Image 1 of 27
Norton AntiVirus 2009 With Antispyware
Norton AntiVirus 2009 With Antispyware ships in the familiar yellow-and-red Norton packaging.nnThe newest edition simplifies what’s becoming a more complicated process. Norton’s newest antivirus software provides effective antivirus, antispyware, antirootkit and browser and intrusion protection, all without overly cannibalizing system capacity.nnExperience shows just how well it works. On those occasions when I’ve attempted a hurried fix and connected a client system to my main network (instead of my test network), the Norton antivirus engine on my main production system has done its job.nnOn several occasions it caught and contained threats, including a heinous W32 virus that jumped from a client’s PC to my thumbdrive (prompting me to only use CDs, now, when troubleshooting client systems). Further, Norton AntiVirus has effectively spotted compromising utilities within a special disk partition I maintain for my own network discovery, wireless probing and password recovery utilities.
Main Norton AntiVirus 2009 Console
Norton engineers have simplified the program’s main administrative console. Simple on/off (green/red) coded keys indicate whether antivirus, antispyware and advanced protection features are active.nnWhile possessing deep customization capabilities (all accessible from this console), the software, out-of-the-box, is easy to load and operate. That’s critical, especially for less technical users whose systems often become compromised using less effective security software and then feed botnets that work to infect countless others.
Configuring Computer Settings
Users or technology professionals wishing to fine-tune Norton’s program can do so by clicking the Settings link found on the main console. Doing so opens this control panel from which settings can be configured for the antivirus, Internet, home network and other miscellaneous elements.nnHere you can see some of the default settings aimed at assisting users in protecting their PCs, from enabling removable media (thumbdrive) scans, performing idle time scans week, scanning for rootkits and other stealth items and more.
As an IT consultant, I regularly complete service calls in which spyware infections prove more invasive and confounding than virus infections. Here you can see a wide list of problematic spyware risks Norton’s automatically blocks.
Performing A System Scan
As mentioned earlier, when you instruct Norton to perform a scan (by clicking the Scan Now link found on the main console screen), this menu appears. Three options are presented: a Quick Scan of critical system files and commonly infected directories, a FulL System Scan and a Custom Scan.
Setting Scan Exclusions
Scan exclusions are easily set. In the event a system hosts sensitive or proprietary files that should not be scanned by antivirus programs, those program directories can be excluded both from regularly scheduled scans and from the product’s auto-protect feature by clicking the respective Add button and selecting the appropriate directories to exclude.nnHere you can see my workstation is set to exclude the Programs and Utilities directory. Due to my need to frequently crack customers’ lost passwords, hack network settings and discover wireless keys, I park such files in a specific directory. I then exclude that directory from scans in order to prevent those files and programs from being cleaned by Norton’s detection and removal engines.
Signature exclusions, accessed by clicking the Configure link found within the Computer Settings window, permits excluding specific threat signatures from Norton’s antimalware scans. Here you can see two specific cracking utilities I’ve excluded.
Web browser protection, e-mail and instant messenger scans and intrusion prevention features are all configured from the Internet Settings menu, seen here.
This window appears when you click the e-mail Configure link found within the Internet Settings control panel.nnBy default, both incoming and outgoing e-mail messages are scanned by Norton’s antivirus engine. Additional advanced features, such as automatic removal of suspected worms and System Tray activity notifications, are enabled/disabled by selecting their respective icons.
Instant Messenger Scan
Instant messenging scans are also easily configured. Just select the appropriate checkbox for whichever IM tool you use. Coverage is provided for users of the Yahoo, AOL, MSN and Trillian networks. Additional new IM support can be found by clicking the provided link.
Intrusion Exclusions are also set from within the Internet Settings console. Clearing a checkbox for a respective item (such as may be needed to enable communication with an online free PC gaming site) enables that potential risk to pass through Norton’s protective filters.
Intrusion AutoBlock is a feature within Norton AntiVirus 2009 that enables the PC, when under attack from other systems, to simply block traffic from those systems for a set period of time (in this case 30 minutes).nnThe AutoBlock feature works dynamically, meaning Norton AntiVirus makes its own decisions as to when other systems are attacking (and automatically blocks those systems). Should a user need to manually clear any AutoBlock’ed systems, they can do so using the provided section at the bottom of this (Intrusion AutoBlock) window. From this window users can also set the port used by the Home Network feature and purge any stored network mapping information.
Home Network Settings
From within the Home Network Settings window (reached by clicking the Settings link found on the main Norton console), users can specify whether the Welcome Screen should appear during startup.
Norton Community Watch (infection reporting tools), tamper protection, CPU usage display and other features are enabled/disabled using the Miscellaneous Settings window, shown here.
Network Proxy Settings
Network proxy settings are also configured from within the Miscellaneous Settings control panel. Clicking the Configure link found next to the Network Proxy Settings section displays this window.nnHere’s where users and techs must enter any proxy server information Norton’s update engine would require to access the Internet.
Network Security Overview
Clicking the View Home Network link, found on Norton’s main console screen, displays this window. From here users can view Wireless Security, Remote Monitoring and Network Map displays.
Users can easily perform scans by clicking the Scan Now link found on the main console page. When users or technicians elect to perform a custom scan (reached by clicking Scan Now and selecting Custom Scan), this window appears. From here, scans can be tailored to specific folders, files, drives or the entire system.
Scan Progress Window
While the security software performs a scan, its progress is displayed in this window. Norton lists the number of files scanned, as well as the number of risks detected and resolved.nnMore information for any risks requiring further action are listed on the Attention Required tab, while complete information for a listed risk is found on the Detailed Results tab.
Histories And Logging
Norton AntiVirus 2009 records comprehensive log files with information on detection and removal activities. These logs can be viewed by clicking the History link found within the main console.nnHere you can see the information Norton presents when viewing the recent history log.
Resolved Security Risks
When viewing Resolved Security Risks, Norton lists information associated with each detected risk and the corresponding removal effort.
Double-clicking any event listed within the History logs reveals more information about that risk/removal effort. Should a user or technician require, any risks that have been quarantined can be restored to their original location from this screen. Users need only click the Restore Risk button.nnOr, clicking the Remove From History button removes an event from the application’s history file.
Norton displays this confirmation screen whenever a detected risk is successfully restored. To restore risks, users must click the Restore Risk button shown earlier.
Unresolved Security Risks
Just as recent activity and resolved security risks can be viewed, so too can unresolved security risks be listed independently. Users need only select that option from the Security History’s View drop-down menu, as shown here.
Most every antimalware program enables users to view files that have been placed in quarantine. Norton AntiVirus 2009 is no different. By selecting Quarantine from the Security History View drop-down menu, a complete list of all quarantined items is displayed.
Norton touts its antivirus engine’s low resource usage. Many IT professionals, particularly those familiar with older versions of the software, will scoff.nnBut the proof is here.nnNorton’s resource monitor claims that 9% of the CPU’s capacity is in use (and that Norton’s using no system resources). While Norton’s own resource monitor isn’t perfect, it’s very close. As Microsoft’s Process Explorer reveals, only 7.68% of the CPU’s capacity is in use.
When Norton’s antivirus program is active, the resource monitor continues to track actual usage closely. nnHere there’s little variance between the total CPU usage being reported by Microsoft’s Process Explorer (14.56%) and Norton’s resource monitor (18%).
Interesting to note is Norton’s actual CPU usage. Both Norton’s resource monitor and Microsoft’s Process Explorer reveal Norton AntiVirus 2009 With Antispyware is using 2% or less of the system’s resources.nnFew other antivirus programs come close. Worse, I’ve seen many competing products completely miss active infections or, as was recently the case with one major provider, mark valid critical Windows system files as infected and encourage their removal!nnBased on its long history, improved performance and interface, and proven detection rates, Norton AntiVirus 2009 With Antispyware is the right tool for preventing Windows infections. But don’t take just my word for it. CNET, in its recent review, ranked the product Excellent and notes it “superior” protection technologies, too.