Malware attacks come from all around the globe, as do antivirus defenses against those attacks. K7 Computing, purveyor of K7 AntiVirus Premium, proudly hails from India. The app’s feature set includes firewall protection, a vulnerability scan, special handling for removable drives, and more. However, it lacks the expected protection against phishing and malware-hosting sites. Its best features may be its low price and near-perfect performance against real-world ransomware. Bitdefender Antivirus Plus offers an even broader set of features, though, and the bonuses with Norton AntiVirus Plus include hosted online backup. These two also pull in many excellent scores from the independent labs. If you can pay a little more, go with one of these Editors’ Choice antivirus apps.

How Much Does K7 AntiVirus Cost?

One very common price for a single antivirus license is just below $40. Emsisoft Anti-Malware, ESET, and Trend Micro Antivirus+ Security are among the antivirus apps that cluster around this price. Another cluster includes Bitdefender, Malwarebytes Premium Security, and Webroot SecureAnywhere AntiVirus, with prices that fall in the $45 to $50 range.

G Data Antivirus undercuts both these groups, selling for $29.95 per year. But K7 costs less than any non-free antivirus I’ve seen. A single K7 license runs $15 per year, and even that low price is almost always discounted. You get two K7 licenses for $19, three for $23, and four for $27 per year.

The average price for a five-license antivirus subscription is roughly $70. At $34 for five licenses, K7 costs less than half the average. K7’s consistently low prices have earned it a place of honor in PCMag’s list of our top 100 budget buys.

Lab Test Scores

Researchers at independent testing labs around the world spend their days torture-testing antivirus utilities to identify the best ones. I follow four labs that release public reports regularly. For many years, K7 appeared regularly in reports from AV-Test Institute and AV-Comparatives, with ratings ranging from decent to excellent. In recent years, though, AV-Comparatives hasn’t included K7.

AV-Test rates antiviruses on three criteria: successful protection against malware, small impact on performance, and good usability, meaning few false positives (legitimate apps or sites flagged as malicious). An antivirus can earn six points in each area, for a maximum of 18 points.

K7 took the full six points for protection and performance. A few false positives knocked its usability score down one notch, to 5.5, but with an overall score of 17.5, K7 earned the title Top Product. In the latest test report, all but one of the tested apps received Top Product honors, and most of those scored a perfect 18 points. Among those earning a perfect score were AVG AntiVirus Free, Bitdefender, and F-Secure Anti-Virus.

Reports from AV-Comparatives don’t come with numeric scores. Rather, an app that passes gets a Standard certification. Those that do more than the minimum can earn certification at the Advanced or Advanced+ level. Avast, AVG, and ESET are the only apps with Advanced+ ratings in the latest edition of all three tests. As noted, K7 hasn’t appeared in tests from this lab for the last couple of years.

Each lab uses a different scoring system. I’ve devised an algorithm that maps all the scores onto a scale from 0 to 10 and generates an aggregate lab score for comparison. With just one current score, K7 doesn’t have an aggregate lab score. AVG holds a perfect 10 points, drawing on reports from two labs. Avast’s 9.9-point total is also impressive, as it’s based on scores from all four labs. Tested by three labs each, Bitdefender, ESET, and McAfee AntiVirus all came in at 9.8 points.

Getting Started With K7 AntiVirus

Installation is quick and simple—just click one button to accept the EULA and launch the installation. When it finishes, you must activate the installation, either by entering your serial number or by choosing a 30-day trial. For this review, I relied on the free trial. Once it finishes updating the antivirus definitions, you're ready to go.

The main window displays handy stats in large, easy-to-read panels, including the date and time of the last update, the version of the virus definitions, and the number of days left in your subscription. Links and icons give you access to scans, settings, bonus tools, and more.

(Credit: K7/PCMag)

As you click those links and icons, new pages appear as if sliding in from above or below. On some pages, arrows lead to details or additional features that slide in from left or right. It’s a lively, animated interface, but you’ll want to take a little time to click all the buttons and arrows to make sure you don’t miss anything.

Repeated Full Scans Run Faster With K7

K7 offers the expected full system scan, quick scan, and custom scan, as well as a separate scan that aims to detect rootkits by their behavior. On my standard clean test system, a full scan took 51 minutes, faster by half than the current average of nearly two hours. Like Trend Micro, F-Secure, and a few others, K7 uses that first scan to optimize subsequent scans for speed. A repeat scan with K7 took just three minutes.

(Credit: K7/PCMag)

By default, K7 scans incoming emails for malware. You can optionally set it to scan outgoing mail as well, but I can’t picture how malware could get into an outgoing email without being caught by other layers of real-time protection.

(Credit: K7/PCMag)

From the page of scan choices, you can also create and manage scheduled scans. For example, you might set it to run a complete scan of everything once a month and just scan the Documents folder every day.

Malware Protection Scores

Lab results are great to have, but with or without them, I always perform my own hands-on testing of each program’s malware protection abilities. When I opened the folder containing my current collection of malware samples, K7 started picking them off right away. Within a few minutes, it had eliminated 73% of the samples. That puts K7 ahead of Avast, AVG, and McAfee, which don’t check programs for malware until they execute. K7’s pop-up notifications stack up in a single location, with arrows so you can flip through them if you wish.

I proceeded to launch the remaining samples and record K7’s reaction. It only prevented a few of them from launching, but it jumped in to quash the malware soon after launch in many cases. Even when it detected malware activity, it let quite a few of them install executable files on the test system. K7 detected 87% of the samples and scored 8.4 of 10 possible points. That’s the lowest of any antivirus tested with my current set of malware samples, but better than K7’s own score of 6.9 points during its previous review.

When tested with the same sample collection, UltraAV detected 100% and scored a perfect 10 points. Avast, AVG, and Norton, all of which rely on the same underlying antivirus engine, scored 9.7 points. Webroot also scored 9.7 points. When tested with my previous collection of malware, ZoneAlarm Pro Antivirus + Firewall stands out, with 99% detection and 9.7 points overall.

For a different view of K7's malware combat skills, I launched 100 malware-hosting URLs from a feed generously supplied by London-based lab MRG-Effitas. Where the curated samples in my malware blocking test remain the same for many months, these dangerous URLs are always the very latest, no more than a few days old. In this test, I give equal credit whether the antivirus steers the browser away from the dangerous URL or wipes out the payload during download.

Most antivirus tools include some form of protection against malware-hosting URLs. Typically, they divert the browser to a warning page, so you never access the dangerous URL. K7 is a bit unusual in that malicious URL blocking is reserved for the company’s security suites and is not included with the basic antivirus. Phishing protection is likewise absent.

(Credit: K7/PCMag)

K7 did block 89% of the malicious payloads during or immediately after the download, the same score as Microsoft Defender Antivirus. That’s a big improvement over its 58% score when last tested.

That 89% score puts K7 above the lowest third of current products, but others have done much better. Avast, Bitdefender, Guardio, and Sophos Home Premium blocked 100% of their malware-hosting URL samples. I do note that all the top-scoring programs attacked the problem both by fending off dangerous URLs and detecting malware downloads, while K7 relied only on the latter. Notably, Guardio steered the browser away from 90% of the dangerous URLs.

Ransomware Protection

Since a ransomware attack is so damaging, many antivirus tools build in protection modules with the sole purpose of fending off even a zero-day malware attack. I do my best to challenge this type of protection, to evaluate how effective it would be. I don’t have access to zero-day ransomware, so I simulate the problem by shutting down ordinary real-time protection and just leaving ransomware protection active. This doesn’t always work. With Avira Antivirus Pro, for example, turning off real-time protection turns off the ransomware component too.

K7 doesn’t make turning off standard real-time protection easy, but I found a way. On the settings pages for Sentry and Scanner, I turned off the detection of spyware and adware. Then I set the antivirus to scan only files with specific extensions, disabling all except the extension .386, which doesn’t match any of my samples. And on the System Monitor page, I turned off automatic trust for digitally signed programs, as some of my ransomware samples come with digital signatures.

The fact that I could copy my ransomware samples back to the test system served as validation that real-time protection was disabled. I cut off the virtual machine from the rest of the network and launched the samples one at a time.

Recommended by Our Editors

Bitdefender Antivirus Plus - Review

Kaspersky Anti-Virus - Review

McAfee AntiVirus - Review

Of my dozen-plus real-world ransomware samples, two are the type that encrypt the whole disk, while the rest are the more common file-encrypting type. K7 caught all of them soon after launch, detecting their suspicious activities rather than simply recognizing the file as a known threat.

(Credit: K7/PCMag)

Each file-encrypting ransomware type identifies files it has encrypted using its own standard file extension, RYK for Ryuk, FUN for Jigsaw, EXX for TeslaCrypt, and so on. After each detection, I scanned the test system’s hard drive for encrypted files. Out of all the samples, only one had any degree of success before K7 quashed it. Yes, one of the samples encrypted exactly a single unimportant text file. Given that many competing ransomware systems have allowed encryption of anywhere from dozens to thousands of files before their ransomware-specific detection kicked in, I’d call K7’s performance close enough to perfection.

I’ve run across antivirus utilities whose ransomware protection doesn’t activate early enough in the boot process. Ransomware that launches at system boot can do its dirty deeds and be gone before the antivirus even loads. To check this possibility, I set several of the samples to launch at startup and rebooted the system. K7 handled them all without difficulty.

There’s no question. In terms of handling ransomware based on behavior, with regular antivirus protection layers turned off, K7 is the best I’ve seen.

Firewall Protection

While an antivirus defends your system against attack by malicious processes, a firewall protects the network and network traffic against attack. Most security companies reserve this component for their security suites. K7, like McAfee AntiVirus Plus and a few others, builds in firewall protection at the antivirus level.

(Credit: K7/PCMag)

By default, K7’s firewall treats a new network as public, meaning it applies its most stringent protection. You can reach into the firewall settings and change any network type to Work or Home. This allows you to do things like access printers and other network resources.

The flip side of firewall protection involves preventing local programs from misusing your network or internet connection. Those of a certain age may remember early personal firewalls that bombarded the user with confusing questions about what network activity should be allowed. SlavaUkraini.exe wants to connect to port 8080. Allow or block? Just this time or always?

(Credit: K7/PCMag)

To avoid that annoying pop-up storm, high-end firewalls like those of Norton 360 Deluxe automatically configure permissions for known-good programs and apply extra scrutiny to unknowns. Others simply allow all traffic except unsolicited incoming connections.

K7 takes a different tack. It assumes that, for now, you don’t have any misbehaving programs. For the first week, it notes which programs access the network and creates rules to let them continue that access. Once the week is over, it tightens up, so new access attempts require permission.

(Credit: K7/PCMag)

I tested this feature by manually changing the firewall’s response to prompt when it encounters a new program. When I tried to surf the web with a tiny browser that I wrote myself, it displayed a simple query noting the access attempt and asking me whether to allow or block it. By default, it remembers the response, so you don’t have to respond to the same program again. Because the program control system had already vetted all the browsers and Windows components that accessed the network, I didn’t get the flock of pop-ups plaguing some similar systems.

K7 includes Exploit Protection in its antivirus repertoire and offers Intrusion Detection among its firewall features. To test this layer of protection, I hit the test system with about 30 exploits generated by the CORE Impact penetration tool. K7 didn’t react to any of them, though, since the test system is fully patched, none of the exploits succeeded in penetrating security. About a third of them dropped documents or other files. Some antivirus tools detect exploits based on associated files, but actively running a scan on those documents with K7 didn’t turn up anything. This is precisely the same behavior I observed in my previous review two years ago, though the exploits I use for testing have changed.

The exploit settings page lists all the exploits that K7 aims to block. This list, too, seems unchanged in the last two years. As before, I observed that those with identifying CVE numbers (which include the year) were mostly discovered in 2012, with just a few from 2020. This component seems to be sadly out of date.

(Credit: K7/PCMag)

At least the firewall is properly hardened against code-based attacks. It keeps nothing significant in the Registry, so a malware program couldn’t just set the firewall to OFF. When I tried to kill off its nine processes using Task Manager, I ran into a wall of Access Denied messages. The same happened when I tried to set its five Windows services to start up disabled.

K7’s firewall protection is basic, but it does the job. It protects against web-based attacks and from being shut down by malware. Its system of treating the first week as training for program control avoided the annoying storm of pop-ups that come with some competitors (at the risk of allowing a sneaky program already present on the system). And while it didn’t block exploit intrusions, that feature is not typical for basic firewalls.

Scans for Vulnerabilities and Tracking Cookies

I mentioned earlier that you should explore the entire user interface by clicking all the icons and arrows. You’ll find a collection of bonus features scattered on different pages.

On the main Scan page, you get the expected quick, complete, and custom scans, along with a scan aimed specifically at rootkits. Links let you tweak scan settings and configure scheduled scanning. An arrow at the right almost looks like it belongs to the rootkit scan; it doesn’t. Clicking it reveals several more bonus scan choices.

(Credit: K7/PCMag)

Malware attacks often gain traction by exploiting security holes in Windows or popular apps. The makers of those apps quickly release security patches, but it’s up to you to apply them. K7 includes a scan to find vulnerabilities, which I take to mean missing security patches. The scan finished in a flash, reporting that Firefox needs an update. For testing, I keep Chrome, Firefox, and Opera a version or two behind the latest. I verified that all three need updating; I’m not sure why K7 only found Firefox.

(Credit: K7/PCMag)

The similar feature in McAfee took a bit longer to run, but correctly found missing patches. Avira Free Security even offered to apply the patches it found, and Vipre did the job silently, in the background.

I also clicked to scan for abnormal changes to system settings. This scan finished in an instant. It reported no entries found, no entries scanned, no entries modified, and no entries to be fixed. I’m unsure just what this scan aims to do.

Advertisers use special cookies to track your browsing between different websites that share their ads. K7’s scan for these tracking cookies ran quickly and found nothing to remove. Avast and Bitdefender are among the antivirus tools that get ahead of this problem with an active Do Not Track system that keeps sites from placing such cookies on your system.

Additional Tools in K7

Clicking Tools on the main window brings up another collection of bonus tools, including a pair of simple cleaners for Windows and browser temp files. You can enter passwords using the virtual keyboard to avoid the possibility of capture by a keylogger, even a hardware-based keylogger.

(Credit: K7/PCMag)

Most modern malware propagates via the internet, but some threats still gain entry via an infected USB drive. Just ask the nuclear scientists whose work was destroyed by Stuxnet! Like Panda Dome Essential, K7 offers to vaccinate USB drives so malware can’t use them to spread. It also scans each USB drive you insert for malware.

You’ll have to dig deeper for the next bonus. When you click Settings at the top of the main window, you get access to general settings and those for antivirus and firewall. You also reveal a feature called Device Control. This feature lets you put limits on the use of USB drives, CD/DVD drives, and even floppy disk drives (if you can find one). You can disable any of the three types or lock them with a password. You can also control read, write, and autorun, and configure whether K7 scans inserted media automatically.

(Credit: K7/PCMag)

Note that this is not like the device control feature found in G Data Total Security and a few others. Full-scale device control lets you disable the use of USB drives in general but permits access for specific preapproved devices. K7 doesn’t operate on a per-device basis. Even so, you can help your device's security by disabling file execution from all three types of removable media.