Antivirus protection is a must for all your Windows computers, but it’s not the only kind of security protection.
A full-scale security suite integrates many other protective components and layers.
With K7 Total Security, you get antivirus, firewall, spam filtering, parental control, system tuneup, and many bonus features.
However, the effectiveness of these components varies, and it costs as much or more than superior suites.
You pay $39.99 per year for a K7 subscription.
Bumping that to $79.99 gets you three licenses, the same as Bitdefender Total Security and ESET, and just a few pennies more than Kaspersky, Trend Micro, and G Data.
A five-license subscription to K7 runs you $119.99, which is on the high side.
Kaspersky Total Security, Avira, and Norton give you five licenses for $99.99.
With Bitdefender, ZoneAlarm, and Trend Micro you get five for $10 less, and you can take off another $10 for a five-pack of Webroot’s top suite.
As with K7’s antivirus, installation is a breeze.
The suite’s main window is almost identical to that of the standalone antivirus.
It displays useful statistics in three big panels, including the date and time of the last update, the version of the virus definitions, and the number of days left in your subscription.
Clicking other links and icons gets scans, settings, and bonus tools.
As you click links, icons, and arrows to navigate the product, new pages appear as if they were sliding in from different directions.
The interface is lively, but you’ll want to spend some time exploring all the available pages, so you don’t miss any of the features.
Shared With Antivirus
Naturally, every feature found in K7 Antivirus Premium also shows up in this suite.
I’ll summarize my impression of those shared features here—if you want more details, please read my review of the antivirus.
Just two of the four antivirus testing labs I follow include K7 in their reports, but those two give it good marks.
From AV-Test Institute, K7 earned 17 of 18 possible points, a half-point short of earning the designation Top Product.
In three tests by AV-Comparatives, K7 earned the maximum rating twice and the second-best rating once.
I use an algorithm to calculate an aggregate score for those products tested by at least two labs.
K7’s score came out at 9.1, which is decent, but others have attained scores even better, and from more labs.
Bitdefender managed 9.9 of a possible 10 based on three reports, and Avira Prime achieved 9.8 points, with results from all four labs.
K7’s full scan on a clean test system finished in 48 minutes, about 20 minutes faster than the current average.
It clearly used that first scan to optimize for subsequent scanning; a repeat scan finished in just 10 minutes.
Not every antivirus gets tested by the independent labs, so I always perform my own tests.
These tests also give me valuable hands-on experience with each product.
K7 scored 8.7 of 10 possible points in my hands-on test, which isn’t the best.
Tested against the same collection of malware samples, Webroot SecureAnywhere Internet Security Plus managed a perfect 10.
That hands-on test uses a set of samples that remain the same for months.
For a different view of protection, I test using real-world malware-hosting URLs recently discovered by experts at London-based MRG-Effitas.
I launch each one, discarding those that are already defunct, and note whether the antivirus blocks access to the URL, eliminates the malware download, or totally misses the danger.
K7’s antivirus suffers a serious handicap in this test, as it doesn’t include the Web Protection component found in the suite.
It did eliminate 75 percent of the malicious payloads, but that’s a poor score overall.
With Web Protection active, the K7 suite scored 99 percent protection, almost entirely by preventing all access to the dangerous pages.
Trend Micro and G Data also scored 99 percent in their latest tests.
McAfee, Sophos, and Vipre Advanced Security all blocked 100 percent of the samples.
Like K7 Total Security, these successful products used a combination of steering the browser away from dangerous URLs and whacking any malware downloads that got through.
I tested K7’s ransomware protection system by turning off all other layers of protection and releasing a dozen virulent real-world ransomware samples.
This protective layer blocked ransomware activity by all but one of the file-encrypting samples, which is better than many.
And when I let K7 use all its protective layers, it detected and quarantined that breakthrough sample with ease.
Even at the standalone antivirus level, K7 includes a basic firewall that fends off outside attack and monitors local programs so they don’t misuse your network connections.
The antivirus will scan for vulnerabilities, abnormal system setting changes, and tracking cookies.
Other bonus features include a pair of simple privacy cleaners, a virtual keyboard, vaccination of USB drives against infection, and simple device control system.
This last component lets you control use of USB drives, CD/DVD drives, and floppies, but it’s not the full-scale device control found in G Data Total Security and a few others.
As you can see, you get a lot of security features from K7 even at the standalone antivirus level.
If this summary intrigues you, please read my full review of the antivirus.
Antiphishing Disappointment
I couldn’t test phishing protection in K7’s antivirus because it simply lacks that feature.
Given the suite’s excellent score in my malicious URL test, I looked forward to a similar success in my phishing protection test.
I was seriously disappointed.
Phishing websites don’t attempt to plant malware on unsuspecting visitors.
Rather, they do their best to simulate real-world sensitive sites such as banks, auction sites, and even dating sites.
When a victim logs in to one of these fake sites, the fraudsters receive the login credentials for the real site, and the victim is hosed.
Sure, phishing sites quickly get blacklisted and taken down, but the fraudsters just pop up another fake.
Because of the transient nature of phishing sites, it’s important that a web-based protection system handle the very newest ones.
To test that ability, I scrape websites that receive reported frauds, gathering the newest ones and making sure to include both verified frauds and ones that haven’t yet hit the blacklists.
With my collection of URLs in hand, typically about 400 of them, I set up four test systems, three relying on the phishing protection built into Chrome, Edge, and Firefox, and a fourth protected by the product under test.
I launch each URL in all four browsers at once and note the results, discarding any that don’t load properly in all four, as well as any that don’t clearly represent a fraudster’s attempt to steal credentials.
The test went very badly for K7 at first, so much so that I triple-checked to be sure its browser extension was present and enabled.
Eventually it did start to catch some of the frauds, and by the end of the test it was doing reasonably well.
Even so, its 72 percent detection score is quite low.
Chrome, Edge, and Firefox all scored significantly better than K7.
The lesson is clear; don’t turn off your browser’s phishing protection.
As noted, K7 visibly improved during the test, as the URLs used for testing went from just minutes or hours old to a full day old or a little more.
Just to quantify that improvement, I scored K7 based only on the first half of the URLs, and only on the second half.
Against the second half, the older ones, it got 91 percent.
But it only detected 39 percent of the first half.
These figures suggest that K7 relies totally on blacklisting, lacking the heuristic detection that more successful products use to handle the very newest phishing frauds.
In their own latest tests, Kaspersky and Trend Micro achieved 100 percent detection, while Bitdefender, McAfee Total Protection, and Norton managed 99 percent.
See How We Test Security Software
Web Protection
Web Protection, not present in K7’s standalone antivirus, includes the Safe Surf component that performed extremely well against malware-hosting URLs, not so well against phishing frauds.
Safe Search extends this protection so that you never even try to visit dangerous sites.
It does so by marking safe sites in search results with a green checkmark.
I couldn’t immediately figure out the third component, titled Identity Protection.
The help system clarified that this component prompts you with a warning if you enter a password on a website that’s not secured with HTTPS.
With the current strong emphasis on security, it’s hard to find a site that doesn’t use HTTPS.
If you do run across one, heed K7’s warning and avoid entering passwords or other sensitive information.
Spam Filter
These days, few users need a local spam filter.
Popular web-based email systems such as Gmail handle spam filtering internally, as do most business-level email servers.
If you’re one of those few, K7’s spam filter may come in handy.
K7 filters all incoming POP3 email, and also checks outgoing SMTP email for spam characteristics, on the chance a spambot got past the antivirus.
The filter adds a marker to the subject line of suspected spam messages.
If you’re using Outlook or Outlook express as your email client, K7 diverts those messages to a spam folder automatically.
Those using a different client can create a message rule to do the job.
From the toolbar in Outlook or Outlook express you can mark any spam messages that reached the Inbox, or valid messages wrongly discarded as spam.
In settings, you can whitelist known correspondents, with an option to automatically whitelist recipients of your own messages.
Any address or domain on the blacklist will always go to spam.
If you love tinkering, you can dig into the spam filter’s settings to tweak them in many ways.
A slider lets you adjust the threshold for “spaminess,” controlling how bad it must be to get a message banned as spam.
Another slider adjusts the threshold for the Bayesian learning filter.
You can even define rules, for example to mark any message with “webinar” in the subject as spam.
And my guess is, not one user in a thousand ever touches these advanced settings.
As noted, few users need this feature.
If you’re one of them, keep an eye on it at first, to make sure it’s correctly distinguishing spam from valid mail.
Then just lean back and let it do its job.
Privacy Protection
K7 includes two very different features for protecting your privacy.
One prevents inadvertent transmission of use-defined personal data; the other controls which applications can use your webcam.
A user-interface oddity means you may miss one or the other of these.
If you click Details from the home screen and click Settings under the privacy label, it takes you to a page for configuring webcam protection.
If instead you click Settings at the top of the main window and choose privacy, you reach a page for protecting personal data.
It’s a bit confusing, perhaps because the webcam feature is new in this edition.
When you enable webcam protection you have two choices.
You can block all programs from using the webcam, removing the block manually when you need to use it.
With the restricted option, you get a notification when a program wants to use the webcam, with the option to allow access and optionally remember the response, thereby making the program trusted.
In testing, I found that to enable access for Skype I had to allow three distinct processes and check the box to remember my answer for each.
Until I did that, Skype reported no webcam present.
This was a minor, one-time inconvenience, far outweighed by the knowledge that no creepy peeper will be spying on me through the webcam.
To test private data protection, I entered a bank account number, a password, and a credit card number for protection.
I left the list of trusted websites blank and tried submitting the protected data items on Google and Bing, with no response from K7.
Google and Bing both force HTTPS, which I thought might have interfered, so I submitted the items on a random non-secure fan club page.
Here, too, K7 did nothing.
My contact at K7 confirmed that a recent build broke this feature, and that it will be put back into play very soon.
Fortunately, this is not an essential security tool.
Parental Control
Not every consumer has young children, and not every parent wants to monitor and control what the kids do on their screens.
For those that have a need, K7 offers a parental control system.
However, it’s quite different from most, and not in a good way.
Parental Customization
Customizing the parental control system creates settings shared by all users.
You separately determine how these settings affect each user account.
That being the case, customization is the first step.
Unlike almost every other parental control content filter, K7 offers no categories for blocking unwanted content.
You, the parent, must list every website you don’t want your kids visiting.
Or, if you’re going for the iron fist approach, you can list all the websites that are allowed, banning anything not on the list.
Next is a peculiar option called Browser Settings.
Here you create a list of websites, with certain controls on use of cookies, ActiveX, and Java apps.
For each site you define whether each type of active content is allowed or blocked, or whether the user will get a prompt to choose.
I don’t see parents using this.
At least the list of ad-blocking keywords comes pre-configured.
When ad-blocking is enabled, it suppresses access to URLs containing such text strings as “/ad/” and “/adinfo/”.
Finally, Application Control lets you identify specific applications for K7 to block.
User Settings
Everything you’ve done so far has no effect until you apply limitations to specific user accounts.
You start by configuring the Web Filter.
For each user account, you can choose to block all sites on the blocked list, allow only sites on the allowed list, or leave the account unfiltered.
There’s an option to log all sites visited, but you can’t tune the allowed and blocked lists on a per-user basis.
The Application Control page lets you choose whether to block the specified applications for this account, and whether to log all blocking activity.
You can also configure K7 to block all browsers except Internet Explorer, a step that’s required if you...
