Kav Powered Av's

Discussion in 'other anti-virus software' started by MalwareDie, Dec 20, 2006.

Thread Status:
Not open for further replies.
  1. MalwareDie

    MalwareDie Registered Member

    Joined:
    Dec 8, 2006
    Posts:
    500
    Do Kav powered Av's like GData AVK have KAV's heuristic engine? If they use KAV's heuristic engine, will the engine get upgraded when KAV's heuristic engine gets upgraded sometime in the future?
    Or do they use their own?
     
  2. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    f-secure uses its own heuristics as well as kaspersky's.
    i think f-secure might get the kaspersky new heristics engine which is good news for people like Jerrym who has f-secure and kaspersky.
    but it depends on the licenseing
    lodore
     
  3. MalwareDie

    MalwareDie Registered Member

    Joined:
    Dec 8, 2006
    Posts:
    500
    Thanks again. Do you think GData will get it too? If it doesnt I predict that KAV will crush it and Avira will get the top score in on-demand
     
  4. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    well again it depends on the contract but if they license the engine then the heuristics with the engine should be part of it.
    i cant wait till the new kaspersky heuristics.
    lodore
     
  5. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    G-data actually has good heuristics thanks to the OutbreakShield from Commtouch (it's a bit heavy though).

    I don't think F-secure will receive the new heuristics btw.
     
  6. MalwareDie

    MalwareDie Registered Member

    Joined:
    Dec 8, 2006
    Posts:
    500
    Why do you think F-Secure will not receive it?
     
  7. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    If it is part of the KAV engine, and does not involve a new software distribution kit, then anyone who uses the KAV engine will get it. In case it is a major engine update which involves a new SDK, then the vendors will have to upgrade their programs to get the new features.

    AFAIK KAV's new heuristic engine will be distributed as part of normal updates using *.avc files, which means F-Secure as well as GDATA has a good chance of getting the new heuristics engine.
     
  8. MalwareDie

    MalwareDie Registered Member

    Joined:
    Dec 8, 2006
    Posts:
    500
    thanks for the input
     
  9. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    Yes, in the past this has been how it was done, but the past is the past. The point is that don't be so sure this time around.
     
  10. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    Of course, GDATA and F-Secure both stand to profit from Kaspersky's new heuristics engine, so they may just upgrade their products to include this functionality (if the heuristics upgrade needs a new SDK). :)
     
  11. Netherlands

    Netherlands Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    159
    Does the 5.X engine uses the same technique with signatures as the 6.X engine? Maybe the new heuristics uses something in the new 6.X engine? Then F-secure and all other kav engine users will not get it because they use the 5.X engine :D
     
  12. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    There is no such thing as 5.x and 6.x engine. KAV engine is unified. Unless you count PDM as part of a scan engine...
     
  13. Netherlands

    Netherlands Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    159
    http://www.eweek.com/article2/0,1759,2074772,00.asp

    "As a differentiator, Kaspersky said the company is shipping a brand-new Version 6.0 engine in its own product suite and is licensing the 5.0 version to partners."
     
  14. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,728
    Location:
    localhost
    This is part of their marketing, it is indeed true: version 6 is brand new product. But the engine (per se) is one...

    When talking to OEM users, kaspersky says that there is basically no difference from engine version 6 and what they supply in the SDK.

    Rejzor couldn't say it better...

    Fax
     
  15. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    the base engine is the same but version 6 has ichecker and iswift technlogys and the others just use the engine.
    lodore
     
  16. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    Considering all that has been said regarding KAV "engines" version 4.5, 5.0 and 6.0, I would make a guess that the scan engine and the program interface/APIs/Scanner service and plugins interface are different. The scan engine is the same for all versions of KAV while the plugins interface may be older or different for OEMs as compared to what KAV itself has. Keep in mind that if this is true, it should still have no effect whatsoever on detection rates or features as any experienced developer would know to code their own plugins for the APIs provided by the product.

    Therefore, the scan engine for KAV and its clones is the same, but the APIs and interfaces are not. Of course, this is just speculation. :)
     
  17. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,634
    Location:
    UK
    The version 5 line of products had iStreams, which caused controversy amongst some users due to adding ADS tags to files. Does this mean products like F-Secure do the same or is this technology relevant to Kaspersky program versions only?
     
  18. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    iStreams is provided as option in the Software Development Kit, which means that the vendor has the option to use it. No KAV clone I know of has used iStreams, except maybe Defender Pro.
     
  19. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    I think that would also depend on whatever type of contractual agreement the 2 companies have. And personally if that is the attitude of Kaspersky, my advice to F- Secure is go get an even better scanning engine for next year. Avira.
     
  20. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    i dont think f-secure will be willing to get rid of the kav engine.
    i mean Cmon they still use the crappy ad aware engine:D
    lodore
     
  21. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    (pop up) But Lodore, (popup) it still isnt (popup) as bad, as (popup) some things(popup) like the firewall in (popup) KIS.(popup):rolleyes:
     
  22. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    i just pointing out that they should of replaced the ad aware engine
    or just taken it out and not replaced it.
    if they put in the antivir engine instead the removal rate wouldnt be as good..
    lodore
     
  23. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    excuse me, are you saying the removal rate from the AV side wouldnt be as good. Why? Everything I have ever seen says it would be better. And wouldnt it be interesting for them to dump Lavasoft for say,,,, SAS.;)
     
  24. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    so your saying that the removal rate of malware is better in antivir than kav?
    we both know that kaspersky is better at removing malware.
    there have been quite a few threads recently about antivir not being able to remove malwareit detects.
    it would be great f-secure dumping ad aware engine and using SAS
    lodore
     
  25. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    you may want to venture over to IBKs place and look at Retrospective / ProActive - Test November 2006
     
Loading...
Thread Status:
Not open for further replies.