with spybot s&d and adaware. I just disconnect from internet, diable AVK, run these apps and in about 10 minutes I am done. Other than that, it is always on and does not slow any apps down on loading.

A little tweaking will make a lot od difference with the performance of this AV.

I am not trying to say it is the best but merely stating how it performs on my machine.

Try a little tweaking to see if you can get it to perform to your liking even if running only KAV for on access and do on demand with both engines. I think you will be pleased with it anti virus ability.

Good Luck

 

Used straight out of the box with the default settings of both engines, I agree. However, choosing only ONE of the engines and applying some tweaks should speed things up considerably.

On this laptop, running only one engine, there are 2 running services, AVKWCtl.exe and AVKService.exe, which are only taking up 2320Kb VM. So no slowdown is seen at all.

 

Thank you all for your answers.
it is now Monday 26 July 09:00am GMT and I still have not received my registration code!
No-one really answered my complaint about old files, other than that I can only update my definitions. I checked my PCs date/time and it is correct. Looking inside the install-file with Winzip, also reveals only out-dated files.
Anything I can do about getting that, or is that part of the update, once activated?

Where SHOULD I have bought the program, if one wants the full support? The gdata website sells the version with KAV/BitDefender, and I wanted KAV/RAV, which led me to either Extendia or Boomerang, which are the same as fas as I know.

If I have to, I'll buy another program from the "real" AVK people, if you can tell me their website/distributor. I have a few more PCs to protect anyway, one of which is not critical at all.

Thanks in advance for your answers.

 

realblackstuff

Did you read my response a few posts up. You MUST have the original email with the activation code you need to update the program initially; otherwise you would have not been able to dowload the program in the first place. Once you have used the activation code to obtain your UserName and password, you can then update ALL files.

I would not hold my breath waiting for support from Boomerang/Extendia as I know some people with licensed versions who have NEVER had a reply back from support. Even support from the parent GData is apparently not too hot. One of the disadvantages of being a small company.

My advice, particularly if you are looking to protect a number of computers is to have a look at an Antivirus which will offer you good support as part of the overall package.

For example, Kaspersky AntiVirus; which supplies one of the main engines in AVK Pro. Take a look at either v4.5 or the new version. Support in general is superb. Try the search button or take a look through some of the recent threads here for some infomation on KAV.

 

Thanks BlackCat.
The download-link came up on-screen at www.boomerangsoftware.com, as soon as my credit-card payment was accepted.
I never received any email from them, that's why I am so frustrated, because I cannot update, because of the missing code.
Could it be that someone "spoofed" their website to get hold of my credit-card details?

 

Different to my experience; after purchasing I received an email with an Activation code attached, which then linked to a username and password.

As regards 'spoofing' it is possible. Did you see the 'secure connection' sign?

But I think it is probably due to the fact that once your money has been obtained that's the only support they offer!!!!

Your best bet is to email every link you have for Extendia/Boomerang. Further, if you are in the States you can try phoning them.

If you have no success and paid by credit card, cancel the payment and let them chase up Boomerang. Then try using an AV which offers reasonable support.

PS I obtained my version from this site which needed the activation code;

http://www.extendiaavk.com/ which I noticed is not the site which you used

 

I’ve just finished reading this thread and it’s full of interesting stuff. Having 2 scanners in an antivirus program sounds like a good idea but I wish someone would combine an anti-trojan engine with an antivirus one so we get the best of both worlds. I’m currently using NOD32 but it missed some trojans that TDS found so am looking for a better solution.

 

Yes, I was on https://www.boomer....

All emails from either website go to e.g. sales@boomerangsoftware.com or techsupport@boom...
According to WHOIS, both websites are registered to the same company (boomerangsoftware at the same address as mentioned on their websites).
They do hosting as well, so a few extra websites makes no difference to them. Looks like Boomerang is the main website, with Extendiaavk specific for only the AVK product. Everything looks above board, I think.
I live in Ireland, so I'll take the time-difference into consideration (their EST vs. GMT for me) for a few more hours. I will call up only as a last resort.

I do appreciate your taking my case to heart.

 

I should have guessed you lived in the Emerald Isle by your username!!!!!!

I would therefore call as a last resort as you have no idea how much their support lines will cost!!!!!

Keep us posted as to your progress

Some bedtime reading here; http://www.dslreports.com/forum/remark,10526392~mode=flat~days=9999

 

I sent yet another email to both sales and techsupport, about 10 minutes ago.
In there I told them that I was reporting regularly about their poor service in this (Wilders Security Forums) and that I would continue to do so (and if necessary in other forums as well) until they either send my reg-code or refund my money.
Within 5 minutes I had an answer (in poor English) from techsupport