App Review K7 Ultimate Security 2022

[anirbandutta01]

Excellent choice for Eset!
It's very light, very efficient, and it's one of the few to have Hexa detections on multiple malwares!

@Shadowra I'm planning to install ESET Antivirus, but previously it was conflict with windows firewall ( a message always popped up after system start that allows access to third party firewall or port should be open etc. ) I'm using windows built in firewall not any third-party. What's the actual problem could you please help me ??

 

[TedCruz]

@Shadowra I'm planning to install ESET Antivirus, but previously it was conflict with windows firewall ( a message always popped up after system start that allows access to third party firewall or port should be open etc. ) I'm using windows built in firewall not any third-party. What's the actual problem could you please help me ??

ESET is the third party firewall

 

[vonvon]

I have no problem when using Eset Internet Security, no pop up from windows built in firewall.

 

[Shadowra]

@Shadowra I'm planning to install ESET Antivirus, but previously it was conflict with windows firewall ( a message always popped up after system start that allows access to third party firewall or port should be open etc. ) I'm using windows built in firewall not any third-party. What's the actual problem could you please help me ??

I don't have this problem on my side

 

[anirbandutta01]

ESET is the third party firewall

Okay should I disable windows firewall??

 

[anirbandutta01]

I don't have this problem on my side

What's the problem? Port should be open or allow firewall etc. Message popped up..

 

[anirbandutta01]

I have no problem when using Eset Internet Security, no pop up from windows built in firewall.

Oh okay

 

[TedCruz]

Okay should I disable windows firewall??

ESET Firewall is just a GUI on top of Windows Firewall. Majority of in Suite firewalls nowadays are just an overlay, easier to use interface to the Windows Firewall. So no do not disable windows firewall, the ESET suite will do that for you and it will basically act as a configuration overlay for your windows firewall. But that being said, this is not the thread to talk about this. If you need help with ESET then take it to the ESET subforum, this is a testing subforum where one talks about the results of a test and not asks for ESET related support questions.

 

[anirbandutta01]

ESET Firewall is just a GUI on top of Windows Firewall. Majority of in Suite firewalls nowadays are just an overlay, easier to use interface to the Windows Firewall. So no do not disable windows firewall, the ESET suite will do that for you and it will basically act as a configuration overlay for your windows firewall. But that being said, this is not the thread to talk about this. If you need help with ESET then take it to the ESET subforum, this is a testing subforum where one talks about the results of a test and not asks for ESET related support questions.

Okay thanks

 

[SeriousHoax]

ESET is really very good choice but it's slow down internet speed & popped up a message that firewall exception required .. something like after time I started computer, using just windows 11 built in firewall no third-party firewall, it might be ESET configuration problem ( ESET NOD32 Antivirus )

You used the NOD32 version which doesn't have a firewall. If you can upgrade your license to Internet Security then you won't have an issue as ESET has its own Firewall.
But with that said, I'm curious to know what type of inbound connection attempt ESET made which was blocked by Windows Firewall. Without screenshots, it's not clear.

 

[anirbandutta01]

You used the NOD32 version which doesn't have a firewall. If you can upgrade your license to Internet Security then you won't have an issue as ESET has its own Firewall.
But with that said, I'm curious to know what type of inbound connection attempt ESET made which was blocked by Windows Firewall. Without screenshots, it's not clear.

Okay I'll try to upload screenshot

 

[vokeb]

Totally bad product , got hit by an redline stealer and amadey and k7 told me it blocked attack but i noticed suspicious usage on my google account and facebook and task manager and i installed trend micro total security and what a surprise the viruses were active .

 

[Trident]

@Shadowra You were using the old version. To get the new MAT version now you need to buy a new license, as there is no trial version for it. In a month or so, users of the old version will get an upgrade to the new MAT version too. That's what K7 told me anyway.

View attachment 270067

This UI looks like it was designed on PowerPoint.
As a high-school assignment.
I’ll do a better UI moving the mouse with my nose.

Also, is K7 releasing AI technologies now? What were they doing till now?

 

[vokeb]

This UI looks like it was designed on PowerPoint.
As a high-school assignment.
I’ll do a better UI moving the mouse with my nose.

Also, is K7 releasing AI technologies now? What were they doing till now?

Not only their ui is badly designed but opening real time protections settings takes an entire minute on not responding state.
Their coding is very buggy expect it to don't block threats they even detected and blocked .
Till now theres nothing lighter than eset that's why I wanted to give it a try but even eset sucks against new ransomware.

 

[poopdookie]

if it missed redline stealer thats pretty horrifying...

 

[Trident]

if it missed redline stealer thats pretty horrifying...

Antivirus missing threats is completely normal. There is no defence that can provide 100% protection neither from stealers, nor from anything else. Detection should always be balanced with performance and lack of false positives and this balance is what criminals exploit to evade detection.

For example, the more you optimise the antivirus for lightness, the less emulation your engine performs (there is no other way) and the less API calls the behavioural blocking monitors and reports. These are just natural limitations not only of K7, but of the whole industry. But or course, some miss more than others — K7 is more on the miss side than let’s say Kaspersky, Bitdefender or Norton.

 

[vokeb]

Antivirus missing threats is completely normal. There is no defence that can provide 100% protection neither from stealers, nor from anything else. Detection should always be balanced with performance and lack of false positives and this balance is what criminals exploit to evade detection.

For example, the more you optimise the antivirus for lightness, the less emulation your engine performs (there is no other way) and the less API calls the behavioural blocking monitors and reports. These are just natural limitations not only of K7, but of the whole industry. But or course, some miss more than others — K7 is more on the miss side than let’s say Kaspersky, Bitdefender or Norton.

Stop comparing k7 with Kaspersky bitdefender or norton and even eset it's a an insult to those houndreds of million of dollars in research.
K7 is an old Indian product which is underdeveloped, you can write an shitty product even if it's light or heavy on resources.
About the emulation enginee thing you said in defense of k7 makes no sense there's malware which now avoid emulation it's just that k7 mat feature of machine learning for it's behaviour blocker is a marketing lie for now atleast in their home products as I didn't tested their corporate suits.
An antivirus enginee does not call on apis unless it's calls for cloud analysis aswell???

 

[Trident]

Stop comparing k7 with Kaspersky bitdefender or norton and even eset it's a an insult to those houndreds of million of dollars in research.

What do you want me to compare it with then? Shampoos and conditioners?

K7 is an old Indian product which is underdeveloped, you can write an shitty product even if it's light or heavy on resources.

All of the antivirus companies are “old”.

About the emulation enginee thing you said in defense of k7 makes no sense there's malware which now avoid emulation it's just that k7 mat feature of machine learning for it's behaviour blocker is a marketing lie for now atleast in their home products as I didn't tested their corporate suits.

I am telling you how antiviruses are optimised for lightness and I am giving you examples. To make an antivirus lighter, compromise must be made in some protections, in the name of boosting performance. That’s how programming works not only at K7 or antivirus products, this is how it works in general.

Malware is not evading emulation just “now”, it has been evading emulation since the millenia. To learn more about that visit evasions.checkpoint.com and read everything there carefully.

An antivirus enginee does not call on apis unless it's calls for cloud analysis aswell???

Every product calls APIs at all times, this is how programming works and this is how your OS and everything works. You open your start menu, it’s an api call. You browse in Chrome, it’s API calls. You do video call - well guess what, it’s APIs again.

By reducing the number of API calls monitored, behavioural blocking is optimised to be lighter and in parallel becomes less effective.

And yes, we can all agree K7 is bad.

 

[vokeb]

Again you have not much idea you talking about when we talk about emulation we talk about the sandbox features of an antivirus platform , the zone alarm of israel checkpoint for corporate products sucks in general also just as their home zone alarm being equally as bad as k7 computing products for home users .
And no clicking on a program button its not about api calls in the scenario on antivirus enginee call to cloud protections is but Simply put, the moment you add an endpoint to a URL and send a request to a server, this is what counts as making an API call. For example, when you log on to any app or ask a question via a browser, you are actually making an API call.
Apis are a bridge between an inside part and outside part of an application -API is the acronym for application programming interface — a software intermediary that allows two applications to talk to each other. APIs are an accessible way to extract and share data within and across organizations-
So clicking on my computer system or apps that does not outside components that connects outside my machine or another product inside my machine are not related to api .
I suggest you to stop going offtopic just to recall back yeah k7 is bad .

 

[Trident]

Dude I am not gonna waste my time talking to you. I have explained to you few times now that all programs for Windows work by calling native Windows APIs. That’s why it’s not possible to use Android/ iOS/Mac OS software on Windows, because the relevant APIs are absent from the OS and calling them will produce nothing but an error, unless an emulator (such as the Android subsystem for Windows) is used. This emulator will provide the necessary environment and APIs.

Reducing the number of API calls from apps to Windows (and hardware) monitored is one way to make behavioural blocking lighter, not the only one. Other optimisations are filtering safe, signed processes and many others.

The emulator engine in an antivirus works by emulating instructions-of-interest that seem unknown and suspicious to static analysis engines. This allows to detect more threats such as packers for which static analysis is notoriously ineffective as it it can’t extract attributes. Another way to optimise the antivirus for lightness is to reduce the number of instructions emulated.

Please educate yourself and don’t waste my time.

The discussion is not off-topic, it is in relation to K7 lightness.

Also, CheckPoint is leader on cloud detonation, together with CrowdStrike.