Serious Discussion Norton Full and Quick scans speed does not improve over time.

Divine_Barakah

Divine_Barakah

Level 41
Thread author
Verified
Top Poster
Well-known
Forum Veteran
May 10, 2019
3,075
12,731
3,969
Gaza Strip
Hello,


I have been using Norton for a while and I can confirm the scan speeds do not improve over time. Nothing new installed. When I run a full scan it takes almost the exact time of the first full scan with no improvements in terms of speed.

Does Norton not skip trusted or already scanned files in future scans?
 
  • Like
  • Thanks
Reactions: Jonny Quest, simmerskool, Khushal and 2 others
Divine_Barakah said:
Hello,


I have been using Norton for a while and I can confirm the scan speeds do not improve over time. Nothing new installed. When I run a full scan it takes almost the exact time of the first full scan with no improvements in terms of speed.

Does Norton not skip trusted or already scanned files in future scans?
Click to expand...
Norton does use trust/reputation and past scans to reduce work, but a manual Full System Scan is still designed to be very thorough, so the total time often does not decrease much (or at all) between runs.

How Norton handles trusted/already‑scanned files

Norton has features like Insight / reputation / file trust that are meant to:
  • Identify files that are very common and considered low‑risk
  • Reduce how deeply or how often those files are scanned
  • Focus more effort on new, rare, or changed files

However, there are a few important points:

  • A manual Full System Scan usually behaves more like a “belt and suspenders” check. Even if a file was clean before, Norton may still rescan it after:
    • New signatures/definitions are downloaded
    • The scan engine has been updated
    • A certain amount of time has passed
    This is by design, so that new detection methods can catch threats that were previously missed.
  • Norton’s trust/reputation system often helps more with:
    • Real‑time protection (on‑access scans while you use the PC)
    • Idle/background scans and quick scans
    …than with the wall‑clock time of a full, explicit “scan every corner” job.
  • Even when “trusted” files are optimized, Norton may still:
    • Read file metadata or a small portion of the file for quick checks
    • Walk every folder and file entry on disk
    So disk I/O overhead is still there, and that alone can keep total scan time similar.
  • If you have:
    • A lot of small files (source code, logs, browser caches, etc.)
    • A mechanical HDD instead of SSD
    • Aggressive settings (scan inside archives, network drives, etc.)
    …full scans will tend to take about the same time every run, regardless of caching.

What you can do in practice

If you mainly care about security, not benchmarking scan time:

  • Use Quick Scan or the default Smart/automatic scans for regular use.
  • Reserve Full System Scan for:
    • Occasional health checks (e.g. once a month)
    • After risky behavior (unknown software, suspicious devices, etc.)
  • Check your Norton settings for things like:
    • Archive/compressed file scanning
    • Network drive scanning
    If you don’t need those, disabling them can noticeably reduce scan time.

Summary

Norton does have mechanisms to trust and optimize already‑known files, but its Full System Scan is intentionally conservative. Because it re‑evaluates files after signature/engine changes and still has to walk the whole filesystem, you often won’t see scan times “learn” and drop the way you might expect, even though protection is still taking advantage of trust/reputation in the background.
 
  • Thanks
  • Like
Reactions: Jonny Quest, Divine_Barakah and bjm_
Bot said:
Norton does use trust/reputation and past scans to reduce work, but a manual Full System Scan is still designed to be very thorough, so the total time often does not decrease much (or at all) between runs.

How Norton handles trusted/already‑scanned files

Norton has features like Insight / reputation / file trust that are meant to:
  • Identify files that are very common and considered low‑risk
  • Reduce how deeply or how often those files are scanned
  • Focus more effort on new, rare, or changed files

However, there are a few important points:

  • A manual Full System Scanusually behaves more like a “belt and suspenders” check. Even if a file was clean before, Norton may still rescan it after:
    • New signatures/definitions are downloaded
    • The scan engine has been updated
    • A certain amount of time has passed
    This is by design, so that new detection methods can catch threats that were previously missed.
  • Norton’s trust/reputation system often helps more with:
    • Real‑time protection (on‑access scans while you use the PC)
    • Idle/background scans and quick scans
    …than with the wall‑clock time of a full, explicit “scan every corner” job.
  • Even when “trusted” files are optimized, Norton may still:
    • Read file metadata or a small portion of the file for quick checks
    • Walk every folder and file entry on disk
    So disk I/O overhead is still there, and that alone can keep total scan time similar.
  • If you have:
    • A lot of small files (source code, logs, browser caches, etc.)
    • A mechanical HDD instead of SSD
    • Aggressive settings (scan inside archives, network drives, etc.)
    …full scans will tend to take about the same time every run, regardless of caching.

What you can do in practice

If you mainly care about security, not benchmarking scan time:

  • Use Quick Scan or the default Smart/automatic scans for regular use.
  • Reserve Full System Scanfor:
    • Occasional health checks (e.g. once a month)
    • After risky behavior (unknown software, suspicious devices, etc.)
  • Check your Norton settings for things like:
    • Archive/compressed file scanning
    • Network drive scanning
    If you don’t need those, disabling them can noticeably reduce scan time.

Summary

Norton does have mechanisms to trust and optimize already‑known files, but its Full System Scan is intentionally conservative. Because it re‑evaluates files after signature/engine changes and still has to walk the whole filesystem, you often won’t see scan times “learn” and drop the way you might expect, even though protection is still taking advantage of trust/reputation in the background.
Click to expand...
Thanks for the very thorough explanation. It makes sense now.
 
  • Like
Reactions: Jonny Quest, simmerskool and Khushal
Divine_Barakah said:
Thanks for the very thorough explanation. It makes sense now.
Click to expand...
You’re welcome, glad it helped clarify things.

If you ever want to compare Norton's behavior to other AVs you’re considering (scan times, features, etc.), feel free to ask and include your system specs and usage style—people here can usually suggest what fits best.
 
  • Thanks
  • Like
Reactions: Jonny Quest and Divine_Barakah
So it really no longer uses Norton's file insight it's all Avast now and they don't really care to update the scanning engine much. I wouldn't call 'Gendigital" abandonware however it seems like they stopped pushing out new GUI updates and just focus on Malware detection rather than GUI and performance improvements.
 
  • Like
Reactions: Jonny Quest, simmerskool, Zero Knowledge and 1 other person
nickstar1 said:
So it really no longer uses Norton's file insight it's all Avast now and they don't really care to update the scanning engine much. I wouldn't call 'Gendigital" abandonware however it seems like they stopped pushing out new GUI updates and just focus on Malware detection rather than GUI and performance improvements.
Click to expand...
Well, a few months ago, the new Norton was a half-baked product and was very unpolished. Now, it seems it is almost ready; they fixed most of the interface issues and worked things out. Maybe it is not perfect, but the product is working like a charm on my device with no major issues.
 
  • Like
  • Applause
Reactions: Jonny Quest and simmerskool
Victor M said:
@Divine_Barakah so you have gone back to Norton and abandoned BitDefender ? Or are these AVs all in separate VM's ?
Click to expand...
I went back to Norton. BD support never addressed my concerns nor addressed the logs I provided them with. They were slow to respond aftterwards, so I gave up on them. BD also does not work well when fast startup is enabled in Windows.

Norton on the other hand is working without any major issues on my device.

I also tried Mcafee for a couple of days, but it rendered my device unresponsive during system imaging with O&O Diskimage 21 Premium and that never happened with neither BD nor Norton, so I guess it was Mcafee.

I really wanted to keep using BD, but Encrypted web scan drove me crazy for the endless critical warning it gave me. Disabling it oc fixed the issue, but I felt it decreased the total level of protection. One of the feature I liked the most in BD was the BD Central mobile app, which gave me realtime insights and notification about my device when I'm away, but too bad I had to uninstall it.


So for now im keeping Norton.
 
  • Like
Reactions: Jonny Quest, simmerskool, Victor M and 1 other person
Victor M said:
As I keep trying to ascertain, were the warnings regarding your in-use browser, or was it regarding your un-used MsEdge ? If it is the latter, then something is wrong, and thats why BD wants to skimp over the issue.
Click to expand...
Sorry I forgot to update you on that matter. Though I'm not using Edge, I am using Dell Support Assistant and when I login to my Dell account in Support Assistant, it opens Edge regardless of my default browser, so that triggered the faulty Encrypted Web Scan module BD which basically warns for every single Https connection and its certificate, so nothing alarming it's just the messy BD.


Edit,


I have resat my system a couple of times after that issue. Everything seems to be working now without any issues.
Norton installed with NextDNS used systemwide and in browser settings. I do run second-opinion scans every once in a while, everything comes clean.

I also do weekly full scans using Kerish Doctor and my system is working as intended and is very snappy. No issues at all. Windows is up-to-date. Drivers and software and applications are up-to-date.
 
  • Like
Reactions: simmerskool
Victor M said:
Thanks for the update. So what about moneytize ? That sounds like an advertisement campaign. Was that part of Dell's web site ? Did the warnings change ?
Click to expand...
I believe that was sth in Edge Main webpage which includes many articles from different websites.
I disabled both startup boost and the option to keep running Edge in the background when it's closed.

Regarding the warnings, disabling BD Encrypted Web Scan caused the warnings to disappear. Just take a look at BD community and see the number of users having similar issues regarding this faulty module.

This month, I have tried around 4 security products and none of them gave any warnings to online certificates except for BD. At first I was too concerned, but Norton, Eset, McAfee and Kaspersky did not throw a single warning, so the issue was from BD %100.


Edit:

When I was using BD, I constantly received warning from Chrome about the security of connection whenever I tried to access many websites. BD definitely broke the security of the connections. So I advise anyone who wants to use BD to disable Encrypted Web Scan, but that surely will affect the overall security.
 
  • Like
Reactions: Jonny Quest and simmerskool
Victor M said:
Thanks, Too bad that BD keeps doing that. They have an ok product.
Click to expand...
Don't get me wrong. I am not bashing BD, but I just shared my experience. I do like BD and they have improved a lot in terms of performance, but they need to fix the Encrypted Web Scan module and their Automatic Profiles feature which has always caused me issues, so I keep it disabled. BD has the know-how and resources to fix the issues, but it seems they dont care enough about consumer solutions? It also seems that BD might generate more FPs than other products.
 
  • Like
  • +Reputation
Reactions: Jonny Quest and simmerskool

You may also like...