I'm a former Kaspersky user. To reduce scanning time, the program would only scan those files that changed from the last scan.

If I understand Norton's process, it doesn't scan trusted files to reduce scanning time.

This doesn't seem logical. Can't a virus or other malware alter a file? ..Even a "trusted" file?

So even if the file is initially considered good, if it becomes infected/altered by a virus, shouldn't it be scanned?

I'm not trying troll and start an arguement about which program is better. I'm just trying to understand the process.

Thanks,

BC