Focue Provides the Latest and Most Up-to-Date News, What You Focus On is What You Get.
⎯ 《 Focue • Com 》

K7 Antivirus Premium Review

2023-06-21 16:23
The antivirus business is thoroughly global. Webroot originates in the US, Bitdefender in Romania, Kaspersky
K7 Antivirus Premium Review

The antivirus business is thoroughly global. Webroot originates in the US, Bitdefender in Romania, Kaspersky in Russia, and ESET in Bratislava, for example. K7 originated in and remains in India, but you should have no trouble with the familiar features of K7 Antivirus Premium no matter where you are. It goes beyond the basics with a firewall, vulnerability scan, and other bonus features. However, it lacks web-based protection against malicious and fraudulent sites and earned poor scores in our hands-on tests. Its best feature may be its relatively low price.

How Much Does K7 Antivirus Cost?

The most common price for a single antivirus license is just below $40. Bitdefender, Trend Micro, and Webroot are among the antivirus apps that cluster at this price. G Data Antivirus undercuts that bunch, selling for $29.95 per year. But K7 costs less than any non-free antivirus I’ve seen. A single K7 license runs $15 per year, and even that low price is almost always discounted. You get two K7 licenses for $19, three for $23, and four for $27 per year.

The average price for a five-license antivirus subscription is roughly $70. At $34, K7 costs less than half the average. Only the less-known SecureAge CatchPulse undercuts K7, with a $32.45 price for a five-license subscription.

It's Surprisingly Easy to Be More Secure Online

McAfee costs $64.99 per year, just a bit less than K7’s five-license price. However, McAfee has the rare distinction of not limiting you to a fixed number of devices. That one subscription lets you install McAfee protection on every Windows, macOS, Android, iOS, and ChromeOS device in your household. If you have a lot of devices, it can be a bargain.

K7’s low, low prices have earned it a place of honor in PCMag’s list of our Top 100 Budget Buys.

K7 Gets Decent Lab Test Scores

Researchers at independent testing labs around the world spend their days torture-testing antivirus utilities to identify the best ones. I follow four labs that release public reports regularly. Only two of them include K7 in their testing, but those two give it decent ratings.

AV-Test Institute rates antiviruses on three criteria: successful protection against malware; small impact on performance; and good usability, meaning few false positives (legitimate apps or sites flagged as malicious). An antivirus can earn six points in each area, for a maximum of 18 points.

K7 took 5.5 points for protection and earned the full six for performance and usability. With an overall score of 17.5, K7 earned the title Top Product. In the latest test report, more than 60% of antivirus apps received Top Product honors, and more than half of those scored a perfect 18 points. Among the top scorers were AVG AntiVirus Free, Bitdefender, and F-Secure.

Reports from AV-Comparatives don’t come with numeric scores. Rather, an app that passes gets a Standard certification. Those that do more than the minimum can earn certification at the Advanced or Advanced+ level. Of the three tests I follow from this lab, K7 earned two Standard certifications and one Advanced+. Avast, AVG, and Bitdefender Antivirus Plus are the only apps with Advanced+ ratings in the latest edition of all three tests.

Each lab uses a different scoring system. I’ve devised an algorithm that maps scores onto a scale from 0 to 10 and generates an aggregate lab score for comparison. K7’s 8.8-point aggregate is respectable, but not near the top. With a 10-point aggregate score drawn from all four labs, Bitdefender is the undisputed king of the hill. AVG also has 10 points, but based on just two lab reports. Kaspersky, tested by three labs, holds an impressive 9.8 points, with McAfee close behind at 9.7.

Getting Started With K7 Antivirus

Installation is quick and simple—just click one button to accept the EULA and launch the installation. When it finishes, you must activate the installation, either by entering your serial number or by choosing a 30-day trial. Once it finishes updating the antivirus definitions, you're ready to go.

The main window displays handy stats in large, easy-to-read panels, including the date and time of the last update, the version of the virus definitions, and the number of days left in your subscription. Links and icons give you access to scans, settings, bonus tools, and more.

As you click those links and icons, new pages appear as if sliding in from above or below. On some pages, arrows lead to details or additional features that slide in from left or right. It’s a lively, animated interface, but you’ll want to take a little time to click all the buttons and arrows to make sure you don’t miss anything.

K7 Scan Optimization

K7 offers the expected full system scan, quick scan, and custom scan, as well as a separate scan that aims to detect rootkits by their behavior. On my standard clean test system, a full scan took 110 minutes, about 10 minutes quicker than the current average. Like Trend Micro Antivirus+ Security, F-Secure Anti-Virus, and a few others, K7 uses that first scan to optimize subsequent scans for speed. A repeat scan with K7 took less than four minutes.

By default, K7 scans incoming emails for malware; you can optionally set it to scan outgoing mail as well. You can also schedule a daily, weekly, or monthly scan.

K7 Antivirus Premium: Poor Malware Protection Scores

Lab results are great to have, but with or without them, I always perform my own hands-on testing of each program’s malware protection abilities. When I opened the folder containing my current collection of malware samples, K7 started picking them off right away. Within a few minutes, it had eliminated 55% of the samples. That puts K7 ahead of Avast, AVG, and McAfee, which don’t check programs for malware until they execute. K7’s popup notifications stack in a single location, with arrows so you can flip through them if you wish.

I proceeded to launch the remaining samples and record K7’s reaction. It didn’t prevent any of them from launching, but it jumped in to quash the malware after launch in many cases. However, even when it detected malware activity, it let quite a few of them install executable files on the test system. K7 detected 73% of the samples and scored 6.9 of 10 possible points, the lowest of any antivirus tested with my current set of malware samples.

To be fair, Bitdefender didn’t score a lot better. However, when my results don’t jibe with lab scores, I give more weight to the labs, especially when the scores are perfect.

Tested with the same sample collection, Webroot SecureAnywhere AntiVirus scored 9.4 points and McAfee managed 9.2. Of the apps tested with my previous collection, G Data and ZoneAlarm PRO NextGen Antivirus + Firewall stand out, each achieving 9.8 points.

For a different view of K7's malware combat skills, I launched 100 malware-hosting URLs from a feed supplied by MRG-Effitas. Where the curated samples in my malware blocking test remain the same for many months, these dangerous URLs are always current, no more than a few days old. In this test, I give equal credit, whether the antivirus steers the browser away from the dangerous URL or wipes out the payload during download.

Most antivirus tools include some form of protection against malware-hosting URLs. Typically, they divert the browser to a warning page, so you never access the dangerous URL. K7 is a bit unusual in that malicious URL blocking is reserved for the security suites and is not included with the basic antivirus. Phishing protection is likewise absent.

K7 did block 58% of the malicious payloads during or immediately after the download, the same as Vipre Antivirus Plus. Only a handful of antivirus tools have scored lower. At the other end of the spectrum, McAfee, Norton, Sophos Home Premium, Trend Micro, and ZoneAlarm all blocked 100% of their malware-hosting URL samples. To be fair, all five of those top-scoring programs attacked the problem both by fending off dangerous URLs and detecting malware downloads, while K7 relied only on the latter.

K7's System Monitor component aims to detect brand-new malware based on its behavior. This kind of detection can easily generate false positives, as some of the behaviors it monitors are also used by legitimate programs. Fortunately, it didn’t cause any trouble when I installed a gaggle of legitimate programs. It did warn when one of the programs tried to install a Windows service, but taking a close look in such cases is a reasonable precaution.

K7 Antivirus Premium: Effective Ransomware Protection

Since a ransomware attack is so damaging, I actively challenge programs that promise ransomware-specific protection. When possible, I shut down ordinary real-time protection and just leave ransomware protection active. This doesn’t always work. With Avira Antivirus Pro, for example, turning off real-time protection turns off the ransomware component too.

K7 doesn’t make turning off standard real-time protection easy, but I found a way. On the settings pages for Sentry and Scanner, I turned off the detection of spyware and adware. Then I set it to scan only files with specific extensions, disabling all except the extension .386, which doesn’t match any of my samples. The fact that I could copy my ransomware samples back to the test system served as validation that real-time protection was disabled. I cut off the virtual machine from the rest of the network and launched samples.

Of my dozen real-world ransomware samples, just one is the type that encrypts the whole disk, while the rest are the more common file-encrypting type. K7 caught all of them right after launch, detecting their suspicious activities rather than simply recognizing the file as a known threat. It only labeled two of them specifically as ransomware, but it did the job. K7 also caught an extremely simple ransomware simulator that I wrote for use as a sanity check.

I’ve run across antivirus utilities whose ransomware protection doesn’t kick in early enough in the boot process. Ransomware that launches at system boot can do its dirty deeds before the antivirus can detect it. To check this possibility, I set several of the samples to launch at startup and rebooted the system. K7 handled them all without difficulty.

I also use the RanSim ransomware simulator from KnowBe4 for testing. Since it isn’t truly ransomware, I don’t fault programs that don’t detect its behaviors, but I can celebrate success. This tool runs 10 tests that use standard ransomware techniques and two that perform innocent encryption tasks—for the best score, an antivirus should block the first group and allow the second. K7 blocked 9 of the 10 simulated ransomware attacks and also blocked one of the innocent activities. That’s still pretty good.

K7’s handling of ransomware is impressive, and it has improved since its last review, where it missed one sample.

K7's Basic Firewall

While an antivirus defends your system against attack by malicious processes, a firewall protects the network and network traffic against attack. Most security companies reserve this component for their security suites. K7, like McAfee AntiVirus Plus and a few others, builds in firewall protection at the antivirus level.

I installed K7 on a physical test system with a direct connection to the internet, to avoid any unwanted help from the router. The firewall correctly stealthed all ports and fended off the port scans and other attacks I tried. Do note that Windows Firewall alone does the same; this test is only relevant when a firewall fails.

The flip side of firewall protection involves preventing local programs from misusing your network or internet connection. Those of a certain age may remember early personal firewalls that bombarded the user with confusing questions about what network activity should be allowed. SlavaUkraini.exe wants to connect with port 8080. Allow or block? Just this time or always? Boxers or briefs?

To avoid that annoying popup storm, high-end firewalls like that of Norton 360 Deluxe automatically configure permissions for known good programs and apply extra scrutiny to unknowns. Others simply allow all traffic except unsolicited incoming connections.

K7 takes a different tack. It assumes that, for now, you don’t have any misbehaving programs. For the first week, it notes which programs access the network and creates rules to let them continue that access. Once the week is over, it tightens up, so new access attempts require permission.

I tested this feature by manually changing the firewall’s response to prompt when it encounters a new program. When I tried to use a tiny browser I wrote myself, and it displayed a simple query noting the access attempt and asking me whether to allow or block it. By default, it remembers the response, so you don’t have to respond to the same program again. Because the program control system had already vetted all the browsers and Windows components that accessed the network, I didn’t get the flock of pop-ups plaguing some similar systems.

K7 includes Exploit Protection in its antivirus repertoire and offers Intrusion Detection among its firewall features. To test this layer of protection, I hit the test system with about 30 exploits generated by the CORE Impact penetration tool. K7 didn’t react to any of them, though since the test system is fully patched, none of the exploits succeeded in penetrating security. About a third of them dropped documents or other files. Some antivirus tools detect exploits based on associated files, but actively running a scan on those documents with K7 didn’t turn up anything.

The settings page for exploits lists all the exploits that K7 aims to block. I did note that those with identifying CVE numbers were mostly discovered in 2012, with just a few from 2020 and a reference to the Log4j exploit. This component may simply be out of date.

It’s great when your security tool detects an exploit attack at the network level before it can attempt to drop a malware payload. Vipre Advanced Security, for example, caught 55% of the samples at the network level, the best score among recent tests.

At least the firewall is properly hardened against code-based attacks. It keeps nothing significant in the Registry, so a malware program couldn’t just set Firewall to OFF. When I tried to kill off its nine processes using Task Manager, I ran into a wall of Access Denied messages. The same happened when I tried to set its five Windows services to start up disabled.

K7’s firewall protection is basic, but it does the job. It protected against web-based attacks and protected itself from getting shut down by malware. Its system of treating the first week as training for program control avoided the annoying storm of popups that come with some competitors (at the risk of allow-listing a sneaky program already present on the system). And while it didn’t block exploit intrusions, that feature is not typical for basic firewalls.

Bonus Scans in K7

I mentioned earlier that you should explore the entire user interface, by clicking all the icons and arrows. You’ll find a collection of bonus features scattered on different pages here and there.

On the main Scan page, you get the expected quick, complete, and custom scans, along with a scan aimed specifically at rootkits. Links let you tweak scan settings and configure scheduled scanning. An arrow at the right almost looks like it belongs to the rootkit scan; it doesn’t. Clicking it reveals several more bonus scan choices.

Malware attacks often gain traction by exploiting security holes in Windows or popular apps. The makers of those apps quickly release security patches, but it’s up to you to apply them. K7 includes a scan to find vulnerabilities, which I take to mean missing security patches. Just as when I last tested this antivirus, the scan finished in a flash and found nothing, even though I deliberately keep Chrome, Firefox, and Opera a version or two behind the latest. A manual check revealed all three browsers need an update. I have no evidence that this feature does what it claims.

The similar feature in McAfee and Kaspersky took a bit longer to run but correctly found missing patches. Avira Free Security even offered to apply the patches it found, and Vipre did the job silently, in the background.

I also clicked to scan for abnormal changes to system settings. This scan, too, finished in a flash. It charted entries found, entries scanned, entries modified, and entries to be fixed. In every case, the reported value was None. Here, too, I’m unsure of the scan’s capability.

Advertisers use special cookies to track your browsing between different websites that share their ads. K7’s scan for these tracking cookies ran quickly and found two to remove. Avast, Bitdefender, and Kaspersky are among the antivirus tools that get ahead of this problem with an active Do Not Track system that keeps sites from placing such cookies on your system. Bonus may not be the best word for these additional scans, which don’t seem to add much value.

Additional Tools in K7

Clicking Tools on the main window brings up another collection of bonus tools, including a pair of simple cleaners for Windows and browser temp files. You can enter passwords using the virtual keyboard to avoid the possibility of capture by a keylogger, even a hardware-based keylogger.

Most modern malware propagates via the internet, but there are still some threats that gain entry via an infected USB drive. Just ask the nuclear scientists whose work was destroyed by Stuxnet! Like Panda Dome Essential, K7 offers to vaccinate USB drives so malware can’t use them to spread. It also offers to scan each USB drive for malware.

You’ll have to dig deeper for the next bonus. When you click Settings at the top of the main window, you get access to general settings and those for antivirus and firewall. You also reveal a feature called Device Control. This feature lets you put limits on the use of USB drives, CD/DVD drives, and even floppy disk drives (if you can find one). You can disable any of the three types or lock them with a password. You also can control read, write, and autorun, and configure whether K7 scans inserted media automatically.

Note that this is not like the device control feature found in G Data Total Security and a few others. Full-scale device control lets you do things like disable the use of USB drives in general but permits access for specific pre-approved devices. K7 doesn’t operate on a per-device basis.

K7 Is a Decent Antivirus

K7 Antivirus Premium earns good scores from two independent testing labs, but it lacks the web-based protection against malicious and fraudulent websites found in most competing antivirus utilities, which contributed to its low scores in some of our hands-on tests. It does include a basic firewall that’s hardened against attack, and its ransomware protection proved effective in testing. It’s a decent antivirus at a good price.

Even so, you’ll do better to pay a little more for more comprehensive protection. Bitdefender Antivirus Plus boasts more features than some security suites, and at present it holds perfect scores from four independent antivirus labs. McAfee AntiVirus Plus doesn’t always score as high as Bitdefender, but a single subscription protects all the devices in your household. These two are our Editors’ Choice winners for antivirus protection.

Tags antivirus