Kav Powered Av's

Do Kav powered Av's like GData AVK have KAV's heuristic engine? If they use KAV's heuristic engine, will the engine get upgraded when KAV's heuristic engine gets upgraded sometime in the future?
Or do they use their own?

 

f-secure uses its own heuristics as well as kaspersky's.
i think f-secure might get the kaspersky new heristics engine which is good news for people like Jerrym who has f-secure and kaspersky.
but it depends on the licenseing
lodore

 

Thanks again. Do you think GData will get it too? If it doesnt I predict that KAV will crush it and Avira will get the top score in on-demand

 

well again it depends on the contract but if they license the engine then the heuristics with the engine should be part of it.
i cant wait till the new kaspersky heuristics.
lodore

 

G-data actually has good heuristics thanks to the OutbreakShield from Commtouch (it's a bit heavy though).

I don't think F-secure will receive the new heuristics btw.

 

Why do you think F-Secure will not receive it?

 

If it is part of the KAV engine, and does not involve a new software distribution kit, then anyone who uses the KAV engine will get it. In case it is a major engine update which involves a new SDK, then the vendors will have to upgrade their programs to get the new features.

AFAIK KAV's new heuristic engine will be distributed as part of normal updates using *.avc files, which means F-Secure as well as GDATA has a good chance of getting the new heuristics engine.

 

thanks for the input

 

Yes, in the past this has been how it was done, but the past is the past. The point is that don't be so sure this time around.

 

Of course, GDATA and F-Secure both stand to profit from Kaspersky's new heuristics engine, so they may just upgrade their products to include this functionality (if the heuristics upgrade needs a new SDK).

 

Does the 5.X engine uses the same technique with signatures as the 6.X engine? Maybe the new heuristics uses something in the new 6.X engine? Then F-secure and all other kav engine users will not get it because they use the 5.X engine

 

There is no such thing as 5.x and 6.x engine. KAV engine is unified. Unless you count PDM as part of a scan engine...

 

http://www.eweek.com/article2/0,1759,2074772,00.asp

"As a differentiator, Kaspersky said the company is shipping a brand-new Version 6.0 engine in its own product suite and is licensing the 5.0 version to partners."

 

This is part of their marketing, it is indeed true: version 6 is brand new product. But the engine (per se) is one...

When talking to OEM users, kaspersky says that there is basically no difference from engine version 6 and what they supply in the SDK.

Rejzor couldn't say it better...

Fax

 

the base engine is the same but version 6 has ichecker and iswift technlogys and the others just use the engine.
lodore

 

Considering all that has been said regarding KAV "engines" version 4.5, 5.0 and 6.0, I would make a guess that the scan engine and the program interface/APIs/Scanner service and plugins interface are different. The scan engine is the same for all versions of KAV while the plugins interface may be older or different for OEMs as compared to what KAV itself has. Keep in mind that if this is true, it should still have no effect whatsoever on detection rates or features as any experienced developer would know to code their own plugins for the APIs provided by the product.

Therefore, the scan engine for KAV and its clones is the same, but the APIs and interfaces are not. Of course, this is just speculation.

 

The version 5 line of products had iStreams, which caused controversy amongst some users due to adding ADS tags to files. Does this mean products like F-Secure do the same or is this technology relevant to Kaspersky program versions only?

 

iStreams is provided as option in the Software Development Kit, which means that the vendor has the option to use it. No KAV clone I know of has used iStreams, except maybe Defender Pro.

 

I think that would also depend on whatever type of contractual agreement the 2 companies have. And personally if that is the attitude of Kaspersky, my advice to F- Secure is go get an even better scanning engine for next year. Avira.

 

i dont think f-secure will be willing to get rid of the kav engine.
i mean Cmon they still use the crappy ad aware engine
lodore

 

(pop up) But Lodore, (popup) it still isnt (popup) as bad, as (popup) some things(popup) like the firewall in (popup) KIS.(popup)

 

i just pointing out that they should of replaced the ad aware engine
or just taken it out and not replaced it.
if they put in the antivir engine instead the removal rate wouldnt be as good..
lodore

 

excuse me, are you saying the removal rate from the AV side wouldnt be as good. Why? Everything I have ever seen says it would be better. And wouldnt it be interesting for them to dump Lavasoft for say,,,, SAS.

 

so your saying that the removal rate of malware is better in antivir than kav?
we both know that kaspersky is better at removing malware.
there have been quite a few threads recently about antivir not being able to remove malwareit detects.
it would be great f-secure dumping ad aware engine and using SAS
lodore

 

you may want to venture over to IBKs place and look at Retrospective / ProActive - Test November 2006