Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Written Reviews - Security and Privacy
K7 Total security
Message
<blockquote data-quote="Der.Reisende" data-source="post: 888380" data-attributes="member: 32430"><p>Agree, super light AV, decent signatures (at least for .exe, not so for scriptors and office files).</p><p>BB is also very reactive, seems to not rely on the cloud like many other products (works offline, too).</p><p>Lacking in terms of Ransomware Protection though (it does have DataLocker though, which prevents file encryption for covered folders - by default documents, pictures - by 98%, during my testing in the HUB, in very rare cases RW bypassed folder protection).</p><p>And sometimes HIPS does not recognize new AutoRuns (for example by scriptors), it did sometimes remove them after 20-30 minutes, not that stable yet.</p><p>But in most cases, you should be safe, even more as usually malware does not tend to pop up in bunches on the local machine like in the HUB tests, but rather takes the way via the browser, where K7 Web protection shines (at least for malware links).</p><p></p><p>EDIT: I really dislike there seems to be no option to ask for outbound by trusted M$ processes, even in highest settings (apart from block everything), they're whitelisted on outbound attempt.</p><p>Better create your own list for (later hollowed) Windows .exe you don't want to see call outbound.</p><p>All other services are ask first as intended (if you change firewall behaviour to do so, by default it doesn't).</p><p></p><p>[SPOILER="K7 Tickets"]</p><p>[ATTACH]242506[/ATTACH][ATTACH]242507[/ATTACH][ATTACH]242508[/ATTACH][ATTACH]242509[/ATTACH][ATTACH]242510[/ATTACH][ATTACH]242511[/ATTACH][ATTACH]242512[/ATTACH][ATTACH]242513[/ATTACH][ATTACH]242514[/ATTACH][ATTACH]242515[/ATTACH]</p><p>All tickets created so far. I marked all tickets with RW bypass in the subject, could be even more.[/SPOILER]</p><p>[SPOILER="Applied custom settings"]</p><p><u>eMail:</u></p><p>Enable Worm Blocking, Scan outgoing eMails</p><p><u>Scanner:</u></p><p>also Scan Memory, Tracking Cookies, Unwanted Registry Entries, Unwanted Files</p><p><u>System Monitor:</u></p><p>Custom Level of Protection (actually all boxes are activated by default or because of "High" setting used before)</p><p>Always Prompt if a new Software is installed when changes are found</p><p>Do not automatically allow signed files / recognized by the System Monitor</p><p><u>Firewall:</u></p><p>Display critical alerts</p><p>Ask for outbound connections of non-whitelisted apps</p><p>Intrusion Rules: Activate also SMB Exploit Detection 1, HTTP Server Exploit Detection 1 and FTP Server Exploit Detection 1</p><p></p><p><u>Data Locker (<strong>custom setting</strong> not applied in previous tests):</u></p><p>Do<strong> <u>not</u> </strong>use SmartAnalysis to discover Trusted Applications</p><p>Trusted by Data Locker before setting turned off:</p><p>C:\Windows\system32\BackgroundTaskHost.exe</p><p>C:\Windows\system32\BackgroundTaskHost.exe</p><p>C:\Windows\system32\RuntimeBroker.exe</p><p>C:\Windows\system32\PickerHost.exe (=Snipping Tool to create screenshots)</p><p>C:\Windows\explorer.exe</p><p>C:\ProgramFiles\SoftMaker Office 2018\TextMaker.exe</p><p>C:\ProgramFiles\SoftMaker Office 2018\PlanMaker.exe</p><p>C:\ProgramFiles\SoftMaker Office 2018\Presentations.exe</p><p></p><p>Data Locker by default protects Pictures and Documents against writing performances by processes not whitelisted as above. </p><p>[/SPOILER]</p></blockquote><p></p>
[QUOTE="Der.Reisende, post: 888380, member: 32430"] Agree, super light AV, decent signatures (at least for .exe, not so for scriptors and office files). BB is also very reactive, seems to not rely on the cloud like many other products (works offline, too). Lacking in terms of Ransomware Protection though (it does have DataLocker though, which prevents file encryption for covered folders - by default documents, pictures - by 98%, during my testing in the HUB, in very rare cases RW bypassed folder protection). And sometimes HIPS does not recognize new AutoRuns (for example by scriptors), it did sometimes remove them after 20-30 minutes, not that stable yet. But in most cases, you should be safe, even more as usually malware does not tend to pop up in bunches on the local machine like in the HUB tests, but rather takes the way via the browser, where K7 Web protection shines (at least for malware links). EDIT: I really dislike there seems to be no option to ask for outbound by trusted M$ processes, even in highest settings (apart from block everything), they're whitelisted on outbound attempt. Better create your own list for (later hollowed) Windows .exe you don't want to see call outbound. All other services are ask first as intended (if you change firewall behaviour to do so, by default it doesn't). [SPOILER="K7 Tickets"] [ATTACH alt="1.jpg"]242506[/ATTACH][ATTACH alt="2.jpg"]242507[/ATTACH][ATTACH alt="3.jpg"]242508[/ATTACH][ATTACH alt="4.jpg"]242509[/ATTACH][ATTACH alt="5.jpg"]242510[/ATTACH][ATTACH alt="6.jpg"]242511[/ATTACH][ATTACH alt="7.jpg"]242512[/ATTACH][ATTACH alt="8.jpg"]242513[/ATTACH][ATTACH alt="9.jpg"]242514[/ATTACH][ATTACH alt="10.jpg"]242515[/ATTACH] All tickets created so far. I marked all tickets with RW bypass in the subject, could be even more.[/SPOILER] [SPOILER="Applied custom settings"] [U]eMail:[/U] Enable Worm Blocking, Scan outgoing eMails [U]Scanner:[/U] also Scan Memory, Tracking Cookies, Unwanted Registry Entries, Unwanted Files [U]System Monitor:[/U] Custom Level of Protection (actually all boxes are activated by default or because of "High" setting used before) Always Prompt if a new Software is installed when changes are found Do not automatically allow signed files / recognized by the System Monitor [U]Firewall:[/U] Display critical alerts Ask for outbound connections of non-whitelisted apps Intrusion Rules: Activate also SMB Exploit Detection 1, HTTP Server Exploit Detection 1 and FTP Server Exploit Detection 1 [U]Data Locker ([B]custom setting[/B] not applied in previous tests):[/U] Do[B] [U]not[/U] [/B]use SmartAnalysis to discover Trusted Applications Trusted by Data Locker before setting turned off: C:\Windows\system32\BackgroundTaskHost.exe C:\Windows\system32\BackgroundTaskHost.exe C:\Windows\system32\RuntimeBroker.exe C:\Windows\system32\PickerHost.exe (=Snipping Tool to create screenshots) C:\Windows\explorer.exe C:\ProgramFiles\SoftMaker Office 2018\TextMaker.exe C:\ProgramFiles\SoftMaker Office 2018\PlanMaker.exe C:\ProgramFiles\SoftMaker Office 2018\Presentations.exe Data Locker by default protects Pictures and Documents against writing performances by processes not whitelisted as above. [/SPOILER] [/QUOTE]
Insert quotes…
Verification
Post reply
Top
