Norton AntiVirus

Norton AntiVirus
Developer(s) Symantec Corporation
Initial release 1991 (1991)
Stable release

Windows:

2014 21.1.0.18 (March 27, 2014 (2014-03-27)) [±]
Operating system Microsoft Windows (Windows XP and later), Mac OS X, Linux
Type Antivirus
License Commercial proprietary software
Website symantec.com/norton/antivirus us.norton.com

Norton AntiVirus was an anti-malware software developed and distributed by Symantec Corporation. It was developed between 1991 and 2014. It used signatures and heuristics to identify viruses. Other features included in it were e-mail spam filtering and phishing protection.

Symantec distributed the product as a download, a box copy, and as OEM software. Norton AntiVirus and Norton Internet Security, a related product, held a 61% US retail market share for security suites as of the first half of 2007. Competitors, in terms of market share in this study, include antivirus products from CA, Trend Micro, and Kaspersky Lab.[1]

Norton AntiVirus was running on Microsoft Windows and Mac OS X. Windows 7 support was in development for versions 2006 through 2008. Version 2009 has Windows 7 supported update already. Versions 2010, 2011, and 2012 all natively support Windows 7, without needing an update. Version 12 is the only version fully compatible with Mac OS X Lion. With the 2015 series of products, Symantec made changes in its portfolio and discontinued Norton AntiVirus.[2]

Origins

In May 1989, Symantec launched Symantec Antivirus for the Macintosh (SAM).[3] SAM 2.0, released March 1990, incorporated technology allowing users to easily update SAM to intercept and eliminate new viruses, including many that didn't exist at the time of the program's release.[4]

In August 1990 Symantec acquired Peter Norton Computing from Peter Norton.[5] Norton and his company developed various DOS utilities including the Norton Utilities, which did not include antivirus features. Symantec continued the development of acquired technologies. The technologies are marketed under the name of "Norton", with the tagline "from Symantec". Norton's crossed-arm pose, a registered U.S. trademark, was traditionally featured on Norton product packaging.[6] However, his pose was later moved to the spine of the packaging, and eventually dropped altogether.[7]

By early 1991, U.S. computers were invaded by hundreds of foreign virus strains and corporate PC infection was becoming a serious problem. Symantec's Norton Group launched Norton AntiVirus 1.0 (NAV) for PC and compatible computers.[8] Ads for the product, with suggested retail $129, featured Norton in his crossed-arm pose, wearing a pink shirt and surgical mask covering his nose and mouth.

With the 1998 version 5.0 update, SAM was renamed Norton AntiVirus (NAV) for Macintosh.[9]

Windows edition

Product activation was introduced in Norton AntiVirus 2004, addressing the estimated 3.6 million counterfeit Norton products sold. An alphanumeric code is generated to identify a computer's configuration, which ties in with the product key. Users are allowed to activate their product five times with the same product key.[10] Spyware and adware detection and removal was introduced to the 2005 version, with the tagline "Antispyware Edition".[11] The tagline was dropped in later releases. However, Norton AntiVirus 2009 Classic does not include spyware or adware detection. The Classic edition is marketed alongside Norton AntiVirus 2009, which does include spyware and adware detection.

Existing users of the 2006, 2007, 2008, and 2009 versions can upgrade to the latest 2010 version without buying a new subscription. Upgrading will preserve the number of days left on a user's subscription.[12]

Version 2006 (13.0)

The redesigned main graphical user interface aggregates information in a central user interface.[13] CNET reports the Norton Protection Center, while useful, attempts to advertise additional products. To further facilitate detection of zero-day malware, Bloodhound disassembles a variety of programming languages, and scans code for malicious instructions using predefined algorithms.[14] Internet Explorer homepage hijacking protection was introduced in this release as well; however notably missing is search engine hijacking protection. CNET highlighted Norton AntiVirus 2006's noticeable impact on system performance.[13]

Operating system requirements call for Windows 2000 Service Pack 3 or Windows XP. 150 MB of free space and a 300 MHz processor is required under either operating system. 128 MB of RAM is required under Windows 2000, while 256 MB is required in Windows XP.[13]

Version 2007 (14.0)

Norton AntiVirus was released on September 12, 2006.[15] Symantec revised Norton AntiVirus with the goal of reducing high system resource utilization.[16] Windows Vista compatibility was introduced in this release as well. Despite having about 80% of the code rewritten, CNET reports mixed results in performance testing.[16]

Windows 2000 compatibility was dropped from this release. Compatibility with 32-bit versions of Windows Vista was added to this release with a patch from Symantec. Hardware requirements under Vista call for 150 MB free space, an 800 MHz processor and 512 MB RAM. Requirements under Windows XP similarly call for 150 MB free space, a 300 MHz processor, and 256 MB of RAM.

Version 2008 (15.0)

Norton AntiVirus 2008 was released on August 28, 2007. Emphasizing malware prevention, new features include SONAR, which looks for suspicious application behavior. This release adds real-time exploit protection, preventing attackers from leveraging common browser and application vulnerabilities.[17][18]

When installed in 32-bit versions of Windows XP Service Pack 2, 300 MB of free space, a 300 MHz processor, and 256 MB of RAM is required. When installed in 32-bit and 64-bit versions of Windows Vista, 300 MB of free space, an 800 MHz processor, and 256 MB of RAM is needed.

Version 2009 (16.0)

The main user interface of Norton AntiVirus 2009

Norton AntiVirus 2009 was released on September 8, 2008. Addressing performance issues, over 300 changes were made, with a "zero-impact" goal.[19][20] Benchmarking conducted by Passmark Software PTY LTD highlights its 47-second install time, 32 second scan time, and 5 MB memory utilization. It should be noted Symantec funded the benchmark test and provided some scripts used to benchmark each participating antivirus software.[21]

The security status and settings are now displayed in a single main interface. A CPU usage monitor displays the total CPU utilization and Norton's CPU usage in the main interface. Other features include Norton Insight, a whitelisting technology which cuts scanning times by mapping known safe files using information from an online database.[22] To address malware response times, updates are delivered updates 5 to 15 minutes. However, such updates are not tested by Symantec, and may cause false positives, or incorrectly identify files as malicious. The exploit scanner found in the 2007 and 2008 versions was dropped from this release.

When installed in 32-bit versions of Windows XP Service Pack 2, 150 MB of free space, a 300 MHz processor, and 256 MB of RAM is required. When installed in 32-bit or 64-bit versions of Windows Vista, 150 MB of free space, an 800 MHz processor, and 512 MB of RAM is required.

Two variations on Norton AntiVirus 2009 are also marketed by Symantec. The Gaming edition provides finer control over when Norton downloads updates and allows components of the suite to be disabled either manually or automatically when the computer enters full-screen mode. The Classic edition cannot find or remove adware and spyware.

Version 2010 (17.0)

The main GUI of Norton AntiVirus 2010

Version 17.0 was released on September 9, 2009.[23] Several features have been updated in this release, including SONAR, now dubbed SONAR 2. It now uses more information to determine if an application is truly malicious. Norton Insight can present users with information about the origins, activities, and performance of applications along with reputation data.[23] A new feature codenamed Autospy helps users understand what Norton did when malware was found. Previous releases removed threats on sight and quietly warned users, potentially confusing when users are deceived in downloading rogue security software. Much of this information is placed on the back of the main window; a toggle button switches between the sides.[24] Symantec has also added Windows 7 support. Aside from that, Symantec has also added the Norton Download Insight to prevent drive by drive downloads.

Version 2011 (18.0)

The main GUI of Norton AntiVirus 2011

Criticism

FBI cooperation

The FBI confirmed the active development of Magic Lantern, a keylogger intended to obtain passwords to encrypted e-mail and other documents during criminal investigations. Magic Lantern was first reported in the media by Bob Sullivan of MSNBC on 20 November 2001 and by Ted Bridis of the Associated Press.[25][26] The FBI intends to deploy Magic Lantern in the form of an e-mail attachment. When the attachment is opened, it installs a trojan horse on the suspect's computer, which is activated when the suspect uses PGP encryption, often used to increase the security of sent e-mail messages. When activated, the trojan will log the PGP password, which allows the FBI to decrypt user communications.[27] Symantec and other major antivirus vendors have whitelisted the Magic Lantern trojan, rendering their antivirus products, including Norton AntiVirus, incapable of detecting it. Concerns around this whitelisting include uncertainties about Magic Lantern's full surveillance potential and whether hackers could subvert it and redeploy it for purposes outside of law enforcement.[28][29]

Graham Cluley, a technology consultant from Sophos, said "We have no way of knowing if it was written by the FBI, and even if we did, we wouldn’t know whether it was being used by the FBI or if it had been commandeered by a third party".[30] Another reaction came from Marc Maiffret, chief technology officer and co-founder of eEye Digital Security who states: "Our customers are paying us for a service, to protect them from all forms of malicious code. It is not up to us to do law enforcement's job for them so we do not, and will not, make any exceptions for law enforcement malware or other tools."[31]

Proponents of Magic Lantern argue the technology would allow law enforcement to efficiently and quickly decrypt time-sensitive messages protected by encryption schemes. Implementing Magic Lantern does not require physical access to a suspect's computer, unlike Carnivore, a predecessor to Magic Lantern, since physical access to a computer would require a court order.[32] FBI spokesman Paul Bresson, in response to a question about whether Magic Lantern also needed a court order to deploy, would only say "Like all technology projects or tools deployed by the FBI it would be used pursuant to the appropriate legal process."[33][34]

Update disables legitimate software

On January 28, 2010 Symantec Anti-virus update marked Spotify as a Trojan Horse disabling the software across millions of PCs.[35][36]

Product support

Retail customers report slow and indifferent service on bugs. Examples include a faulty error message stating current subscriptions had expired.[37] Users received an error stating "Your virus protection cannot be updated." This error occurred after an update to the software and refused to allow daily updates.[37] Though the bug was reported in 2004, it was not corrected for the 2005 or 2006 versions.

Another incident occurred in May 2007, when Norton AntiVirus flagged components of the Pegasus e-mail client as malicious, rendering the program corrupted.[38] Symantec customer service addressed the problem by running through a checklist of troubleshooting steps which were not always successful.

Faulty update

On July 25, 2006, Symantec released a faulty update for Norton AntiVirus 2006 users. Users reported an onscreen message stating "Norton AntiVirus 2006 does not support the repair feature. Please uninstall and reinstall.".[39] Symantec claimed the faulty update was downloaded to customers between 1:00 PM and 7:00 PM on July 25, 2006. Symantec developed a workaround tool and has listed troubleshooting steps, available here. The company released a statement, stating they expected to deliver a repair patch to affected users by Monday, July 31, 2006." [40]

Uninstallation

Norton Removal Tool
Norton Removal Tool
Developer(s) Symantec Corporation
Stable release
2012.0.0.19
Operating system Microsoft Windows
Website Norton Removal Tool Homepage

Norton AntiVirus has been criticized for refusing to uninstall completely, leaving unnecessary files behind.[41][42] Another issue is versions prior to 2009 installed LiveUpdate, which updates Norton-branded software, separately. The user must uninstall both Norton AntiVirus and the LiveUpdate component manually. The LiveUpdate component is purposely left behind to update other Norton-branded products, if present.[43] In response, Symantec developed the Norton Removal Tool (SymNRT) to remove leftover registry keys and values along with files and folders.[44] However, neither route of uninstallation will remove subscription data, preserved to prevent users from installing multiple trial copies.
SymNRT can only remove these Norton programs:

Once SymNRT has started the removal process, it cannot be stopped. It is recommended to close all running programs prior to running SymNRT. ACT! and WinFax users are recommended to back up their databases before running SymNRT.

Incompatibilities with ZoneAlarm

Norton AntiVirus 2007 will not install alongside ZoneAlarm. This incompatibility has caused annoyance for Norton customers who purchased Norton AntiVirus 2007 with no prior warning or notice of the incompatibility.[45] Symantec recommends removing ZoneAlarm, then reinstalling it with its Internet Worm Protection feature disabled, which controls what applications can access the Internet and which protocols they can use to do so.

PIFTS.exe

On March 9, 2009, some users of Norton AntiVirus 2006 and 2007 experienced a firewall warning stating a Norton-associated file, "PIFTS.exe", was trying to connect to the Internet.[46] Although this file was revealed to be a harmless diagnostic patch, the program gained attention in the media when Symantec removed posts from their forum concerning PIFTS. With no information available about the purpose of the program there was speculation that the program was malware or a backdoor.[47]

The SANS Internet Storm Center claimed to have spoken to a Symantec employee who has confirmed that "the program is theirs, part of the update process and not intended to do harm."[48] Graham Cluley, a consultant from antivirus vendor Sophos found PIFTS connected to a Symantec server, forwarding product and computer information.[49]

On March 10, Symantec made an official response to the PIFTS program, claiming posts in the support forum were deleted due to forum spam rules; however the deletion of PIFTS-related posts began before the spam attacks.[50] Symantec stated PIFTS itself was a diagnostic patch.[47] Cole stated the purpose of the update was to help determine how many customers would need to be migrated to Windows 7-compatible versions of Norton AntiVirus. PIFTS apparently was released without a digital signature to verify its identity, causing firewalls to prompt for permission when it attempted to connect to the Internet.[51]

Consumer complaints

Symantec has been criticized by some consumers for perceived ethical violations, including allegations that support technicians would tell customers that their systems were infected and needed a technician to resolve it remotely for an extra fee, then refuse to refund when the customers alleged their systems had not actually been infected.[52]

Windows 8 Consumer Preview compatibility

Windows 8 Consumer Preview was released on 29 February 2012.[53] Symantec has announced that Norton AntiVirus and Internet Security, as well as the newest Norton 360 v6, will be compatible with Windows 8.[54]

Macintosh edition

Norton AntiVirus 11 for Mac introduced support for Mac OS X v10.5 Leopard platform, with the capability to detect both Macintosh and Windows malware. Other features include a vulnerability scanner, which blocks attackers from leveraging software exploits.[55] Norton AntiVirus 11 also includes the ability to scan within compressed or archived files, such as Time Capsule volumes. Operating requirements call for Mac OS X Tiger.[56] A PowerPC or an Intel Core processor, 128 MB of RAM, and 100 MB of free hard disk space are also required. Norton AntiVirus Dual Protection for Mac is intended for Macintosh users with Windows running on their systems, using Boot Camp or virtualization software such as VMWare Fusion. It provides a license for both Norton AntiVirus 11 with Norton AntiVirus 2009.[57][58]

Comparison with other software

From the 2009 to 2012 editions, Symantec made huge changes to their products' speed and performance. Norton products now have only 2 running processes, using about 24 MB of RAM.[59] Symantec engineers monitor said outbreaks of computer viruses to establish new viruses. As soon as an virus is recognized, information in regards to the virus (a virus signature) is stored in a pandemic definitions file, which contains the vital know-how to become aware of and get rid of the virus.[60] According to tests sponsored by Symantec, PassMark Security Benchmark 2012 Norton AntiVirus and Norton Internet Security are the lightest suites available. Av-comparatives.org also tested these products and gave similar results.[61] PCMag recognises 2011 and 2012 lines as the fastest and strongest in protection.[62] PCWorld's tests of security software put Norton Internet Security 2009 in the 1st place.[63] In 2011 test of PCWorld, Norton Internet Security was the winner. Dennis Technology Labs (in tests sponsored by Symantec) confirms the performance and effectiveness of Norton 2011 and 2012 lines.[64]

Norton AntiVirus vs. GCSB Amendment Bill

On the 14th of August 2013 the Prime Minister of New Zealand John Key addressed what he identified as "misinformation" surrounding the GCSB Amendment Bill, claiming that the actions of the Government Communications Security Bureau were analogous to Norton AntiVirus.[65]

See also

References

  1. "Channel Best-Sellers: Winning Security Players". CRN Staff. United Business Media LLC. November 23, 2007. Retrieved 2009-03-09.
  2. http://techdows.com/2014/08/new-norton-security-to-replace-all-nine-products-of-norton.html. Missing or empty |title= (help); External link in |website= (help);
  3. SAM Identifies Virus-Infected Files, Repairs Applications, InfoWorld, May 22, 1989
  4. SAM Update Lets Users Program for New Viruses, InfoWorld, Feb 19, 1990
  5. "COMPANY NEWS; Symantec to Acquire Peter Norton". Lawrence M. Fisher. The New York Times Company. May 15, 1990. Retrieved 2009-03-30.
  6. "Legal Notice – Symantec Canada". Symantec Corporation. Retrieved 2009-03-30.
  7. "SYMANTEC BRAND IDENTITY" (PDF). frog design inc. Retrieved 2009-03-30.
  8. Foreign Virus Strains Emerge as Latest Threat to U.S. PCs, InfoWorld, Feb 4, 1991
  9. Symantec Brings New Version of Top-Selling Macintosh AntiVirus Software into Norton Family of Products Press Release.
  10. "Symantec adds product activation". David Becker. CBS Interactive Inc. August 26, 2003. Retrieved 2009-03-31.
  11. "Norton Internet Security 2005 Antispyware Edition". Robert Vamosi. CBS Interactive Inc. April 18, 2005. Retrieved 2009-03-30.
  12. "The Norton Update Center". Symantec Corporation. Archived from the original on March 16, 2009. Retrieved 2009-03-18.
  13. 1 2 3 sralls (October 3, 2005). "Norton AntiVirus 2006 Internet security and firewall reviews – CNET Reviews". Reviews.cnet.com. Retrieved 2009-02-23.
  14. "Bloodhound". Symantec. Retrieved 2009-02-23.
  15. "Symantec's Norton AntiVirus 2007, Norton Internet Security 2007 Provide State-Of-The-Art Security and Performance to Protect Against Today's Newest Threats". 09-12-2006. Retrieved 2010-05-29. Check date values in: |date= (help)
  16. 1 2 : Robert Vamosi. "Norton AntiVirus 2007 Internet security and firewall reviews – CNET Reviews". Reviews.cnet.com. Retrieved 2009-02-23.
  17. "New Zealand PC World Magazine > Symantec unveils Browser Defender in its 2008 consumer security software". Pcworld.co.nz. 2007-08-30. Retrieved 2010-11-09.
  18. "Symantec unveils Browser Defender in its 2008 consumer security software". Gregg Keizer. Fairfax New Zealand Limited. August 30, 2007. Retrieved 2009-03-07.
  19. Rubenking, Neil J. (2008-11-25). "Symantec Launches Norton Antivirus 'Gaming Edition'". PC Magazine. Retrieved 2009-02-24.
  20. "Symantec Launches Fastest Security Products in the World". Marketwire, Incorporated. September 9, 2008. Retrieved 2009-03-04.
  21. Passmark Software (February 2009),Antivirus, Internet Security and Total Security Products Performance Benchmarking (2009) Vista/Dual Core Hardware, retrieved 4 October 2012
  22. Tal (January 5, 2009). "Norton Internet Security 2009". geekstogo.com. Retrieved 2009-01-07.
  23. 1 2 Neil J. Rubenking (July 2, 2009). "Symantec Releases Norton 2010 Betas". PC Magazine. Retrieved 15 July 2009.
  24. Preston Gralla (July 7, 2009). "Norton Internet Security 2010 beta: Different approach, new features, some glitches". Thomson Reuters. Retrieved 8 July 2009.
  25. Sullivan, Bob (2001-11-20). "FBI software cracks encryption wall". MSNBC. Retrieved 2007-11-20.
  26. Ted Bridis. "FBI Develops Eavesdropping Tools," Washington Post, November 22, 2001.
  27. "FBI Has a Magic Lantern". Usgovinfo.about.com. Retrieved 2009-02-23.
  28. "Invasive Software: Who's Inside Your Computer?" (PDF). George Lawton. July 2002. Retrieved 2009-03-12.
  29. http://www.kaspersky.com (2001-12-11). "The FBI's "Magic Lantern" Shines Bright". Kaspersky.com. Retrieved 2009-02-23.
  30. Jackson, William (2001-12-06). "Antivirus vendors are wary of FBI's Magic Lantern – Government Computer News". Gcn.com. Retrieved 2009-02-23.
  31. McCullagh, Declan (2007-07-17). "Will security firms detect police spyware? – CNET News". CBS Interactive, Inc. Retrieved 2009-02-23.
  32. "IMPLICATIONS OF SELECT NEW TECHNOLOGIES FOR INDIVIDUAL RIGHTS AND PUBLIC SAFETY". Amitai Etzioni. Harvard Journal of Law & Technology. 2002. Retrieved 2009-08-27.
  33. "FBI Confirms 'Magic Lantern' Project Exists" (PDF). Elinor Mills Abreu. At Home Corporation. December 31, 2001. Archived from the original (PDF) on 2011-07-20. Retrieved 2009-03-12.
  34. "THE CASE FOR MAGIC LANTERN: SEPTEMBER 11 HIGHLIGHTS THE NEED FOR INCREASED SURVEILLANCE" (PDF). Christopher Woo & Miranda So. Harvard Journal of Law & Technology. 2002. Retrieved 2009-03-12.
  35. "Spotify is detected as an Trojan Horse? | Symantec Connect Community". Aka-community.symantec.com. Retrieved 2012-10-04.
  36. "Spotify defined as a trojan by Symantec". Getsatisfaction.com. Retrieved 2012-10-04.
  37. 1 2 "Error: "Your virus protection cannot be updated" when running the Intelligent Updater". Symantec Corporation. July 27, 2007. Retrieved 2009-05-27.
  38. "Pegasus Email Client Being Flagged as a Trojan Program". DanB. TNPC Newsletter. May 18, 2007. Retrieved 2009-05-27.
  39. "Faulty Update Stymies Norton Users". The Washington Post Company. 2009. Retrieved 2009-02-26.
  40. Vamosi, Robert (2006-07-31). "Symantec ships faulty Norton AntiVirus 2006 update – Alpha Blog – alpha.cnet.com". Reviews.cnet.com. Retrieved 2010-11-09.
  41. "Symantec uninstaller may not finish the job". Scott Dunn. WindowsSecrets.com. February 7, 2008. Retrieved 2009-03-05.
  42. "How can I fully remove Norton Antivirus from my system?". Dave Taylor. Retrieved 2009-02-23.
  43. "PCWorld". PCWorld. Retrieved 2009-02-23.
  44. "Download and run the Norton Removal Tool". Symantec Corporation. Retrieved 2009-02-23.
  45. Schofield, Jack (2006-11-02). "Norton AV versus Zone Alarm – can't you have both?". The Guardian. London. Retrieved 2010-05-20.
  46. Beaumont, Claudine (2009-03-10). "Internet conspiracy theories abound over Symantec Pifts.exe file". The Daily Telegraph. London. Retrieved March 10, 2009.
  47. 1 2 Krebs, Brian (2009). "Users Complain of Mysterious 'PIFTS' Warning". The Washington Post. Retrieved 2010-05-20.
  48. Frantzen, Swa (2009). "Conspiracy fodder: pifts.exe".
  49. Cluley, Graham (2009). "The mystery of Symantec and PIFTS.EXE".
  50. Cole, Dave (2009). "Norton product patch "PIFTS.exe" and Norton Users Forum".
  51. "Cybercrooks Take Advantage of Symantec PIFTS.EXE Fuss". Lucian Constantin. Softpedia. March 11, 2009. Retrieved 2009-05-25.
  52. "Consumer complaints about Norton". Consumeraffairs.com. Retrieved 2010-11-09.
  53. Microsoft Announces Availability of Windows 8 Consumer Preview
  54. Norton is Windows 8 compatible according to Symantec.
  55. "Norton AntiVirus 11 for Leopard Announced". PC World Communications, Inc. December 10, 2007. Retrieved 2009-02-28.
  56. "Norton Antivirus 11.0 for Mac". about.com. Retrieved 2009-02-24.
  57. "Norton AntiVirus 11 for Mac". Symantec. Retrieved 2009-02-24.
  58. "Norton AntiVirus Dual Protection for Mac". Symantec. Retrieved 2009-02-24.
  59. "2012 Consumer Security Products Performance Benchmarks (Edition 1)" (PDF). Retrieved 2012-10-04.
  60. "How Norton prevents infections". Archived from the original on June 9, 2016.
  61. "Performance Test Internet Security Suites – July 2011" (PDF). Retrieved 2012-10-04.
  62. Rubenking, Neil J. "Norton Internet Security 2012". PC Magazine.
  63. Larkin, Erik (2009-01-22). "Top Internet Security Suites: Paying for Protection". PCWorld. Retrieved 2012-10-04.
  64. Dennis Technology Labs (26 January 2011), PC Total Protection Suites 2011, retrieved 4 October 2012
  65. http://www.3news.co.nz/John-Key-defends-the-GCSB-bill/tabid/817/articleID/309018/Default.aspx
Wikimedia Commons has media related to Symantec software.
This article is issued from Wikipedia - version of the 11/7/2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.