Re: An Education for the TLA's
I'm sure that just about everyone for whom it would be relevant has read the Kaspersky source that leaked a number of years ago, and/or reverse engineered any parts that would be interesting.
But really, there's not much to see in standard AV software. Basically, if you sit down and try to accomplish the same thing as they do, you'll realize there are only a few ways it can be done. At most there'll be some rootkit detection tricks and such, but they will almost by definition be useless since rootkit authors will have tested their stuff against the AVs and worked around it already.