You pay $39.99 per year for a K7 subscription. Bumping that to $79.99 gets you three licenses, the same as Bitdefender Total Security and ESET, and just a few pennies more than Kaspersky, Trend Micro, and G Data.
A five-license subscription to K7 runs you $119.99, which is on the high side. Kaspersky Total Security, Avira, and Norton give you five licenses for $99.99. With Bitdefender, ZoneAlarm, and Trend Micro you get five for $10 less, and you can take off another $10 for a five-pack of Webroot’s top suite.
As with K7’s antivirus, installation is a breeze. The suite’s main window is almost identical to that of the standalone antivirus. It displays useful statistics in three big panels, including the date and time of the last update, the version of the virus definitions, and the number of days left in your subscription. Clicking other links and icons gets scans, settings, and bonus tools.
As you click links, icons, and arrows to navigate the product, new pages appear as if they were sliding in from different directions. The interface is lively, but you’ll want to spend some time exploring all the available pages, so you don’t miss any of the features.
Shared With Antivirus
Naturally, every feature found in K7 Antivirus Premium also shows up in this suite. I’ll summarize my impression of those shared features here—if you want more details, please read my review of the antivirus.
Just two of the four antivirus testing labs I follow include K7 in their reports, but those two give it good marks. From AV-Test Institute, K7 earned 17 of 18 possible points, a half-point short of earning the designation Top Product. In three tests by AV-Comparatives, K7 earned the maximum rating twice and the second-best rating once.
I use an algorithm to calculate an aggregate score for those products tested by at least two labs. K7’s score came out at 9.1, which is decent, but others have attained scores even better, and from more labs. Bitdefender managed 9.9 of a possible 10 based on three reports, and Avira Prime achieved 9.8 points, with results from all four labs.
K7’s full scan on a clean test system finished in 48 minutes, about 20 minutes faster than the current average. It clearly used that first scan to optimize for subsequent scanning; a repeat scan finished in just 10 minutes.
Not every antivirus gets tested by the independent labs, so I always perform my own tests. These tests also give me valuable hands-on experience with each product. K7 scored 8.7 of 10 possible points in my hands-on test, which isn’t the best. Tested against the same collection of malware samples, Webroot SecureAnywhere Internet Security Plus managed a perfect 10.
That hands-on test uses a set of samples that remain the same for months. For a different view of protection, I test using real-world malware-hosting URLs recently discovered by experts at London-based MRG-Effitas. I launch each one, discarding those that are already defunct, and note whether the antivirus blocks access to the URL, eliminates the malware download, or totally misses the danger.
K7’s antivirus suffers a serious handicap in this test, as it doesn’t include the Web Protection component found in the suite. It did eliminate 75 percent of the malicious payloads, but that’s a poor score overall. With Web Protection active, the K7 suite scored 99 percent protection, almost entirely by preventing all access to the dangerous pages.
Trend Micro and G Data also scored 99 percent in their latest tests. McAfee, Sophos, and Vipre Advanced Security all blocked 100 percent of the samples. Like K7 Total Security, these successful products used a combination of steering the browser away from dangerous URLs and whacking any malware downloads that got through.
I tested K7’s ransomware protection system by turning off all other layers of protection and releasing a dozen virulent real-world ransomware samples. This protective layer blocked ransomware activity by all but one of the file-encrypting samples, which is better than many. And when I let K7 use all its protective layers, it detected and quarantined that breakthrough sample with ease.
Even at the standalone antivirus level, K7 includes a basic firewall that fends off outside attack and monitors local programs so they don’t misuse your network connections. The antivirus will scan for vulnerabilities, abnormal system setting changes, and tracking cookies.
Other bonus features include a pair of simple privacy cleaners, a virtual keyboard, vaccination of USB drives against infection, and simple device control system. This last component lets you control use of USB drives, CD/DVD drives, and floppies, but it’s not the full-scale device control found in G Data Total Security and a few others.
As you can see, you get a lot of security features from K7 even at the standalone antivirus level. If this summary intrigues you, please read my full review of the antivirus.
I couldn’t test phishing protection in K7’s antivirus because it simply lacks that feature. Given the suite’s excellent score in my malicious URL test, I looked forward to a similar success in my phishing protection test. I was seriously disappointed.
Phishing websites don’t attempt to plant malware on unsuspecting visitors. Rather, they do their best to simulate real-world sensitive sites such as banks, auction sites, and even dating sites. When a victim logs in to one of these fake sites, the fraudsters receive the login credentials for the real site, and the victim is hosed. Sure, phishing sites quickly get blacklisted and taken down, but the fraudsters just pop up another fake.
Because of the transient nature of phishing sites, it’s important that a web-based protection system handle the very newest ones. To test that ability, I scrape websites that receive reported frauds, gathering the newest ones and making sure to include both verified frauds and ones that haven’t yet hit the blacklists.
With my collection of URLs in hand, typically about 400 of them, I set up four test systems, three relying on the phishing protection built into Chrome, Edge, and Firefox, and a fourth protected by the product under test. I launch each URL in all four browsers at once and note the results, discarding any that don’t load properly in all four, as well as any that don’t clearly represent a fraudster’s attempt to steal credentials.
The test went very badly for K7 at first, so much so that I triple-checked to be sure its browser extension was present and enabled. Eventually it did start to catch some of the frauds, and by the end of the test it was doing reasonably well. Even so, its 72 percent detection score is quite low. Chrome, Edge, and Firefox all scored significantly better than K7. The lesson is clear; don’t turn off your browser’s phishing protection.
As noted, K7 visibly improved during the test, as the URLs used for testing went from just minutes or hours old to a full day old or a little more. Just to quantify that improvement, I scored K7 based only on the first half of the URLs, and only on the second half. Against the second half, the older ones, it got 91 percent. But it only detected 39 percent of the first half.
These figures suggest that K7 relies totally on blacklisting, lacking the heuristic detection that more successful products use to handle the very newest phishing frauds. In their own latest tests, Kaspersky and Trend Micro achieved 100 percent detection, while Bitdefender, McAfee Total Protection, and Norton managed 99 percent.
See How We Test Security Software
Web Protection, not present in K7’s standalone antivirus, includes the Safe Surf component that performed extremely well against malware-hosting URLs, not so well against phishing frauds. Safe Search extends this protection so that you never even try to visit dangerous sites. It does so by marking safe sites in search results with a green checkmark.
I couldn’t immediately figure out the third component, titled Identity Protection. The help system clarified that this component prompts you with a warning if you enter a password on a website that’s not secured with HTTPS. With the current strong emphasis on security, it’s hard to find a site that doesn’t use HTTPS. If you do run across one, heed K7’s warning and avoid entering passwords or other sensitive information.
These days, few users need a local spam filter. Popular web-based email systems such as Gmail handle spam filtering internally, as do most business-level email servers. If you’re one of those few, K7’s spam filter may come in handy.
K7 filters all incoming POP3 email, and also checks outgoing SMTP email for spam characteristics, on the chance a spambot got past the antivirus. The filter adds a marker to the subject line of suspected spam messages. If you’re using Outlook or Outlook express as your email client, K7 diverts those messages to a spam folder automatically. Those using a different client can create a message rule to do the job.
From the toolbar in Outlook or Outlook express you can mark any spam messages that reached the Inbox, or valid messages wrongly discarded as spam. In settings, you can whitelist known correspondents, with an option to automatically whitelist recipients of your own messages. Any address or domain on the blacklist will always go to spam.
If you love tinkering, you can dig into the spam filter’s settings to tweak them in many ways. A slider lets you adjust the threshold for “spaminess,” controlling how bad it must be to get a message banned as spam. Another slider adjusts the threshold for the Bayesian learning filter. You can even define rules, for example to mark any message with “webinar” in the subject as spam. And my guess is, not one user in a thousand ever touches these advanced settings.
As noted, few users need this feature. If you’re one of them, keep an eye on it at first, to make sure it’s correctly distinguishing spam from valid mail. Then just lean back and let it do its job.
K7 includes two very different features for protecting your privacy. One prevents inadvertent transmission of use-defined personal data; the other controls which applications can use your webcam.
A user-interface oddity means you may miss one or the other of these. If you click Details from the home screen and click Settings under the privacy label, it takes you to a page for configuring webcam protection. If instead you click Settings at the top of the main window and choose privacy, you reach a page for protecting personal data. It’s a bit confusing, perhaps because the webcam feature is new in this edition.
When you enable webcam protection you have two choices. You can block all programs from using the webcam, removing the block manually when you need to use it. With the restricted option, you get a notification when a program wants to use the webcam, with the option to allow access and optionally remember the response, thereby making the program trusted.
In testing, I found that to enable access for Skype I had to allow three distinct processes and check the box to remember my answer for each. Until I did that, Skype reported no webcam present. This was a minor, one-time inconvenience, far outweighed by the knowledge that no creepy peeper will be spying on me through the webcam.
To test private data protection, I entered a bank account number, a password, and a credit card number for protection. I left the list of trusted websites blank and tried submitting the protected data items on Google and Bing, with no response from K7. Google and Bing both force HTTPS, which I thought might have interfered, so I submitted the items on a random non-secure fan club page. Here, too, K7 did nothing.
My contact at K7 confirmed that a recent build broke this feature, and that it will be put back into play very soon. Fortunately, this is not an essential security tool.
Not every consumer has young children, and not every parent wants to monitor and control what the kids do on their screens. For those that have a need, K7 offers a parental control system. However, it’s quite different from most, and not in a good way.
Customizing the parental control system creates settings shared by all users. You separately determine how these settings affect each user account. That being the case, customization is the first step.
Unlike almost every other parental control content filter, K7 offers no categories for blocking unwanted content. You, the parent, must list every website you don’t want your kids visiting. Or, if you’re going for the iron fist approach, you can list all the websites that are allowed, banning anything not on the list.
At least the list of ad-blocking keywords comes pre-configured. When ad-blocking is enabled, it suppresses access to URLs containing such text strings as “/ad/” and “/adinfo/”. Finally, Application Control lets you identify specific applications for K7 to block.
Everything you’ve done so far has no effect until you apply limitations to specific user accounts. You start by configuring the Web Filter. For each user account, you can choose to block all sites on the blocked list, allow only sites on the allowed list, or leave the account unfiltered. There’s an option to log all sites visited, but you can’t tune the allowed and blocked lists on a per-user basis.
The Application Control page lets you choose whether to block the specified applications for this account, and whether to log all blocking activity. You can also configure K7 to block all browsers except Internet Explorer, a step that’s required if you want it to filter HTTPS sites.
The Privacy tab lets you configure privacy protection on a per-user basis. By default, it blocks sending of sensitive info and notifies when blocking occurs. You can allow sending to trusted sites (defined separately under privacy protection). And under Browser Settings you can configure global options for cookies, ActiveX, and Java applets. It’s not clear to me how this last item belongs in parental control.
Finally, there’s the Timings page. Here you can totally block a user’s access to the internet, or define time periods during which access is permitted. You don’t get a daily or weekly cap like you get with Trend Micro Internet Security and F-Secure Safe, just a schedule for access.
Does It Work?
To prepare for testing, I added Pornhub and a few other such pages to the blocked list and added Google and Disney to the allowed list. I left ad blocking and browser settings alone, and configured the product to block the “dangerous” program CALC.EXE.
My test system has two imaginary child accounts, one with Administrator permissions and one without. For starters, I configured both to allow internet access every day of the week except the current day. I switched to the Standard user and tried launching a browser. The browser displayed an error message, and a transient notification stated that access isn’t allowed at this time. Further attempts to visit websites just returned browser errors, without the notification.
I tried the same thing while logged into the child account with Administrator access. I got the same results—browser error message and transitory notification. I changed the date to a day with internet access permitted, but that didn’t fool K7.
Back in the parent account, I removed the time restriction for both child accounts, enabled application blocking, including blocking all browsers except Internet Explorer, and checked that privacy protection was enabled. I set the web filter to block sites from the block list for one account and to allow only sites from the allow list for the other.
To test application blocking in a child account, I first launched Edge, Chrome, and Firefox. K7 blocked all three from accessing the internet, as promised. However, it did not block an off-brand browser, a tiny one that I wrote myself.
When I tried to launch the blocked application CALC.EXE, K7 popped up a warning and didn’t permit launch. I tried to fool it by launching a renamed copy—it wasn’t fooled.
In Internet Explorer, K7 blocked access to all sites except those on the allowed list, as promised. However, it did nothing to control access by my off-brand browser. When I switched to the other account, the one configured to block only listed sites, it likewise worked in Internet Explorer and not in my off-brand browser. Privacy protection, as noted, isn’t working at this time.
Not a Parental Control Solution
Parents expect that a parental control solution will at the very least handle steering the little darlings away from inappropriate websites and help control their screen time. K7 does schedule when internet access is permitted, and it can’t be fooled by fiddling with the system date and time, but it lacks the daily cap offered by most competitors. And its web filter is useless, requiring parents to either list every bad website or every permitted website. If you need parental control from your security suite, consider Kaspersky or Norton 360 Deluxe, both of which include top-tier parental control systems.
I mentioned that the webcam protection feature is new with the current edition. Also new is Data Locker. Like the similar feature in Trend Micro Antivirus+ Security, Avast Premium Security, and others, Data Locker prevents unauthorized changes to files in specific protected folders. That way if a ransomware attack got past the admittedly powerful anti-ransomware layer, it still couldn’t mess with your files.
By default, Data Locker protects files in the Pictures and Documents folders for the current user. If you keep important files in other locations, be sure to add them. Note that if you want to protect documents belonging to other user accounts, you’ll have to re-launch K7 by right-clicking and choosing Run as administrator.
K7 populates the list of trusted applications with a handful of important ones such as Windows Explorer. There’s also an option to use what’s called Smart Analysis to discover trusted programs. With that option turned it let Notepad edit text files; with it off, Notepad got the bum’s rush. Even with Smart Analysis active, K7 correctly blocked changes by a tiny text editor that I wrote myself.
If Data Locker blocks one of your important programs, you can’t just check a box in the Data Locker notification to make it trusted. You must dig into settings and actively add the program to the trusted list. Other products make adding trusted apps easier.
Wi-Fi Security Advisor
Another new and welcome addition is the Wi-Fi Security Advisor. You can click its icon at the bottom of the main screen any time to check the security of your current Wi-Fi connection. It shows the name of the connection, the authentication and encryption types used, and the device’s IP address. But really, what’s important is the notice at the top that your connection is secure.
The advisor should also alert you when you connect to an unsecured hotspot. I don’t have one of those handy for testing, but I don’t doubt it works.
As with the standalone antivirus, clicking Tools at the bottom of the main window brings up a list of bonus tools. In the antivirus, these are USB Vaccination, Windows Temp Cleaner, Internet Temp Cleaner, and Virtual Keyboard. I didn’t see much point in the two cleaners, but the virtual keyboard can foil keyloggers, and vaccinating your USB drives prevents USB-proliferating malware from infecting them.
Naturally, the suite gives you all these and more. Do note that you must click the arrow at right to see them all. You can use Secure Delete to wipe out sensitive files so thoroughly that even forensic software can’t recover them. This can be handy to, for example, wipe out the plaintext originals of documents that you have encrypted. There’s no handy right-click menu option for files, nor the ability to drag and drop items for deletion, just buttons to add items to the list. With your items in place, you check the box for Quick Mode if desired and click Delete. The program doesn’t specify, but I imagine it overwrites file data once in Quick Mode, more than once otherwise.
As noted, I didn’t see much use to the temp cleaner tools. Nor do I see a real point to Disk Optimization, given that Windows 10 performs defragmentation in the background and includes its own tool if you want to invoke a thorough (and lengthy) defrag operation. Activity History Eraser is a grand name for a tool that wipes out most recently used lists and other traces of your activity. IE History Cleaner does what you could do by pressing Ctrl+Shift+Del in Internet Explorer.
That leaves Computer TuneUp as the remaining new tool. This one promises to increase your computer’s performance and speed. When you launch it, it reports itself tuning up memory, CPU, browser, and graphics settings, and then requests a restart.
Of all these tools, USB Vaccination, Virtual Keyboard, and Secure Delete are the most useful ones. The rest could be combined into a singular tune-up and privacy tool, perhaps one that more visibly demonstrates its worth.
No Drag on Performance
Consumers just won’t accept a security solution that slows everyday operations or makes their cat videos lag. If security causes a problem, it’s likely to get turned off. Security companies recognize this and do their best to work without causing any performance problems. I still run a few simple tests to verify which products put a little drag on performance and which show none at all.
My tests measure boot time, the time to run a lengthy script that copies and pastes files across drives, and the time to run another script that zips and unzips that same collection of files repeatedly. I run the tests multiple times, discard the highest and lowest values, and average the results. Then I install the suite and repeat the process. Comparing the results lets me see how much, if at all, the suite slowed things down.
All three of my tests ran faster after installation of K7 Total Security. That’s unusual enough that I uninstalled the app and ran the whole test again, with unchanged results. In this situation, I score the result as zero, meaning no performance drag. K7 joins ESET Internet Security and Webroot in the elite group of products that earned the best score in all three tests.
Uneven Components, High Price
Web Protection in K7 Total Security did a great job fending off malicious URLs, but flopped against phishing frauds. It gets good marks from the antivirus labs, so-so marks in our own testing. Its spam filter and firewall are average, but parental control isn’t much use, and many of the bonus tools don’t do much. To top it off, a five-license subscription costs substantially more than one for Norton 360 Deluxe, which gives you consistently effective components, a no-limits VPN, and 50GB of hosted storage for your online backups. Norton is an Editors’ Choice for cross-platform multi-device suite.
Bitdefender Total Security charges $10 less than K7 for a five-pack, and includes a wealth of security features that’s hard to beat. It’s our Editors’ Choice for entry-level security suite.
K7 Total Security Specs
Best Security Suite Picks