Norton AntiVirus

Last updated

Norton AntiVirus
Developer Gen Digital
Initial releaseDecember 1990;35 years ago (1990-12)
Stable release Windows:
22.21.10.40 (November 1, 2021;4 years ago (2021-11-01)) [±]
Operating system Microsoft Windows (Windows 95 and later), macOS, Linux
Platform x86, x64
Type Antivirus
License Commercial proprietary software
Website www.norton.com

Norton AntiVirus is a proprietary software anti-virus and anti-malware product founded by Peter Norton, developed and distributed by Symantec (now Gen Digital) since 1990 [1] as part of its Norton family of computer security products. It uses signatures and heuristics to identify viruses. Other features included in it are e-mail spam filtering and phishing protection.

Contents

Symantec distributes the product as a download, a box copy, and as OEM software. Norton AntiVirus and Norton Internet Security, a related product, held a 25% US retail market share for security suites as of 2017. Competitors, in terms of market share in this study, include antivirus products from McAfee, Trend Micro, and Kaspersky Lab. [2]

Norton AntiVirus runs on Microsoft Windows, Linux, and macOS. Windows 7 support was in development for versions 2006 through 2008. Version 2009 has Windows 7 supported update already. Versions 2010, 2011, and 2012 all natively support Windows 7, without needing an update. Version 12 is the only version fully compatible with Mac OS X Lion. With the 2015 series of products, Symantec made changes in its portfolio and briefly discontinued Norton AntiVirus. [3] This action was later reversed with the introduction of Norton AntiVirus Basic. [4]

Origins

In May 1989, Symantec launched Symantec Antivirus for the Macintosh (SAM). [5] SAM 2.0, released March 1990, incorporated technology allowing users to easily update SAM to intercept and eliminate new viruses, including many that didn't exist at the time of the program's release. [6]

In August 1990 Symantec acquired Peter Norton Computing from Peter Norton. [7] Norton and his company developed various DOS utilities including the Norton Utilities, which did not include antivirus features. Symantec continued the development of acquired technologies. The technologies are marketed under the name of "Norton", with the tagline "from Symantec". Norton's crossed-arm pose, a registered U.S. trademark, was traditionally featured on Norton product packaging. [8] However, his pose was later moved to the spine of the packaging, and eventually dropped altogether. [9]

With the 1998 version 5.0 update, SAM was renamed Norton AntiVirus (NAV) for Macintosh. [10]

History of Windows/DOS editions

By early 1991, U.S. computers were invaded by hundreds of foreign virus strains and corporate PC infection was becoming a serious problem. Symantec's Norton Group launched Norton AntiVirus 1.0 (NAV) for PC and compatible computers. [11] Ads for the product, with suggested retail $129, featured Norton in his crossed-arm pose, wearing a pink shirt and surgical mask covering his nose and mouth. [12]

The original Norton Antivirus 1.0 did not repair infected files or boot sectors.[ citation needed ] This was fixed when version 1.5 was released in June 1991, along with the addition of the option of installing multiple scan levels of the Norton Antivirus Intercept (later renamed to Norton Antivirus Auto-Protect starting off with Norton Antivirus 3.0 released in September 1993.

Norton Antivirus 2.0 was released in December 1991, and introduced the feature of creating a rescue disk, which would include the partition table, CMOS settings memory information, and boot sector of a hard disk of an MS-DOS computer system. This was very handy in case a virus that its definitions did not detect was able to overwrite this information or move the boot sector to a different location of the hard disk.

Norton Antivirus 3.0, released in September 1993, introduced a unique feature. Unlike other antivirus software products for MS-DOS and early Windows, which will only notify you to turn off your computer, but continue anyway, Auto-Protect or the main program will scan for viruses in memory before loading themselves. If they find a virus loaded into memory, they will halt the entire computer so that you can't even perform a warm boot (Ctrl+Alt+Delete), So that you can turn off your computer from the power and turn it back on again with a clean, uninfected system disk. Most often, this can either be the rescue disk created, or the original MS-DOS system installation disk, followed by the Norton Antivirus program installation disks. This feature is the safest way to deal with any kind of virus in memory. Norton Antivirus 3.0 is also the first version for Windows 3.1.

Product activation was introduced in Norton AntiVirus 2004, addressing the estimated 3.6 million counterfeit Norton products sold. [13] An alphanumeric code is generated to identify a computer's configuration, which ties in with the product key. Users are allowed to activate their product five times with the same product key. [14] Spyware and adware detection and removal was introduced to the 2005 version, with the tagline "Antispyware Edition". [15] The tagline was dropped in later releases. Norton AntiVirus 2009 Classic did not include spyware or adware detection. The Classic edition was marketed alongside Norton AntiVirus 2009, which included spyware and adware detection. [16]

Version 2006 (13.0)

The redesigned main graphical user interface aggregated information in a central user interface. [17] To further facilitate detection of zero-day malware, Bloodhound disassembles a variety of programming languages, and scans code for malicious instructions using predefined algorithms. [18] Internet Explorer homepage hijacking protection was introduced in this release as well. CNET highlighted Norton AntiVirus 2006's noticeable impact on system performance. [17]

Operating system requirements called for Windows 2000 Service Pack 3 or Windows XP. [17]

Version 2007 (14.0)

Norton AntiVirus 2007 was released on September 12, 2006. [19] Symantec revised Norton AntiVirus with the goal of reducing high system resource utilization. [20] Windows Vista compatibility was introduced in this release as well. Despite having about 80% of the code rewritten, CNET reported mixed results in performance testing. [20]

Version 2008 (15.0)

Norton AntiVirus 2008 was released on August 28, 2007. Emphasizing malware prevention, new features included SONAR, which looked for suspicious application behavior. This release added real-time exploit protection, preventing attackers from leveraging common browser and application vulnerabilities. [21] [22]

Version 2009 (16.0)

The main user interface of Norton AntiVirus 2009 Nav-large-1.jpg
The main user interface of Norton AntiVirus 2009

Norton AntiVirus 2009 was released on September 8, 2008. Addressing performance issues, over 300 changes were made, with a "zero-impact" goal. [23] [24] Benchmarking conducted by Passmark Software PTY LTD highlighted its 47-second install time, 32 second scan time, and 5 MB memory utilization. Symantec funded the benchmark test and provided some scripts used to benchmark each participating antivirus software. [25]

The security status and settings were displayed in a single main interface. A CPU usage monitor displayed the total CPU utilization and Norton's CPU usage in the main interface. Other features include Norton Insight, a whitelisting technology which cuts scanning times by mapping known safe files using information from an online database. [26] To address malware response times, updates are delivered every 5 to 15 minutes. However, such updates are not tested by Symantec, and may cause false positives, or incorrectly identify files as malicious. The exploit scanner found in the 2007 and 2008 versions was dropped from this release.

Two variations on Norton AntiVirus 2009 were also marketed by Symantec. The Gaming edition provides finer control over when Norton downloads updates and allows components of the suite to be disabled either manually or automatically when the computer enters full-screen mode. The Classic edition did not find or remove adware and spyware.

Version 2010 (17.0)

The main GUI of Norton AntiVirus 2010 Antivirus.JPG
The main GUI of Norton AntiVirus 2010

Version 17.0 was released on September 9, 2009. [27] Several features were updated in this release, including SONAR, now dubbed SONAR 2. It now uses more information to determine if an application is truly malicious. Norton Insight presented users with information about the origins, activities, and performance of applications along with reputation data. [27] A new feature codenamed Autospy helped users understand what Norton did when malware was found. Previous releases removed threats on sight and quietly warned users, potentially confusing when users were deceived in downloading rogue security software. Much of this information is placed on the back of the main window; a toggle button switches between the sides. [28] Symantec also added Windows 7 support. Aside from that, Symantec has also added the Norton Download Insight to prevent drive by drive downloads.

The main GUI of Norton AntiVirus 2011 NortonAntivirus2011.jpg
The main GUI of Norton AntiVirus 2011

Rebrand to Norton Security

Symantec briefly discontinued the standalone Norton AntiVirus product in 2015 instead replacing it with Norton Security. [29]

Relaunch under Norton AntiVirus brand

By 2019, Norton AntiVirus was relaunched as a standalone product. [30]

The main GUI of Norton AntiVirus circa 2017 Norton Anti Virus Latest Interface.png
The main GUI of Norton AntiVirus circa 2017

Criticism

2001 whitelisting of Magic Lantern

In 2001, the FBI confirmed the active development of Magic Lantern, a keylogger intended to obtain passwords to encrypted e-mail and other documents during criminal investigations. Magic Lantern was first reported in the media by Bob Sullivan of MSNBC on 20 November 2001 and by Ted Bridis of the Associated Press. [31] [32] The FBI intends to deploy Magic Lantern in the form of an e-mail attachment. When the attachment is opened, it installs a trojan horse on the suspect's computer, which is activated when the suspect uses PGP encryption, often used to increase the security of sent email messages. When activated, the trojan will log the PGP password, which allows the FBI to decrypt user communications. [33] Symantec and other major antivirus vendors have whitelisted the Magic Lantern trojan, rendering their antivirus products, including Norton AntiVirus, incapable of detecting it. Concerns around this whitelisting include uncertainties about Magic Lantern's full surveillance potential and whether hackers could subvert it and redeploy it for purposes outside of law enforcement. [34] [35]

2000s product support

In 2004, users received an error stating "Your virus protection cannot be updated." This error occurred after an update to the software and refused to allow daily updates. [36]

In 2007, retail customers reported slow and indifferent service on bugs. Examples include a faulty error message stating current subscriptions had expired. [36]

Also in 2007, Norton AntiVirus flagged components of the Pegasus email client as malicious, rendering the program corrupted. [37] Symantec customer service addressed the problem by running through a checklist of troubleshooting steps.

On January 28, 2010 Symantec Anti-virus update marked Spotify as a Trojan Horse disabling the software across millions of PCs. [38] [39]

2006 faulty update

On July 25, 2006, Symantec released a faulty update for Norton AntiVirus 2006 users. Users reported an onscreen message stating "Norton AntiVirus 2006 does not support the repair feature. Please uninstall and reinstall.". [40] Symantec claimed the faulty update was downloaded to customers between 1:00 PM and 7:00 PM on July 25, 2006. Symantec developed a workaround tool. The company released a statement, stating they expected to deliver a repair patch to affected users by Monday, July 31, 2006. [41]

2009 uninstallation

Norton Removal Tool
Developer Symantec Corporation
Stable release
2012.0.0.19
Operating system Microsoft Windows
Website Norton Removal Tool Homepage

Prior to 2009, Norton AntiVirus was criticized for refusing to uninstall completely, leaving unnecessary files behind. [42] [43] Another issue is versions prior to 2009 installed LiveUpdate, which updates Norton-branded software, separately. The user must uninstall both Norton AntiVirus and the LiveUpdate component manually. The LiveUpdate component is purposely left behind to update other Norton-branded products, if present. [44] In response, Symantec developed the Norton Removal Tool (SymNRT) to remove leftover registry keys and values along with files and folders. [45] However, neither route of uninstallation will remove subscription data, preserved to prevent users from installing multiple trial copies.[ citation needed ]
SymNRT can only remove these Norton programs:

Once SymNRT has started the removal process, it cannot be stopped. It is recommended to close all running programs prior to running SymNRT. ACT! and WinFax users are recommended to back up their databases before running SymNRT.

2007 incompatibility with ZoneAlarm

Norton AntiVirus 2007 would not install alongside ZoneAlarm. [46]

2009 concerns regarding PIFTS.exe

In 2009, some users of Norton AntiVirus 2006 and 2007 experienced a firewall warning stating a Norton-associated file, "PIFTS.exe", was trying to connect to the Internet. [47] Although this file was revealed to be a harmless diagnostic patch, the program gained attention in the media when Symantec removed posts from their forum concerning PIFTS. With no information available about the purpose of the program there was speculation that the program was malware or a backdoor. [48]

The SANS Internet Storm Center claimed to have spoken to a Symantec employee who has confirmed that "the program is theirs, part of the update process and not intended to do harm." [49] Graham Cluley, a consultant from antivirus vendor Sophos found PIFTS connected to a Symantec server, forwarding product and computer information. [50]

On March 10, Symantec made an official response to the PIFTS program, claiming posts in the support forum were deleted due to forum spam rules; however the deletion of PIFTS-related posts began before the spam attacks. [51] Symantec stated PIFTS itself was a diagnostic patch. [48] Cole stated the purpose of the update was to help determine how many customers would need to be migrated to Windows 7-compatible versions of Norton AntiVirus. PIFTS apparently was released without a digital signature to verify its identity, causing firewalls to prompt for permission when it attempted to connect to the Internet. [52]

2024 Evaluation of password checkup tools

A 2024 study by Hutchinson et al. examined the “password checkup” features of 14 password managers, including Norton Password Manager, using weak, breached, and randomly generated passwords. The authors found that the evaluated products reported weak and compromised passwords inconsistently and sometimes incompletely. No manager successfully flagged all known breached passwords. [53]

Macintosh edition

As of 2025, Norton AntiVirus is available for Macintosh systems. [54] It was originally available for Macs as early as 1989. [5] Prior versions for Mac introduced support for the Mac OS X v10.5 Leopard platform, with the capability to detect both Macintosh and Windows malware. Other features include a vulnerability scanner, which blocks attackers from leveraging software exploits. [55] Norton AntiVirus 11 also included the ability to scan within compressed or archived files, such as Time Capsule volumes. [56] [57] [58]

2012 comparison with other software

From the 2009 to 2012 editions, Symantec made huge changes to their products' speed and performance. Norton products now have only 2 running processes, using about 24 MB of RAM. [59] As soon as a virus is recognized, information in regards to the virus (a virus signature) is stored in a pandemic definitions file, which contains the vital know-how to become aware of and get rid of the virus. [60] According to tests sponsored by Symantec, PassMark Security Benchmark 2012 Norton AntiVirus and Norton Internet Security are the lightest suites available. Av-comparatives.org also tested these products and gave similar results. [61] PCMag recognises 2011 and 2012 lines as the fastest and strongest in protection. [62] PCWorld's tests of security software put Norton Internet Security 2009 in the 1st place. [63] In 2011, in a test of PCWorld, Norton Internet Security was the winner. [64] Dennis Technology Labs (in tests sponsored by Symantec) confirms the performance and effectiveness of Norton 2011 and 2012 lines. [65]

See also

References

  1. "The evolution of Norton protection: A brief timeline of cybersecurity". uk.norton.com. Archived from the original on November 8, 2022. Retrieved November 8, 2022.
  2. Wiesjaal (April 26, 2018). "McAfee remains the market leader in business antivirus solutions in Belgium, but is losing market share". Smart Profile. Retrieved February 21, 2024.
  3. "New Norton Security to Replace All Nine Products of Norton". Venkat. TechDows. August 19, 2014.
  4. "Symantec Norton AntiVirus Basic". PCMAG. Retrieved February 24, 2017.
  5. 1 2 SAM Identifies Virus-Infected Files, Repairs Applications, InfoWorld, May 22, 1989
  6. SAM Update Lets Users Program for New Viruses, InfoWorld, Feb 19, 1990
  7. "COMPANY NEWS; Symantec to Acquire Peter Norton". Lawrence M. Fisher. The New York Times Company. May 15, 1990. Retrieved March 30, 2009.
  8. "Legal Notice – Symantec Canada". Symantec Corporation. Archived from the original on October 12, 1999. Retrieved March 30, 2009.
  9. "SYMANTEC BRAND IDENTITY" (PDF). frog design inc. Retrieved March 30, 2009.
  10. Symantec Brings New Version of Top-Selling Macintosh AntiVirus Software into Norton Family of Products Press Release.
  11. Foreign Virus Strains Emerge as Latest Threat to U.S. PCs, InfoWorld, Feb 4, 1991
  12. McCracken, Harry. "Peter Norton". Technologizer by Harry McCracken. Retrieved December 15, 2025.
  13. Libbenga, Jan (September 22, 2003). "Norton Antivirus product activation cracked". The Register.{{cite web}}: CS1 maint: url-status (link)
  14. "Symantec adds product activation". David Becker. CBS Interactive Inc. August 26, 2003. Retrieved March 31, 2009.
  15. "Norton Internet Security 2005 Antispyware Edition". Robert Vamosi. CBS Interactive Inc. April 18, 2005. Retrieved March 30, 2009.
  16. "Update Norton to the latest version". Norton By Symantec. May 2018.
  17. 1 2 3 sralls (October 3, 2005). "Norton AntiVirus 2006 Internet security and firewall reviews – CNET Reviews". Reviews.cnet.com. Retrieved February 23, 2009.
  18. "Bloodhound". Symantec. Archived from the original on January 1, 2007. Retrieved February 23, 2009.
  19. "Symantec's Norton AntiVirus 2007, Norton Internet Security 2007 Provide State-Of-The-Art Security and Performance to Protect Against Today's Newest Threats". September 12, 2006. Archived from the original on October 21, 2006. Retrieved May 29, 2010.
  20. 1 2 Robert Vamosi. "Norton AntiVirus 2007 Internet security and firewall reviews – CNET Reviews". Reviews.cnet.com. Retrieved February 23, 2009.
  21. "New Zealand PC World Magazine > Symantec unveils Browser Defender in its 2008 consumer security software". Pcworld.co.nz. August 30, 2007. Archived from the original on July 17, 2011. Retrieved November 9, 2010.
  22. "Symantec unveils Browser Defender in its 2008 consumer security software". Gregg Keizer. Fairfax New Zealand Limited. August 30, 2007. Archived from the original on July 6, 2008. Retrieved March 7, 2009.
  23. Rubenking, Neil J. (November 25, 2008). "Symantec Launches Norton Antivirus 'Gaming Edition'". PC Magazine. Retrieved February 24, 2009.
  24. "Symantec Launches Fastest Security Products in the World". Symantec, Corporation. September 9, 2008. Archived from the original on February 2, 2017. Retrieved March 4, 2009.
  25. Passmark Software (February 2009),Antivirus, Internet Security and Total Security Products Performance Benchmarking (2009) Vista/Dual Core Hardware, retrieved 4 October 2012
  26. Tal (January 5, 2009). "Norton Internet Security 2009". geekstogo.com. Retrieved January 7, 2009.
  27. 1 2 Neil J. Rubenking (July 2, 2009). "Symantec Releases Norton 2010 Betas". PC Magazine . Retrieved July 15, 2009.
  28. Preston Gralla (July 7, 2009). "Norton Internet Security 2010 beta: Different approach, new features, some glitches". Thomson Reuters . Retrieved July 8, 2009.
  29. "Symantec consolidates all Norton products into one tool". TechRadar. Retrieved February 24, 2017.
  30. published, Jonas DeMuro (July 28, 2019). "Norton AntiVirus Software Review: Easy on the PC". Tom's Hardware. Retrieved December 15, 2025.
  31. Sullivan, Bob (November 20, 2001). "FBI software cracks encryption wall". MSNBC . Retrieved November 20, 2007.
  32. Ted Bridis. "FBI Develops Eavesdropping Tools," Washington Post , November 22, 2001.
  33. "FBI Has a Magic Lantern". Usgovinfo.about.com. Archived from the original on April 25, 2013. Retrieved February 23, 2009.
  34. "Invasive Software: Who's Inside Your Computer?" (PDF). George Lawton. July 2002. Archived from the original (PDF) on July 20, 2011. Retrieved March 12, 2009.
  35. "The FBI's "Magic Lantern" Shines Bright". Kaspersky . December 11, 2001. Archived from the original on February 11, 2009. Retrieved February 23, 2009.
  36. 1 2 "Error: "Your virus protection cannot be updated" when running the Intelligent Updater". Symantec Corporation. July 27, 2007. Archived from the original on September 5, 2009. Retrieved May 27, 2009.
  37. "Pegasus Email Client Being Flagged as a Trojan Program". DanB. TNPC Newsletter. May 18, 2007. Archived from the original on September 5, 2009. Retrieved May 27, 2009.
  38. "Spotify is detected as an Trojan Horse?". Symantec. Archived from the original on January 31, 2010. Retrieved October 4, 2012.
  39. "Spotify defined as a trojan by Symantec". Getsatisfaction.com. Archived from the original on July 16, 2011. Retrieved October 4, 2012.
  40. "Faulty Update Stymies Norton Users". The Washington Post Company. 2009. Archived from the original on April 5, 2012. Retrieved February 26, 2009.
  41. Vamosi, Robert (July 31, 2006). "Symantec ships faulty Norton AntiVirus 2006 update – Alpha Blog – alpha.cnet.com". Reviews.cnet.com. Archived from the original on June 5, 2009. Retrieved November 9, 2010.
  42. "Symantec uninstaller may not finish the job". Scott Dunn. WindowsSecrets.com. February 7, 2008. Archived from the original on February 27, 2009. Retrieved March 5, 2009.
  43. "How can I fully remove Norton Antivirus from my system?". Dave Taylor. Archived from the original on February 21, 2009. Retrieved February 23, 2009.
  44. "PCWorld". PCWorld. Retrieved February 23, 2009.
  45. "Download and run the Norton Removal Tool". Symantec Corporation. Archived from the original on February 23, 2009. Retrieved February 23, 2009.
  46. Schofield, Jack (November 2, 2006). "Norton AV versus Zone Alarm – can't you have both?". The Guardian. London. Archived from the original on May 25, 2007. Retrieved May 20, 2010.
  47. Beaumont, Claudine (March 10, 2009). "Internet conspiracy theories abound over Symantec Pifts.exe file". The Daily Telegraph. London. Archived from the original on March 13, 2009. Retrieved March 10, 2009.
  48. 1 2 Krebs, Brian (2009). "Users Complain of Mysterious 'PIFTS' Warning". The Washington Post. Archived from the original on April 8, 2009. Retrieved May 20, 2010.
  49. Frantzen, Swa (2009). "Conspiracy fodder: pifts.exe".
  50. Cluley, Graham (2009). "The mystery of Symantec and PIFTS.EXE".
  51. Cole, Dave (2009). "Norton product patch "PIFTS.exe" and Norton Users Forum". Archived from the original on March 27, 2009.
  52. "Cybercrooks Take Advantage of Symantec PIFTS.EXE Fuss". Lucian Constantin. Softpedia. March 11, 2009. Retrieved May 25, 2009.
  53. Hutchinson, Adryana; Munyendo, Collins W.; Aviv, Adam J; Mayer, Peter (May 11, 2024). "An Analysis of Password Managers' Password Checkup Tools". Extended Abstracts of the CHI Conference on Human Factors in Computing Systems. CHI EA '24. New York, NY, USA: Association for Computing Machinery: 1–7. doi: 10.1145/3613905.3650741 . ISBN   979-8-4007-0331-7.
  54. "The Best Mac Antivirus Software We've Tested for 2026". PCMAG. December 11, 2025. Retrieved December 15, 2025.
  55. "Norton AntiVirus 11 for Leopard Announced". PC World Communications, Inc. December 10, 2007. Retrieved February 28, 2009.
  56. "Norton Antivirus 11.0 for Mac". about.com. Archived from the original on September 5, 2011. Retrieved February 24, 2009.
  57. "Norton AntiVirus 11 for Mac". Symantec. Archived from the original on April 6, 2009. Retrieved February 24, 2009.
  58. "Norton AntiVirus Dual Protection for Mac". Symantec. Archived from the original on June 30, 2008. Retrieved February 24, 2009.
  59. "2012 Consumer Security Products Performance Benchmarks (Edition 1)" (PDF). Retrieved October 4, 2012.
  60. "How Norton prevents infections". Archived from the original on June 9, 2016.
  61. "Performance Test Internet Security Suites – July 2011" (PDF). Retrieved October 4, 2012.
  62. Rubenking, Neil J. "Norton Internet Security 2012". PC Magazine.
  63. Larkin, Erik (January 22, 2009). "Top Internet Security Suites: Paying for Protection". PCWorld. Retrieved October 4, 2012.
  64. Mediati, Nick (January 2011). "Antivirus 2011: Digital Defenders". PC World.
  65. Dennis Technology Labs (26 January 2011), PC Total Protection Suites 2011, retrieved 4 October 2012
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.