Norton Insight reduces length of future system scans by validating trustworthy files the first time.
It couldn't effectively block the contaminated archive that we installed.
We took some heat after awarding last year’s version of Norton Internet Security our coveted Kick Ass award. Some of you were baffled at how Norton, a notorious resource hog and semi-effective scanner, could turn things around in such dramatic fashion. Others questioned our geek cred, while a few of you even accused us of being on the take—ouch. But the truth is, Symantec deserved every accolade it received. Could this be the dawn of a new AV dynasty in the Norton camp?
We’re not yet ready to anoint Norton the savior of security software, and we’ll tell you why in a moment. First, let’s focus on what NIS 2010 does right. This year’s update continues NIS’s reborn legacy as a lean and fast scanner. We remain particularly impressed with Norton Insight, which dramatically reduces system scans. The first time NIS sweeps through your system, it examines every file. Each time thereafter, the scanner skips files that have been validated by Symantec and deemed trustworthy. The result? After an initial scan time of 16 minutes, 18 seconds, NIS then scurried through our data in just four minutes, 47 seconds, finishing long before our coffee break did.
NIS thwarted most of our attempts to find a chink in its armor, knocking out spyware and batting away disreputable downloads without skipping a beat. That is, until we played dirty. We disabled NIS long enough to download a contaminated archive and then turned it back on. Norton only blocked some of the infected files inside our Pandora’s box, allowing our test bed to become infected with a fake AV scanner. It even allowed the rogue program to disable UAC.
We have a hard time picturing anyone going through the trouble we did to intentionally inflict harm, but nevertheless, our confidence is shaken.