Hello, I'm a Norton AntiVirus user.
For the time I have used Norton, I have always never had an issue with the program, and I feel I recognize its authority of being recognized as a great AntiVirus choice. One of the aspects I love about it is its unique choice of customizability. Almost every option within the settings of Norton can be tweaked or changed. These include Boot-Time protection, Heuristic Protection, and Behavioral Protection, it is super great for advanced users.
However, when Norton detects threats, usually a large 'Threats Detected' window will appear. The often recommended option is simply 'Fix', and recently, I have felt this is often vague. Some users may interpret it as Norton removing the file or disinfecting it and allowing it to work. However, it just Quarantines it.
To help sustain Norton's already brilliant customizability, there should be more options for the user to any detected threats. I feel there should be three, along with exclude.
Delete - Norton removes the file/object
Quarantine - Norton removes and encrypts the file and allows for it to be restored later
Disinfect - Norton thoroughly analyzes and removes the malicious component from the file - processes and background tasks may need to be suspended for this to work
If Quarantine and Disinfection fails, Norton should just delete the object. However, Disinfection can also allow Norton to remove advanced threats that may not normally can be easily deleted, and allows for a clearer removal of the malware. If this is a worry of potentially causing confusion within the software, by default and applicable, the option should just be quarantine. It allows for the file to isolated, causing no threat, while also allowing it to be restored later.
However, I feel like this could be customized in the settings on what Norton will normally do for the infected file. For cases in where Norton automatically deletes a file, like with Download Insight, it is likely best just to either delete or quarantine it.
I feel like these changes will benefit Norton in allowing users to recognize more of its capability. According to 'Act on quarantined risks or threats', Norton can delete and disinfect items, but the latter can only be done after the item was quarantined. This can create difficulties in the user experience and how the program operates.
If Norton already detects active malware, instead of a large 'Threats Detected' window, a smaller pop-up should appear at the bottom right of the user's screen. Indicating how many threats were detected. If the user wishes to see more info, Norton should bring up the larger 'Threats Detected' window. The smaller pop-up leads to a less invasive user experience. From there, the user can decide what Norton should do with the file, mentioning the suggestions I listed above.
These changes will force some minor changes to the product's UI, but it should lead to a greater user experience. I understand there may be discrepancy with these features and the way Norton operates, but I have noticed Norton has improved many aspects of the program. Most recently with its newer UI, and I do wish these ideas can be considered with the program.