Re: Let the user decide whether or not to quarantine a file

Michael_s · ‎01-04-2011

I fully support this idea.

It is not ok that Norton is able to delete ( / quarantine - the problem is: in a few cases the file is not quarantined!) files without the confirmation of the user. There should be an option to "Trust" or to "Add the file to the secure zone" (not sure if that's the accurate expression in the English version).

Perhaps, Symantec doesn't want to add this option because the ordinary user could mistakenly allow a file which is infected. In this case, I suggest that this option shouldn't be available by default, but only after the (experienced) user has activated it. Any experienced user needs such an option!!

(Alternatively there could be the option to 'Block' the file - then, it can do no harm, too - no need to always delete it at once.)

There are apparently many people who refuse to buy / continue buying Norton because of this. For my part, I won't buy Norton after my trial periode. It is annoying that a software can delete on its own some of my files (some of which have been rated secure in previous scans! - So it's no help adding these files manually to the secure zone since you never know if Norton will rate your file 'evil' the other day...) Apart from that, adding a file to the secure zone is not always a help: as soon as you rename it or move it to another folder, the exception would be without any use).

Please change this.

ManFromOz · ‎01-08-2011

Fully supported. Do not take away user control.

But Michael_s has touched on a very serious variation of the theme - "in a few cases the file is not quarantined".

I have experienced instances of a false positive being detected, and for no given reason being removed without quarantining. IMHO, this is unforgivable.

If you think that it's a pain to have to retrieve a file from quarantine, and then add it to an exceptions list to avoid recurrence, consider what it's like to have a 2-gigabyte file (a VMware virtual drive, containing hundreds of files that make up a virtual machine drive) inexplicably treated as infected, and removed without quarantining. Our fault that we did not have a current offline backup, but it took some 10 hours to recover the lost data.

Interestingly, a separate copy of NAV was installed on that virtual machine, and even full scans had detected no infections. Hence our conviction that we suffered a false positive on the host OS. But that should not be relevant. It should not be acceptable to have a program remove a file, with no option to restore it and no consent by the user.

(Both the host OS and guest/virtual OS were running fully-updated NAV 2010 at the time, shortly before the 2011 rollout.)

n2009user27 · ‎12-04-2008

After 4 months, still no response from the Norton Product Team as to whether this will be put "under consideration". Is there anybody out there, Symantec?

amloessb · ‎12-25-2010

~~Symantec has~~ The moderators have linked some of the newest ideas on the forum to this post, asking users to continue the discussion here, so I would hope ~~they are~~ Symantec is watching.

I also highly support this feature, and have had experience with the problem which Michael_s and ManFromOz mentioned, which is the outright deletion of certain detected files (I created a detailed suggestion here a while back).

+Kudos, and I really hope this gets integrated into a future release.

Tomwa · ‎02-17-2011

The lack of this feature is the ONLY thing that prevent me from buying NIS 2011 or NAV 2011 as of now, I want to ultimately have the decision on what is quarantined not only be left to deal with the havoc that an AV's choices dealt to me. Implementation of this feature would be the only way to get me to buy this software.

Much love,

Tomwa Ivory

athena · ‎04-07-2008

Thank you all for the input. We have the "Ask Me" option available today under settings only for threats that are identified as low risk. The idea is we want to protect the users right away if there is a medium or high risk threat detected. I understand though that more advanced users would like to extend this setting to all Insight detections.

RebeccaO · ‎12-15-2010

Calando · ‎03-11-2011

Yes! It is good idea. There are some advanced users who need more control over protection. I hate automation, thats why I don't like Norton.

mfraz · ‎03-25-2011

I completely agree, Norton needs to add this feature. I am seriously considering dropping Norton altogether, I am an advanced user and I don't want it deleting downloaded files just because "very few users" have downloaded it. Absolutely ridiculous. I also use specialized software in my business and I have had Norton delete the executables without asking me simply because "very few users" have used the program. Luckily I was able to figure out how to restore those files (after a few headaches), but I am tired of trying to figure out how to restore a downloaded executable that has been quarantined.

gabranth · ‎06-05-2009

i personally think it should be removed as it doesn't work and what really concerns me is that it targets open source software while leaving proprietary software alone only once has it targeted proprietary software the rest have been open source or indie software like it gives EA sims 3 software excellent ratings but a game like ai war gets poor ratings even though sims 3 is more of a risk because you have to disable DEP and it uses securerom infact i just did a rep scan its only open source/indie software in the unproven/poor category ai war, smplayer, libreoffice, firefox, mucommander, filezilla, and that nokia QT thingy not a single proprietary program ok ai war is there but thats indie.

question: does symantec get paid by proprietary software companies to give there products good ratings??