Auto-protect cannot be turned off

In setting, auto-protect is greyed out and does not let me turn it off.

It is not greyed out after restarting, but then I turn it off and say Permanently!, but after a while it becomes enabled and will not let me turn it off again.

This is a show stopper for me - I absolutely must have it disabled for long periods of time (with internet connection off) to test my projects. Right now, I'm forced to uninstall Norton before I can proceed, which is rediculous. No antivirus should prevent me from doing what I need on my own computer.

 

I'm using Norton Internet Security 2011 that I got recently.

I searched on the net, but all I could find is that it was the same with Norton Internet Security 2010.

 

Please help. I'll really appreciate any input! Thank you!

 

Thank you for the reply. My NIS 2011 version is 18.1.0.37, but I found it was the same on NIS 2010. OS is Win XP SP3. AutoFix didn’t help. Auto-protect becomes turned on and grayed out. Impossible to disable without restart. This happens after it quarantines one of my the executables my tools useand says its Backdoor.Graybird. Firstly, it is not a virus for certain, because I work with the guys who wrote it, etc. Secondly, I’m not doing anything with the executable at the time and I put all my hard disks on exclusion for auto-protect, but it still randomly quarantines the executable. Backdoor.Graybird is not in the list for “Signatures to exclude form all detections”, so… Is there any way to get NIS to stop harassing my files? :slight_smile: Thank you!

 


neverknowzx wrote:
Thank you for the reply. My NIS 2011 version is 18.1.0.37, but I found it was the same on NIS 2010. OS is Win XP SP3. AutoFix didn't help. >>> Auto-protect becomes turned on and grayed out. Impossible to disable without restart. This happens after it quarantines one of my the executables my tools use and says its Backdoor.Graybird.  <<<  This is new information....umm, not in your OP
So, you are now reporting Auto-protect toggles on & greyed out after NIS quarantines an exe.  What exe & what tools
Firstly, it is not a virus for certain, because I work with the guys who wrote it, etc. Secondly, I'm not doing anything with the executable at the time and I put all my hard disks on exclusion for auto-protect, but it still randomly quarantines the executable. Backdoor.Graybird is not in the list for "Signatures to exclude form all detections", so... Is there any way to get NIS to stop harassing my files? :) Thank you!

 

Please clarify > but I found it was the same on NIS 2010.  

Are you reporting that you had the same Auto-protect issue with your NIS 2010 product.   Or, are you reporting

that you searched on the net and that you found other users (not you) with the same Auto-protect issue with NIS 2010.

Please >>>>>>>

Is NIS System Status reporting Secure

Is NIS tray Icon showing green with white check

What Security product did you run before NIS11

You recently started running NIS11....so, what security product were you running before NIS11.

How did you obtain NIS11.   Retail CD, Symantec Store, Update Center /  ?

R U running any other Active Protection / Real Time Security products.


There seems to be two parts to the problem, one may be a bug, but the other is they way Norton is suppose to work, to do with the flag.

 

Quads

 

OK

AS I said there are 2 parts to the problem. It is not all one.

 

1. Looks like a bug,

2. Is the way Norton is suppose to work according to the flag.

 

Quads

 

 

Thank you for your attention. Maybe we can actually solve this :)

 

Clarifications you asked for.
I found on the net the very same thing for NIS 2010.
NIS Status is Insecure while auto-protect is off, but Secure when auto-protect turns on by itself with no hope of turning it off.
Like above, the icon is green when auto-protect becomes on.
Before, I used NIS 2010. I do remember the same issue here as well, when auto-protect was grayed-out, but it wasn't critical back then, since I didn't need to leave it off for long.
I bought NIS 2011 on a CD.
No, I'm not running any other security products.

 

It looks NIS does this on purpose. Looks like NIS finds the exe - why on Earth if I excluded HD and turned off auto-protect and SONAR and not scanning at the time - and when it finds the exe and thinks its a virus, it forces auto-protect on, probably thinking only dumb people turn off auto-protect.

The question is, is there any way to make sure auto-protect stays off, like killing one of NIS processes or something?

 

 


neverknowzx wrote:

It looks NIS does this on purpose. Looks like NIS finds the exe - why on Earth if I excluded HD and turned off auto-protect and SONAR and not scanning at the time - and when it finds the exe and thinks its a virus, it forces auto-protect on, probably thinking only dumb people turn off auto-protect.

The question is, is there any way to make sure auto-protect stays off, like killing one of NIS processes or something?


 

Maybe your new to the Community or just new to posting on the Community.

Either way.  Quads knows his %$@# and I mean that in the most venerable and respectful way. 

Quote > one may be a bug, but the other is the way Norton is suppose to work, to do with the flag.

Request Help from the Community at large and from Symantec volunteers (red names)

There's a bug...the bug may be in Insight, where you are unable to trust the file, the file is blocked, with no recourse to trust it.    With Auto-protect Off ~ some component is acting to quarantine.   Once quarantined. 

I imagine Auto-protect is toggled On because Quarantine requires Auto-protect to resolve quarantine.  

A file will be deleted if:

1.  It matches a signature

2.  It does something it shouldn't

3.  Nobody else has it, or problems have been reported with it.

This is all supposition and conjecture.   What NIS does under the hood is way over my pay grade. 

Hopefully, those in the know from the Community will chime in.

Symantec reviews these posts...So, hopefully

Best Wishes

bjm_


reactivate wrote:

neverknowzx wrote:

In setting, auto-protect is greyed out and does not let me turn it off.

It is not greyed out after restarting, but then I turn it off and say Permanently!, but after a while it becomes enabled and will not let me turn it off again.

This is a show stopper for me - I absolutely must have it disabled for long periods of time (with internet connection off) to test my projects. Right now, I'm forced to uninstall Norton before I can proceed, which is rediculous. No antivirus should prevent me from doing what I need on my own computer.

 

I'm using Norton Internet Security 2011 that I got recently.

I searched on the net, but all I could find is that it was the same with Norton Internet Security 2010.

 

Please help. I'll really appreciate any input! Thank you!

 


This was happening with me, but I have since reformatted my computer and re-installed Norton internet security. If it happens again to me I will let you know, before I completely uninstall Norton for good. For me I agree with another poster on another thread. "If it's not broke don't fix it"  I had no problem with Norton internet security 2010. I have also had the issue of Norton community watch submitting data when I had it disabled in settings, that was a big concern because this is a privacy issue. I don't suppose you will get any answers from symantec, although I noticed the problems seemed to occur after Norton insight Identified a safe file as suspicious and removed it. I know it was safe because after the incident I had the developer submit the file to Symantec for analysis. Maybe a case of Norton or Symantec over-reacting to a supposed threat.

 

Did this happen after you tried to turn auto protect off in settings?  I think this might also have been a reason why the same thing happened to me. Maybe if you try to change the default auto protect setting it re-enables and prevents you accessing it for a period of time afterwards.


 

Keep thinking,

 

I can cause the grayed out sliders on purpose in testing, and in the past, Norton is working correctly by doing so, according to the flag.

 

Nothing to do with reformatting or Norton being faulty or a bug in that respect.

 

Gee how many people love reformatting.

 

Quads

 

 

Thank you for your help. This anwers the guesses.

 

Quote: I can cause the grayed out sliders on purpose in testing, and in the past, Norton is working correctly by doing so, according to the flag.

But can we really exclude the file or really disable auto-protect permanently? By really I mean so auto-protect doe not snap back on. It isn't right for an anti-virus to block me from doing what I want with my computer. Is there a way?

 

Maybe this will explain with pretty screenshots for all

 

Due to the detection of "Backdoor.Graybird" and the flag that is in the definitions for this threat Norton is doing what it is suppose to, there may be more than one flag type that has Norton do this

 

I have done the same with W32.Virut.CF, on My PC.

On Detection Norton states this, (Note: I am using 360v5)

 

RestartReq.jpg

 

 

Which Norton then locks everything in place ready for when the action is ready to be completed.

 

 

Locked Norton settings.jpg

 

So Norton is Correct.

 

Now on to the what I suspect is a bug,  " but then I turn it off and say Permanently!, but after a while it becomes enabled"

That looks like it's a problem where Norton is not honoring the Permanently duration setting set by the user, which I think I have come across before. Where Norton honors the 15min,  up to Until Restart settings but not the Permanently  one.

In saying that what use wound Norton be Permanently disabled is head scratching.

 

If your Programs or files are legit you can submit them to Symantec as a False Positive for them to test it and update the definitions if indeed legit and Non Malicious.  If Malware or you are testing Malware then bad luck.

 

"But can we really exclude the file

 

Yes, By going into the Settings Menu, Antivirus, and click the "Scans and Risks" tab.

 

There you will see in the list where you can configure Norton to Exclude files / folders from Scans and / or  Auto-Protect and Sonar.

 

Exclusions lists.jpg

 

 

Quads

 


Quads wrote:

Keep thinking,

 

I can cause the grayed out sliders on purpose in testing, and in the past, Norton is working correctly by doing so, according to the flag.

 

Nothing to do with reformatting or Norton being faulty or a bug in that respect.

 

Gee how many people love reformatting.

 

Quads

 

 


I don't get where you are comming from with the reformatting comment, but if you are thinking I reformatted my harddrive because of issues with Norton, that is not the case.  There were multiple errors and warnings in event viewer, but unfortunately they were not resolved by re-installing my computer back to factory settings. chkdsk did not find any problems either. I actually have only reformatted my harddrive this once, and only did it as a last resort.

 

In setting, auto-protect is greyed out and does not let me turn it off.

It is not greyed out after restarting, but then I turn it off and say Permanently!, but after a while it becomes enabled and will not let me turn it off again.

This is a show stopper for me - I absolutely must have it disabled for long periods of time (with internet connection off) to test my projects. Right now, I'm forced to uninstall Norton before I can proceed, which is rediculous. No antivirus should prevent me from doing what I need on my own computer.

 

I'm using Norton Internet Security 2011 that I got recently.

I searched on the net, but all I could find is that it was the same with Norton Internet Security 2010.

 

Please help. I'll really appreciate any input! Thank you!