K7 Ultimate Security Gold 15


Installation of this product is quick and easy. Once you've updated its antivirus definitions, you're ready to go. The main screen features a border with a brushed-metal look and some simple statistics, including the time of the last antivirus update and the version number for the virus definitions. The spot that displays how much longer your license lasts in other K7 products simply says "Gold Edition."

Shared Antivirus
With one small exception, antivirus protection in this product is precisely the same as what you get from K7 Antivirus Plus 15. Please read that review for full details; I'll simply summarize here.

Only two of the five independent labs that I follow include K7 in their testing. In the RAP (Reactive And Proactive) test by Virus Bulletin, K7 scored 83.15 percent, a middling score. TrustPort Total Protection 2015 scored best in that test, rating 95.95 percent. AV-Test Institute awarded K7 6.0 points for protection, 5.0 for performance, and 4.5 for usability. Bitdefender Total Security 2016 took 6.0 points (the maximum) in all three categories.

In my own hands-on testing, K7 detected 97 percent of my malware samples, either on sight or after they launched. Emsisoft Anti-Malware 11.0 also detected 97 percent, and earned 9.4 of 10 possible points. K7's lower score of 9.0 reflects the fact that some detected malware samples managed to plant executable files on the test system. Webroot SecureAnywhere Internet Security Complete (2016) scored best in this test, with 100 percent detection and a perfect 10 points.

K7 does include specific protection against ransomware, but my ransomware samples got wiped out on sight by the real-time antivirus scanner. My company contact encouraged me to turn off all other protection and try the ransomware samples. Indeed, K7 detected one and flagged it as Generic Ransomware. The other didn't take any action, and hence wasn't detected.

K7's standalone antivirus doesn't include the Safe Surf component found in the suite. This component blocks the browser from accessing known malware-hosting URLs. In my malicious URL blocking test, the antivirus did manage to wipe out 59 percent of the 100 samples during or immediately after download. The suite did much better, blocking 86 percent of the samples, most of them at the URL level. Avira Antivirus Pro 2016 holds the best score in this test, a near-perfect 99 percent. With 91 percent protection, McAfee LiveSafe (2016) and Symantec Norton Security Premium came in second.

The suite naturally includes all bonus features that come with the standalone antivirus. Perhaps the most interesting of these is Device Access Control, which lets you put limits on the use of USB, CD/DVD, and diskette drives. K7 can also vaccinate drives, making them impenetrable to autorun malware. In addition to the faster-than-usual malware scan, K7 can scan for vulnerable apps, dangerous system changes, and tracking cookies.

Using K7's virtual keyboard, you can enter passwords with no risk of having them captured by a keylogger. Bonus features also include simple cleanup tools for Windows and Internet temporary files.

Poor Phishing Protection
The same Safe Surf feature that keeps you safe from malware-hosting websites also serves to steer you away from phishing sites, fraudulent sites that attempt to steal your login credentials for PayPal, eBay, your bank, even online gaming sites.

Phishing sites are ephemeral; as soon as the scammers have made a haul they take down the site and set up another. That being the case, I use the newest phishing URLs I can find, for the most part sites that have been reported as fraudulent but not yet verified and blacklisted. The products that protect best against phishing perform real-time analysis to catch these very new fraudsters. By observation, K7 doesn't do this.

I launch each of my collected URLs in five browsers. One, naturally, is protected by the product under testing. One has Symantec Norton Security Premium, a longtime antiphishing champion. The other three simply rely on the phishing protection built into Chrome, Firefox, and Internet Explorer.

K7's performance was poor, even worse than when I tested its previous version in 2014. Its detection rate lagged a full 64 percentage points behind Norton's, and 63 points behind Chrome's. It did manage to outperform Firefox, which apparently was having a bad day, but Internet Explorer beat it by 40 percentage points. If you do choose K7, don't turn off your browser's phishing protection.

Simple Firewall
Modern Windows versions have a firewall built in, one that handles protection against attack from outside, but that doesn't include control over Internet and network access by programs running on your system. K7's firewall proved effective at putting all of the system's ports in stealth mode and resisting outside attacks. That's good, but that's just doing what Windows Firewall already does.

K7 also includes simple application control, the kind that flags any attempt by an unknown program to connect with the network or Internet and asks you, the user, to make a decision. Allow this connection, or block it? Once, or always? Users tend to find these popups annoying. Advanced firewalls like those found in Norton and Kaspersky Internet Security (2016) automatically configure permissions for known good programs, vaporize known bad programs, and monitor unknowns, taking action if the unknown turns out to be malicious. That's a better solution than relying on the user for essential security decisions.

K7 minimizes popups by running in a kind of training mode for its first week. In this mode, when it detects a connection attempt it both allows it and makes a rule to continue allowing it. Of course, if a program takes out your Internet connection during that first week, you're in trouble. For testing, I took K7 out of training mode and ran a tiny browser that I wrote myself. It correctly detected the browser's access attempt and asked for guidance.

This kind of program control only works if the firewall detects the connection attempt, so some malicious programs try to connect by manipulating or masquerading as trusted programs. Leak test utilities emulate these sneaky techniques without actually doing anything bad. Most utilities in my leak test collection have fallen by the wayside, failing to function in modern version of Windows. K7 did block one of the few that remain.

Software isn't perfect. Attackers constantly find flaws in Windows and in popular applications, flaws that give them entry to your system. Microsoft and other vendors ideally issue security updates to patch those flaws, but until the patch comes out you're vulnerable to exploit attack. The best firewalls defend against these exploits even if your system isn't fully patched.

To test this protection, I hit the test system with about 30 exploits generated by the CORE Impact penetration tool. Some products block these attacks at the network level; Norton blocked every single one in testing. For others, the antivirus component wipes out the exploit payload. As for K7, it blocked nothing at the network level and wiped out just one exploit payload.

On the plus side, I couldn't find any way that a malware coder could disable firewall protection programmatically. It doesn't expose anything significant in the Registry. My attempt to kill its seven processes all resulted in "Access denied," as did my attempts to disable its seven Windows services. All in all, this is an average, workmanlike firewall.

Disappointing Antispam
K7's antispam component filters incoming POP3 email; it won't help if you use webmail, Exchange, or IMAP. For those using Outlook or Outlook express, it adds a toolbar and diverts spam messages into their own folder. If you use a different email client, you'll have to create a message rule to sort out the spam.

The spam filter is highly configurable. By default, it automatically whitelists addresses to which you send mail, with an option to import your Address book. You can also set it to block specific addresses or entire domains, either by entering them manually or by using the toolbar buttons. As an extreme measure, you can set it to block mail from any address not on the whitelist.

By default, its online spam analyzer is enabled, and its spam analysis engine is set to toss any message whose "spaminess" score is 50 percent or higher. A separate Bayesian learning filter is disabled by default. Its security settings block any executable attachments or ZIP file attachments containing executables, and also block messages containing dangerous links. You can turn off those three settings, or add blocking of messages containing other types of objects. Finally, you can hand-craft custom filters to fine-tune which messages are marked as spam or as valid.

And…most users will ignore these settings, just sticking with the default values. That's what I always do for antispam testing, and the results were quite disappointing.

For this test, I download thousands of messages from a real-world email account that gets both spam and valid mail. I discard any messages more than 30 days old and sort the remainder into valid personal mail, valid bulk mail (newsletters and such), and undeniable spam. Anything that doesn't clearly match one of those three categories gets tossed.

Having to delete spam from your Inbox isn't great, but missing an important deal because the spam filter trashed a valid message is really bad. K7 misfiled 2.1 percent of valid messages in the spam folder, which is pretty bad given that almost half the competing suites tossed less than 0.2 percent of valid mail. Quite a few of those suites didn't misfile a single valid message.

As for actually filtering out spam, K7 fell down there as well. Over half of the undeniable spam messages made their way into the Inbox, quite a bit worse than when I reviewed the previous edition. Fiddling with the configuration might have improved its accuracy, but competing products perform vastly better with their out-of-box settings.

Slightly Improved Parental Control
When I reviewed this suite's previous edition, I dismissed the parental control system as useless. The content filter only had the ability to block websites from a list created by parents, and was easily disabled by using a secure anonymizing proxy. The time-scheduling component was awkward to configure, and kids could thumb their noses at it by changing the system time. And all a kid needed to do if K7 blocked use of a specific application was to create a renamed copy. There's been some improvement since then, but it's still not great.

The content filter now includes the ability to block access to sites matching more than 60 distinct categories, arranged in seven groups. The Adult group alone contains 15 categories. However, K7 doesn't offer to pre-configure the category selection based on the child's age the way Kaspersky, Trend Micro Maximum Security 2016, and a few others do. You, the parent, must peruse the list and check off all the categories you want blocked. It does now have the ability to prevent an end run by a secure anonymizing proxy site, but only if you open the Internet Security group and check the Anonymizer category for blocking.

In testing, I found that the content filter did correctly block unwanted sites, displaying a warning screen much like what comes up for a malicious or phishing website. When it blocked a secure (HTTPS) website, it couldn't insert that warning screen, so the browser just displayed an error message.

Configuring the Internet time scheduler remains awkward. Instead of the full-week grid used by F-Secure Internet Security 2016, Bitdefender, and quite a few others, K7 makes you create one or more schedule entries, specifying start and stop times and checking off the days of the week for which the entry applies. As before, changing the system time defeats this feature.

On the positive site, application control is now stronger. I set it to block use of the Calculator application, and verified that it did so. When I made a renamed copy of the file with a nonsense name, K7 still blocked it. Note that the list of blocked apps is global; you can't block a teen-rated game just for your kindergartner.

The parental control system has a number of other minor features. It can block ads from specific servers, for one. Parents with too much time on their hands can list websites and check off whether Cookies, ActiveX controls, or Java apps are allowed on each site. And you can set it to block transmission of private information (defined in the Privacy Service module) to sites not on the trusted list. But that's about it. It's better than before, but if you actually need parental control you should consider a standalone parental control utility like Symantec Norton Family Premier or ContentWatch Net Nanny 7.

See How We Test Security Software

Local-Only Backup
Built-in backup is a popular feature for large security suites. Norton and Webroot both give you 25GB of hosted online backup. Other vendors included branded versions of well-regarded online backup systems. Not K7. You can back up to local hard drives or to CD/DVD drives; that's all.

It comes configures to back up common file types in your My Documents folder. You can edit the backup locations and file types, or add more backup jobs. If you've chosen a local drive for backup, you can set it to back up automatically every few hours, or configure a daily, weekly, or monthly schedule. Scheduling isn't available for backup to shiny media, since you need to be there feeding in the discs.

You shouldn't have any difficulty backing up and restoring files with K7, but local backup only makes sense if your backups land on a different hard drive (not a different partition) than the originals. I'd suggest that instead you choose from the best online backup services.

Bonus Tools
K7's standalone antivirus includes four tools; a virtual keyboard, a USB vaccination utility, and simple cleanup tools for Windows and Internet temporary files. In the full suite, you get quite a few more tools. When you look at the Tools page, be sure to click the arrow at the right-hand side to reveal additional tools. They all have their uses, but most are pretty lightweight.

The Registry Cleaner quickly scans for useless and erroneous Registry entries and lets you review its findings before deleting them. The Browser Cleaner lists all the extensions, toolbars, and such that may be cluttering up your browsers and helps remove those you don't want. I did find that using it triggered a warning from System Monitor, and that it didn't actually remove the Java plug-ins.

Launch Secure Delete to permanently erase sensitive files, beyond the possibility of forensic recovery. Note that you must browse to the file or folders you want to delete. There's no handy drag/drop, nor a right-click menu choice. The number of overwrites before deletion isn't specified, but choosing Quick Mode reduces that number. IE History Cleaner does just what it says, and Activity History Eraser wipes out lists of recently used files. There's also a Disk Optimization tool, redundant in modern versions of Windows, which perform defragmentation in the background.

Minimal Performance Hit
I've mentioned a number of areas in which K7 doesn't really excel. It let a lot of spam into the Inbox, it didn't do well detecting phishing websites, and its parental control, while improved, still doesn't cut the mustard. It would really be adding insult to injury if the suite also put a performance drag on your system. Fortunately, that's not the case.

My boot time test watches CPU usage after a reboot, waiting for 10 seconds in a row with no more than 5 percent CPU usage. At that point, I call the system ready. Subtracting the start time for the boot process yields a measurement of how long it took to boot up. Averaging many runs with no suite installed and many with K7, I found an 8 percent increase in boot time. That's not a lot, and you probably don't reboot your system often. Still, Webroot, McAfee, Kaspersky, and Check Point ZoneAlarm Extreme Security 2016 had no measureable impact on this test.

For a simple measurement of impact on everyday file operations, I time a script that moves and copies a large collection of files of various sizes from one drive to another. Averaging many runs with and without K7 installed, I measured a 12 percent slowdown. That's well below the current average, but Symantec, Webroot, and Avast Internet Security 2016 didn't slow my test systems at all on this test.

Finally, for a different measure of file activity, I time a script that zips and unzips the same collection of files. K7 aced this one, with no measurable impact. With an average of 6 percent slowdown for the three tests, it beats all recent products except Webroot and Avast.

Broad, Not Deep
K7 Ultimate Security Gold 15 includes a wide array of features, and its lifetime price is unusual in a world of yearly subscriptions. Its antivirus did better in testing than the previous edition did. But it proved woefully inaccurate in our antispam and antiphishing tests. Where many competitors offer online backup, K7 is local only. And while it does offer a lot of bonus tools, many seem underpowered.

If a mega-suite with tons of features is what you want, look to Bitdefender Total Security. For a full-featured basic suite, consider Bitdefender Internet Security or Kaspersky Internet Security. If what you really need is protection for a lot of devices, on multiple platforms, Symantec Norton Security Premium covers ten devices while McAfee LiveSafe doesn't impose any limits. All of these products are Editors' Choice winners in their respective areas.

Note: These sub-ratings contribute to a product's overall star rating, as do other factors, including ease of use in real-world testing, bonus features, and overall integration of features.
Parental Control:

0 Comment

Leave a Reply

Captcha image