K7 Antivirus Plus 11.0

The security center window for K7 Antivirus Plus combines a simple list of components and their status with a swooping flame-inspired background. From this window you can disable any of the components or link to a configuration page.

On all but two of my malware-infested test systems K7 detected active malware as soon as its installation was complete and requested a reboot for full cleaning.

From the Tasks panel you can launch a variety of scans, set up a scanning schedule, manually check for updates, and more.

By default K7's malware scanner doesn't try to clean up non-executable files and Registry entries. For testing, I checked the two boxes that enable scanning for "unwanted files" and "unwanted Registry entries".

When the antivirus scan finds non-executable traces it labels them as "riskware" and leaves them alone. To complete the cleanup process you must select these traces and click Clean (not Delete, not Quarantine).

Where the complete scan looks for known rookits (and other threats), the rootkit scan looks for rootkit behavior regardless of the source. Because it's an invasive scan K7 warns the user to close active applications and leave the system alone during the scan.

Eight of my test systems include one or more rootkit threats. The standalone rootkit scan found rootkit activity after the complete scan on just one of those eight.

When multiple real-time protection alerts occur in a short time, K7 stacks them up in a single warning box with arrow buttons to flip through the stack. Here it has just finished wiping out most of a folder full of malware samples.

By default the real-time protection module checks all files and detects spyware and adware as well as high-risk threats. The user can optionally choose not to detect specific low-risk categories.

When I tried to download my set of malware samples K7 blocked just under half of them as soon as the download finished.

The system monitor component pops up a warning on any attempt to change specific sensitive system areas. The user can choose to block or allow the attempt, or to always block this specific program.

By default K7 scans incoming e-mail for viruses, with an option to also scan outgoing mail. Its optional worm blocking feature watches for odd e-mail behavior that suggests the activity of an e-mail worm.

The unusual device access feature lets the user take control of how USB ports, Floppy disk drives, and CD/DVD drives can be used. Options include disabling the device, preventing execution of files from the device, and automatically scanning media on insertion.

By default K7 offers to scan any USB drive that you insert. You can turn off this behavior or set it to scan without even asking.

The tools tab offers access to several small security-related tools: USB vaccination, cleanup of Windows and Internet temporary files, and a virtual keyboard for entering sensitive data.

K7's vulnerability scan will identify system components that are vulnerable to being exploited. Clicking on Clean brings up a page with advice on getting the proper update to fix the selected vulnerability.