Anyone know anything about Kaspersky getting a new heuristic engine?

Discussion in 'other anti-virus software' started by colt45allstar, Jun 24, 2006.

Thread Status:
Not open for further replies.
  1. colt45allstar

    colt45allstar Registered Member

    Joined:
    Jun 9, 2006
    Posts:
    65
    That's what I read about on The Kaspersky forums anyway.. sometime later this year (seems to be November or December for a target date) Has anyone else heard anything about this?

    Still have 14 days left on my Nod32 trial and to be perfectly honest... still haven't made up my mind, but am leaning toward Nod by the slightest of margins.

    That being said... if Kaspersky's indeed working on better heuristics to go hand in hand with their frequent signature updates.. that might be enough to push it ahead. I love their frequent signatures.. but I don't love their inferior heuristics in comparison to Nod.

    Thank God I still have two weeks to decide!
     
  2. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Well KAV6 Proactive Defense is far from "inferior" against NOD32 heuristics.
    It's not a regular heuristic engine but since you won't be running email server that doesn't really change anything.
     
  3. colt45allstar

    colt45allstar Registered Member

    Joined:
    Jun 9, 2006
    Posts:
    65
    To be fair when I was trialing Kaspersky.... it was with Kaspersky 5 and it didn't yet have the proactive defense... that I can remember anyway?!?

    This is the thread and the page of the thread that the new engine is first mentioned.

    It's at the bottom of the page (at least the Nov/Dec reference... it's actually talked about a little before that)

    http://forum.kaspersky.com/index.php?showtopic=16801&st=0
     
  4. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    Yes, Kaspersky is developing a new heuristics engine for KAV. This heuristics engine will probably be delivered via regular updates. Most likely KAV 4.5+ and all KAV based products will benefit from the new heuristics engine.
     
  5. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    The nov/dec date comes straight from the one who is heading the development, so yes it is correct, but as RejZor said, the proactive defense in 6.0 isn't exactly inferior compared to Nod32's heuristics.
     
    Last edited: Jun 25, 2006
  6. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    As far as know u can,t compare heuristics with proactive defence. They are different. So u can,t compare the two.
     
  7. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    ~snipped non-existing post....Bubba~

    I'd go with KAV or even F-Prot when the new version is final.
     
    Last edited by a moderator: Jun 25, 2006
  8. ellison64

    ellison64 Registered Member

    Joined:
    Oct 5, 2003
    Posts:
    2,499
    Unless you happen to be running older operating systems like 98/se/me where kavs proactive defence is pretty worthless ,in its absence.If the posters running newer OS then kav would be my personal choice though.
    ellison
     
  9. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    as far as I know version 7 will include a new heuristic engine.
     
  10. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    Not true, you do not need to wait for version 7, both version 5 & 6 will receive it when ready in nov/dec.
     
  11. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    Yes, thats true, but even 98 users will be protected just fine, compared to any other AV with "just" the signatures and the present version of the heuristics.:)
     
  12. ASpace

    ASpace Guest

    And I would disagree with that . Most of my users already have SPI/NAT router , all 98 and 2000 have ZoneAlarm free and all my clients are well-protected now with the firewall and NOD32 . NOD32's advanced heuristics can save somebody's computer from vulnerabilites such as these from Word and Excel , the recent :D Moreover , if you talk about one products only , don't be so sure because ESET are developing their new ESET Security Suit which is coming at the end of the year and we still can't say if it will be OK , if it will be better or worse , the time will show :D

    Best regards!

    HiTech_boy
     
  13. Stan999

    Stan999 Registered Member

    Joined:
    Sep 27, 2002
    Posts:
    566
    Location:
    Fort Worth, TX USA
    I am not sure you can compare KAV's Proactive On-Execution Defense
    with heuristics proactive defence?

    For example you can't just scan a file with a Proactive On-Execution Defense
    but instead need to run it and hope for the best.

    Good relevant post here:
    https://www.wilderssecurity.com/showthread.php?p=775724#post775724
     
  14. ASpace

    ASpace Guest


    :thumb:
     
  15. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,047
    And if heuristic's misses it...
     
  16. Stan999

    Stan999 Registered Member

    Joined:
    Sep 27, 2002
    Posts:
    566
    Location:
    Fort Worth, TX USA
    That wasn't my point. Just seems odd that folks keep comparing a Proactive On-Execution Defense with a heuristics proactive defense. They both have their respective advantages and disadvantages.
     
  17. TNT

    TNT Registered Member

    Joined:
    Sep 4, 2005
    Posts:
    948
    Oh, please. A heuristic scan engine will never, EVER save you from "vulnerabilities". It's not its job, it won't do it, period.

    It might detect unknown malware, that's about it. Malware and vulnerabilities are completely different things and let's treat them as such, please.
     
  18. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    Of course you can compare it detectionwise, it's the endresult that matters (eg detected or not), the proactive wil catch more, the fact that you have to run it (the file/malware)............well how many times have Marcos told users of Nod that were complaining a certain malware wasn't detected via on-demand, that it would be detected when executed.;)
     
  19. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Actually thats BS in NOD32 case because it's not using behavior blocker on host level but in virtual environment (aka sandbox if you want). So if it misses it on-demand it will as well miss it on-access.
    That's however not the case with KAV6.
     
  20. ASpace

    ASpace Guest

  21. TNT

    TNT Registered Member

    Joined:
    Sep 4, 2005
    Posts:
    948
    I see. Thanks to its "advanced heuristics" they created a patch when the vulnerability was ALREADY KNOWN. Wow.

    Sorry, how's that protecting against vulnerabilities? That's only a generic detection of a KNOWN exploit.
    Same here. By the way, I'm sick and tired of this absurd use of "zero-day" by vendors.

    "Zero day exploits" are NOT publicly known exploits for which no patches yet exist, and especially are NOT exploits for which no patch by the developer yet exists. They are exploits that were created before or the same day the vulnerability became public knowledge.
     
    Last edited: Jun 27, 2006
  22. ASpace

    ASpace Guest

    What they created was made only two or three hours after Microsoft gave it publicity.A lot of trojans were created in these some hours that used that exploit


    When a malware tries to use this vulnerabity in order to perform malicious actions NOD32 will be able to kill it proactively so this is the way NOD32 protects against vulnerabilities.Note that NOD32 advanced heuristics study what a file will be doing
     
  23. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    No, no AV can save you from vulnerabilities. They can just protect you from malware that is using vulnerabilities as means of distribution.
    Thats a huge difference.
     
  24. ASpace

    ASpace Guest

    Yes , yes :thumb: that is exactly what I am trying to explain in my previous posts :D
     
  25. Stan999

    Stan999 Registered Member

    Joined:
    Sep 27, 2002
    Posts:
    566
    Location:
    Fort Worth, TX USA
    I noted that IBK's results were based on KAV's Proactive On-Execution behaviour blocker set at the max settings. Is that the recommended setting for the average user?
     
Loading...
Thread Status:
Not open for further replies.