It happened a long time ago, when I did not believe in the powers of the devil mind. I once in tension of my project completion, touched the power switch of my PC and heard the characteristics clatter and hum of the hard disk, the lights on my keyboard flashed, the led against my floppy drive blinked and then Phut! Everything was dark and silent...my PC screen hanged.
I called in the PC vendor, who checked everything and said that the system failed to boot and the hard disk needs to be replaced. I panicked; my data was ’’lost’’. ’’Is it possible that it be retrieved?’’ I asked. ’’No’’, he replied back. Extremely angry at the turn of events and with my project submission date nearing, I asked him the last question, ’’Why did it happen?’’. He said in deep growling voice, ’’VIRUS ATTACK’’.
That was my first encounter with a digital virus. I always was intrigued by this virus and had heard a lot of the Pakistani brothers, Joshi angry about his spoilt birthday etc, cause these were famous ones at the time (legendary) and then of course Die Hard and One-Half hogged the limelight. I often wondered what these codes are and what happens...........till I was the victim, of course. Ever since I hate these viruses and their makers and resolved to fight them back. I fought the great battle with PCCillin, Dr. Solomon, InoculateIt etc. With Windows 95 came the compatibility problem and the first Win95 compatible Anti-virus I found was McFee (came with windows), but often found the .exe files (including the McFee one) affected. Panda was what appealed to me at that time and it was free. Then I heard of Norton Anti-virus. The only other talked about product was NDD, which I was thoroughly impressed by. So I tried Norton Anti-virus.
Things have changed significantly ever since. With the Internet and e-mails and great programming languages, scripts and these new technologies, we have the modern trojans, worms that cause massive destruction and spreads around the globe in hours. The latest ones being Mellisa, Sircam, Nimda, Gigger. There is only one thing that hasn’t changed - Norton Anti-Virus (except updates and upgrades).
===========================
Norton AntiVirus 2002 by Symantec:
===========================
The installation:
This is the latest offering that is same as 2001 barring the support for Windows XP. The installation was smooth and I continued with the preset choices. The important aspect is the creation of rescue disks, which is often ignored but shouldn’t. It took me 5 floppies. (The rescue disks should also be updated once a month). If the PC doesn’t boot, these floppies come to our rescue, hence the name. The program also necessitates restarting. The program scans memory and drives for viruses, before installation. Another good aspect is that NV2002 configures itself for email clients like Netscape Messenger, MS Outlook, Outlook Express, Eudora Light and Pro, Pegasus etc.
Live Update:
I preferred to mention this as the first feature primarily because it’s very important. The key to more secure connection is to have the latest virus definitions. This feature automatically connects to the net and downloads and installs the latest updates, but I prefer the other setting that requires me to make a decision after it prompts for an update. Symantec is definitely ’one up’ on this. I updated definitions on Dec 13, 19, 27 and Jan 16. Imagine the frequency of updates and the pains taken by these guys. But I found that they are generally fast. The updates for 1 year are free
Auto Protect:
NV2002 stays in task bar and runs and catches up with malicious codes as they start executing. Unbelievable! I wasn’t aware that my office PC had W32.Sircam.worm@mm virus (didn’t update for long time). It was only after I happened to read about it, download the FixSirc.com file from Symantec and run it, it erased 3 files and 3 registry entries that were infected by Sircam. Now with all the latest updates, one fine day, I found Alert messages popping up saying that D:\recycled\Sirc32.exe detected.
As another example, I inserted a floppy disk and from explorer just selected a word document by down arrow key (did not open it), and popped the virus alert saying that word file was infected by some Ethan and Laroux.ku macro viruses. Amazing!
It even popped a virus alert when I was downloading an attached file in Outlook sent by a colleague.
The flip side is that it slows the normal operations marginally.
Smart Scanning:
Often I wonder what techniques are used to scan a file from 58000+ viruses at a blazing speed. Try running NV2002 scan and watch the figure indicating the number of files scanned go up. Smart scan determines what files contain executable code, and then scan only those files for malicious codes or viruses.
Even scans individual files/folders: I wanted to scan only a particular folder say ’’My Documents’’ particular because it has all my word and excel files and is the most vulnerable. But most anti-virus wouldn’t allow such a thing. In some it was possible to go to Windows Explorer and right click a file/folder and then run scan. But NV2002 allows it from explorer as well as from within its program.
Things NV2002 does:
a) Eliminate viruses and repair files
b) Checks the memory for infection at startup
c) Checks for viruses when a file is being selected, opened or executed, copied from or to floppy disks.
d) Checks for virus in email attachments
e) Runs a scheduled scan (entire PC) including compressed files
f) Provides protection from Internet-borne viruses as the files are being downloaded.
Quarantine:
Does just what it means. If NV2002 fails to repair an infected file, it isolates the file from rest of system and hence confines the virus. Then the users are left to decide what to do. User can get the virus definitions updated and then attempt repair, or delete the file or submit to SARC (Symantec Anti-Virus Research Center)
Bloodhound:
Most viruses behave in a certain way. It will try to copy code to some boot sector and then hide its size, spread through .exe or .com files or through emails etc. Bloodhound technology keeps watch for changes in these areas and issues warnings. Thus, even if latest anti-virus update is not available, these techniques work well for unknown viruses.
Custom Scan:
A trifle feature but yet thoughtful. You can specify a folder or set of folders and give it a scan name like ’’My Important Folders’’. It will appear in the list on main screen. Click on it and run scan and NV2002 will scan only those folders specified.
Interface:
Very clean and easy to understand. It has a menu like buttons on left like ’’System Status’’, ’’Scan’’, ’’Reports’’ and a frame on right that houses relevant links, buttons, messages.
Flip-side:
1) Is more suited for higher end PCs with 64 MB RAM and above and having Win ME, 2000 and even XP.
2) I once got virus alert and when I tried to repair it, it couldn’t. So as next option it quarantined the virus. I then submitted the file to SARC, only to get a reply that the virus is already present in their list and they have a solution, so no more query about that virus will be entertained.
3) Occasionally, the live update program terminates automatically and says ’Cannot update’
4) Fails to repair infected files within another compressed file (like zip)
Overall: A must buy product unless you have NV2001, to protect from this world full of trojan horses and worms.