Norton AntiVirus

Norton AntiVirus
Norton AntiVirus 2006 running in Windows XP
Developer:	Symantec Corporation
Latest release:	2008 or 15.0.0.58 (Windows Edition), 10.2 (Corporate Edition), 10.0 (Mac Edition) / August 29, 2007
OS:	Microsoft Windows, Mac OS X
Genre:	Antivirus
License:	Proprietary
Website:	Symantec.com

Norton AntiVirus (NAV) is a popular product of Symantec Corporation and is one of the most widely used antivirus programs. Norton AntiVirus is sold as a standalone product and is also included as part of Norton Internet Security and Norton SystemWorks. In addition, there is also a standalone corporate edition version called Symantec AntiVirus Corporate Edition. It is aimed at a centrally managed corporate environment and has different features not present in the traditional retail version of the software.

Contents [hide] 1 History 2 Version History 2.1 Version 2006 (13.0) 2.2 Version 2007 (14.0) 3 Features 3.1 Virus definitions 3.2 Competition 3.3 Product activation 4 The Mac edition 5 Criticisms 6 Reviews 7 References 8 External links

[edit] History

Since its release in 1990, over 100 million people around the world have used it. After the acqusition of Central Point Software in 1994 by Symantec, NAV was integrated with its main competitor of the era, Central Point Anti-Virus (CPAV). CPAV was also licensed to Microsoft as the Microsoft Anti-Virus utility.

[edit] Version History

[edit] Version 2006 (13.0)

On the weekend of July 28-30, 2006, Symantec released a faulty Norton AntiVirus update, in the form of Norton AntiVirus 2006. Many users of Symantec Norton AntiVirus 2006 and any product that contained Norton AntiVirus 2006, such as Norton Internet Security 2006 and SystemWorks 2006, experienced difficulties due to the faulty update sent via LiveUpdate. Users reported getting an onscreen message stating that "Norton AntiVirus 2006 does not support the repair feature" and asking that they uninstall and reinstall Norton AntiVirus.

Symantec said the faulty update was downloaded to customers between 1PM and 7PM Friday, July 25. The security vendor recommended the affected users either download a workaround tool or follow steps posted on their site. Symantec said in a statement that they expected to "deliver a repair patch to affected users by the end of day, Monday, July 31, 2006." As of June 22, 2007, Symantec has not released any repair patch, or solution to fix the problem permanently.^[1]

[edit] Version 2007 (14.0)

After many years of customer complaints regarding the speed and system resource utilization of the product, Symantec responded in 2007 with a much needed rewrite of the code in an attempt to make the product lighter and faster.^[2]. However, with a PC with 2GB RAM, Intel Core Duo it took twenty minutes to uninstall the program, ten of which for windows to auto-restart after having made the nessecary registry and other changes.^[3]

Norton Antivirus 2007 automatically detects and blocks viruses, spyware, rootkits and worms. Several of its key features are Rootkit Protection which finds and removes hidden threats in the operating system, Internet Worm Protection that blocks viruses, spyware and worms without specific signatures, email and instant message scanning that detects, removes or blocks infected attachments and Full System Scan which performs a deep scan to remove existing viruses, spyware and other threats. Norton Protection Center provides a central place to easily check overall security settings. Its Live Update™ Notice alerts you to new features, product updates and threat advisories as available throughout the renewable service period.

[edit] Features

[edit] Virus definitions

Symantec's LiveUpdate provides virus definition updates, which enable Norton AntiVirus to detect viruses known to Symantec; a total of 73,660^[4] viruses as of September 6, 2007. In order to receive updates, a valid subscription is required; an initial subscription good for one year (or 90 days for OEM copies) is included with the purchase. When a user's subscription expires, the user can still receive program updates (patches) for free but will not be able to download virus definitions updates without renewing her or his subscription or purchasing a new version of the Symantec product with a year of subscription included.

The corporate edition has a client/server strategy to update virus definitions. Each of the workstations will not have LiveUpdate installed, but will be linked to a central server. The server will be the one that will actually update itself with LiveUpdate, and distribute such updates to the client/managed workstations. This is to reduce redundant updates over the organizational network (such as 100 PC's updating the same definitions).

[edit] Competition

Norton AntiVirus also attempts to remove spyware and adware, both of which are forms of malware that are not computer viruses. It competed in this capacity with the freeware Spybot - Search & Destroy (among others), although the company seems to have expressed an interest in leaving the anti-spyware/adware market.^{[citation needed]}

[edit] Product activation

Beginning with Norton AntiVirus 2004, Norton AntiVirus includes an anti-copying feature called "Product Activation," which is similar to the activation process in Windows XP and Office XP. The activation process for Norton AntiVirus 2004, 2005, and 2006 can be accomplished through two methods: over the Internet or by phone.

[edit] The Mac edition

Symantec Antivirus for Macintosh (or SAM) is a discontinued edition of Norton AntiVirus for Mac OS. It was merged with the Norton line of products and is now part of the Norton Systemworks and Norton Internet Security suites. Although originally dealing with viruses on the Mac OS, its use was largely limited in later years, due to the widespread use of the freeware antivirus program Disinfectant in Mac OS Classic, to simply dealing with Windows viruses that may lie dormant while on a Mac.

Although Norton AntiVirus is compatible with Mac OS X v10.4, it is not a universal binary, and its use is generally not recommended on an Intel-based Mac. Criticism of Norton AntiVirus typically stems from its complex installation (similar to criticisms of the Windows version in that respect) as well as its relatively slow speed and high cost: competing products such as Intego's Virus Barrier X4 suite typically run faster, requires less disk space, and considered less intrusive in terms of installation.

[edit] Criticisms

• Customer service:

Retail customers experience slow and indifferent service on bugs, such as the one that returns to certain users a specific error message that their valid subscriptions have expired,^[5] and refuses to allow daily updates via "Intelligent Updater."^{[citation needed]} Though the bug was reported in 2004, it was not corrected for the 2005 version, and continued unpatched during 2006.^[6] In May 2007, Norton Antivirus would reportedly remove the program file for the Pegasus e-mail client, an issue which Symantec's customer service allegedly addressed by sticking to a checklist of troubleshooting steps, showing they had no real understanding of the product.

• FBI/CIA cooperation:

Norton AntiVirus was criticized in the past because of Symantec's policy that allows spy software (keyloggers/backdoors) of US law enforcement and intelligence agencies, such as the FBI-developed Magic Lantern, to bypass Norton's malware detection.^[7]

• Response to viruses:

According to an article by the Washington Post, Norton Antivirus has one of the worst average response times for providing virus definition updates based on the worst virus outbreaks of 2005, lagging behind every major competitor, including NOD32, Kaspersky, F-Secure, Sophos, Avira, Trend Micro, F-Prot, Panda, Protector Plus, AVG, avast!, ClamWin, and McAfee.^[8]

For everyday viruses, according to an article by Eweek titled Why Is Symantec So Slow with Updates?, Symantec is the only vendor that provides virus definition updates on a weekly basis, as opposed to competitors such as McAfee that provides them on a daily basis or Sophos, Kaspersky or Panda that provide them several times a day.^[9]

However, Symantec does provide frequent beta and "Intelligent Updater" definitions in the form of manually downloadable 8-10 MB packages (although impractical for daily use for even highly technical users) as well as daily updates for LiveUpdate Platinum customers such as large corporations and businesses.

Daily LiveUpdate definitions are, however, available for users of later versions of Norton AntiVirus (version 2006 or higher).^[10]

• Uninstallation:

Norton AntiVirus has been criticized for refusing to uninstall cleanly. Norton has created a tool to remove its registry keys and values, along with the software available at their web site.^[11]

• Effects on performances:

This software is typically regarded as making highly considerable demands on resources.^[12] In common with other Norton products, Norton AntiVirus relies on Internet Explorer's web interface, instead of using the standard GUI libraries. Besides using more resources, any problems or changes to Internet Explorer will be reflected in Norton products, commonly resulting in "Script Error" messages when the user opens or uses a Norton program.

• Incompatibility with other antivirus softwares:

Norton AntiVirus 2007 advises during installation that it is incompatible with popular programs ZoneAlarm and Spy Sweeper.^[13] During installation, the purchaser receives warnings that these programs are incompatible, and should be uninstalled from the system before continuing. Since the purchaser is also advised to uninstall other antivirus programs, this would leave very little security indeed for anyone connected directly to the internet during installation. With neither firewall nor antivirus in place, the interval to infection for a Windows system directly connected to the internet has been estimated to have shrunk to an average 12 seconds^{[citation needed]}. Installation of Norton AntiVirus takes considerably longer than 12 seconds.

The incompatibility warnings have caused annoyance for Norton customers who purchased Norton AntiVirus 2007 with no warning or notice of the incompatibility ^{[14] [15]}. However, the warning as to ZoneAlarm firewall only (without ZoneAlarm antivirus or spyware installed) has been ignored during installation of Norton Antivirus 2007 without calamity.

Norton AntiVirus has on occasion identified other software incorrectly as "viruses" or "trojans" and deleted them; for instance, on 2007-05-17, Pegasus Mail was added to the NAV virus definitions list and removed from the systems of users. This restriction was quickly corrected in a subsequent virus definition update. ^[16] In July 2007, many Steam users reported that Norton AntiVirus would not allow Steam to run Counter-Strike or other games due to related files being mislabelled as trojans.^[17]

• Recognition of Windows XP files as viruses:

In May 2007, some Windows XP system files were mistaken as a backdoor virus, resulting in the breakdown of millions of PCs. Norton China may face legal proceedings and huge compensations as a result.^[18]

• Blocking Internet traffics:

Norton Anti-virus/Internet Security is widely known in the ISP (internet service provider) business as a complete waste of time and a great annoyance.^{[citation needed]} Based on the call records gathered in a 24 hour period to the 3rd largest Australian ISP, iiNet, 67% of calls where an active ADSL connection has been made, however no data flow is achieved, it is a result of the client having Norton Anti-virus/Internet Security, and solved by the customer disabling it (which Norton will only allow for a maximum of 4 hours).

[edit]