Online Armor + AV question's

Discussion in 'other anti-malware software' started by muf, May 9, 2006.

Thread Status:
Not open for further replies.
  1. muf

    muf Registered Member

    Joined:
    Dec 30, 2003
    Posts:
    926
    Location:
    Manchester, England
    Hi,

    Does anyone know which version of KAV this newest OA uses? If it's version 5 then will OA+AV be updated to include KAV 6 once KAV 6 is released(any time now).
    Also, are there discounts applied to existing OA customers. I have a licence for the basic version and could not see an option on the website to upgrade at a reduced price. OA+AV has been released easily long enough for a disocunted price option to have appeared on the TallEmu website by now. Or do i take it that existing customers will have to stump up the full amount?

    Another thing. Does this OA+AV have the ability to detect kernel level keyloggers? This function was suggested to be integrated by xmas 2005. We are now in May 2006 and i see no indication it has ever happened.

    muf
     
  2. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,047
    Hi Muf

    You might post this question to Mike in the OA forum's. There are a lot of issue's still being worked on.

    Pete
     
  3. beetlejuice69

    beetlejuice69 Registered Member

    Joined:
    Mar 16, 2005
    Posts:
    780
    ...and Mike said that the KAV 6 engine will be implemented when it`s ready.
     
  4. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,654
    Location:
    Sydney, Australia
    Hi Muf - it's v5 - when KAV6 is out, we'll upgrade to it.

    I like to think we do Customer Service a bit better than that. You will be able to upgrade from your existing OA for $20, which will give you a year of updates as well.

    Pete is right that we're still working on some issues - If you have a look at the (new) site, you will see that right now it's not even possible for anyone to purchase AV+ at all... just to take the eval. This is because our licencing service has been completely re-written, and is not yet integrated with the Online Store. We're also releasing an update to the standard Online Armor - some feature enhancements (SpamShield), performance optimisations and to utilise the new licence service as well. I'm hoping to have that all finalised by the end of the week, and get all of the migration from the old OA/old licence service migrated over to new OA/new licence service.

    AV+ will detect whatever KAV detects - and KAV does detect some kernel mode keyloggers.

    The Online Armor Kernel mode code you speak of is still in final stages of development and testing as the first cut (which a few people tested, including Pete) did not make the grade. It's not just a kernel mode keylogger detector, it's a complete kernel mode driver with similar capabilities to Regdefend/PG, Keylogger detection - and a re-implementation of the OA web and mail proxies in Kernel mode.

    The main reason for the delay on this is the AV+ release which we needed to get out there for commercial reasons. I do have a current version of it which seems, so far, to be nice and stable on XP , but not so solid on my Windows 2000 Server test box.

    I'll be in a better position to give you a firm estimate on the delivery of this next week, once I get the admin stuff out of my hair. As you might imagine, with releasing a new product, new website and so on I've been running around like a one-armed paper-hanger...


    Cheers


    Mike
     
  5. beetlejuice69

    beetlejuice69 Registered Member

    Joined:
    Mar 16, 2005
    Posts:
    780
    *OUCH* :)
     
  6. muf

    muf Registered Member

    Joined:
    Dec 30, 2003
    Posts:
    926
    Location:
    Manchester, England
    Thanks all for the responses. Especially Mike. Yeah, i re-read my comments regarding the upgrade and i'll not edit them, but needless to say i realise that my comments were a little abrupt. Sorry about that. Bad day at black rock! Keep up the good work and i look forward to the new toys ;)

    muf
     
  7. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Starring Spencer Tracy. Oi vey, you must be really old!:cool:
     
  8. muf

    muf Registered Member

    Joined:
    Dec 30, 2003
    Posts:
    926
    Location:
    Manchester, England
    Actually, not that old. I've still to visit my 40th birthday(but it's too close for my liking). But i am a connaisseur of good old films. Bad day at black rock falls easily into this category. I was born in the wrong era!!!

    muf
     
  9. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,654
    Location:
    Sydney, Australia
    I only remember Fraggle Rock!

    The shame!
     
  10. ftwynne59

    ftwynne59 Registered Member

    Joined:
    May 24, 2005
    Posts:
    185

    Hi Mike

    I know you are busy with your new products....but any news on the 'feature enhancements' for the standard version of Online Armor ?

    Regards
    ftwynne59
     
  11. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,654
    Location:
    Sydney, Australia
    Hi ftwynne59,

    Yes! Like everything, it's taken a little longer that I would have hoped, but during the next couple of days I hope to have the migration finished from the old OA to the new OA. It shares code with AV+ - so the enhancements made inside AV+ (except AV engine, of course) will all be present inside OA.

    Briefly, these are:

    • SpamShield
    • Performance optimisation in HTTP filters
    • Various small cosmetic fixes
    • Use of new licence/update server
    • Consolidated a few external dll's to reduce resource useage (esp. on Win9x systems)
    • Revised safety check wizard (faster, better)
    • Background file scanning

    This is what should be out of the door in the next few days. I'm not sure how other's experience has been, but my favorite new feature has been the SpamShield because it gets nearly all of my Spam. It's pretty cool :)

    Aside from that, we've been working quietly on the new Kernel mode driver for Online Armor for those users on NT+ systems. It basically does/hooks mostly the same things as the current Online Armor except in kernel mode. We've also extended it a bit to make it possible to detect rootkits, kernel mode keyloggers and protect against all of the "Kills" in the APT test tool for example (OA currently only self-protects against a couple of kills, and then only in usermode). The extended self-protection that we've built will only be used to protect Online Armor in the first instance, but the plan is to make full use of these functions in later uses of Online Armor as the GUI will need a redesign to cater for the new features.

    This is nearly ready for more serious testing (but not beta testing yet). Once I'm confident the core is stable, we'll start to roll it into OA and get it out for some testing.

    At the same time, we're working on a kernel-mode reimplementation of the Web and Mail proxies inside Online Armor - again, to get rid of usermode hooking. This should make us compatible with Opera (yay!) which goes in below the winsock level, and further reduce resource useage on non 9x systems.

    This has only started "in anger" today - but it's based on the proof of concept firewall we built a month or so ago. Once the Web and mail proxies are done, then we add the firewall capability. Then, it's on to Online Armor 2.0 which will implement a lot of the new capabilities I have spoken about before.

    Hope that helps

    Cheers

    Mike
     
  12. ftwynne59

    ftwynne59 Registered Member

    Joined:
    May 24, 2005
    Posts:
    185
    Thanks for the prompt and detailed response Mike....keep up the good work !!

    Cheers

    Terry
     
  13. muf

    muf Registered Member

    Joined:
    Dec 30, 2003
    Posts:
    926
    Location:
    Manchester, England
    Mike,

    I have another question regarding OA+AV. Currently i use OA standard with KAV 6. My licence for KAV 6 expires next month. I'm aware that KAV 6 has these new proactive defences and also a registry guard. Are these being implemented into OA+AV or is it simply going to use the KAV malware database only?

    Thanks,
    muf
     
  14. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,654
    Location:
    Sydney, Australia
    Hi Muf,

    We will not use the KAV proactive defences but we will be dramatically extending what OA does in that area - Reg Protection, Process Protection, there's a lot of things in the pipeline.

    Happy to answer your questions in detail by PM - I think if I go much further in here, I'll get jumped on for providing one on one support.


    Cheers

    Mike
     
  15. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,654
    Location:
    Sydney, Australia
    Hi Guys,

    The latest version of Online Armor has now been uploaded to the Tall Emu website.

    It contains:

    * SpamShield
    * Performance optimisation in HTTP filters
    * Various small cosmetic fixes
    * Use of new licence/update server
    * Consolidated a few external dll's to reduce resource useage (esp. on Win9x systems)
    * Revised safety check wizard (faster, better)
    * Background file scanning

    If you're desparate to get the latest version, you'll need to download it from the site and re-install it.

    I plan to have the latest version out on automatic updates over the next few days, we're just double-checking the upgrade from build 650 to make sure we don't break anything.

    Cheers


    Mike
     
  16. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    Hello,

    If Online Armor AV+ will have the KAV 6 engine soon, then will it also have KAV 6's new features as well as the behaviour-based blocker? :)
     
  17. .....

    ..... Registered Member

    Joined:
    Jan 14, 2005
    Posts:
    312
    Look two posts up from yours Firecat:

     
  18. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,654
    Location:
    Sydney, Australia
    Hi Firecat,

    The SDK for the Antivirus engine (which is the only part we have used) is the same in KAV6 as KAV5 - so, my initial information was incorrect.

    Just so there's no confusion - Online Armor AV+ is not a re-wrapped KAV. Features you may find in KIS6 will not necessarily be in Online Armor - and those in Online Armor (such as the background file scan) may not be in Kaspersky products.

    What we've done is licenced the core Antirvirus scanner (and databases, and updates), which scans a single file, when we tell it to. All the rest of the work around it is Online Armor. We tell the engine which file to scan, and when, and how.

    We added it in primarily to help users identify and remove malware because the Online Armor database focuses primarily on safe files, rather than dangerous files.

    The thing about doing it this way is that it gives us flexibility in how we implement it - we're not just calling a pre-rolled "Scan this system" function out of KAV - we get to call the shots, without writing a new AV engine.

    Hope this helps.

    Mike
     
  19. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    Thanks for the answer. I do believe OA AV+ is an extremely good product. :)
     
  20. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia
    Mike

    I think the concern of updating from KAV 5 to KAV 6 stems from some of the conflicts there was with KAV 5 and a few other programs.That would be my only reason for wanting the update to KAV 6 in your product.Has it been updated yet?.And if possible because i'm extremely busy today, could you provide a link to the OA-AV+ trial download.Thank you.
     
  21. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,654
    Location:
    Sydney, Australia

    Please see here: https://www.wilderssecurity.com/showpost.php?p=755392&postcount=18


    Download link: http://dl1.online-armor.com/downloads/OnlineArmor_Setup_AV-Plus_Trial.exe



    Mike
     
  22. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia
    Mike

    Thank You.
     
Loading...
Thread Status:
Not open for further replies.