I use NIS2011.
Norton killed a file. Then, I recovered and excluded it in the history menu.
Now, the AntiVirus and SONAR Exclusions in setting is still empty, and the file can pass the scan and SONAR. So how can I find and cancel the exclusion?
I use NIS2011.
Norton killed a file. Then, I recovered and excluded it in the history menu.
Now, the AntiVirus and SONAR Exclusions in setting is still empty, and the file can pass the scan and SONAR. So how can I find and cancel the exclusion?
I use NIS2011.
Norton killed a file. Then, I recovered and excluded it in the history menu.
Now, the AntiVirus and SONAR Exclusions in setting is still empty, and the file can pass the scan and SONAR. So how can I find and cancel the exclusion?
Thanks for your attention
NIS2011 is version 18.5.0.125. I think this is the newest version.
The list of exclusion is just empty. I deleted the /system volume/ (the only one in the list as default) from the scan exclusion list just right after I installed NIS2011 months ago. So empty means all is blank, I think there is no need to take a screen shot.
Hi windyN,
System Volume Information contains your Windows System Restore points. This is excluded from scans by default because restore points cannot be modified, so viruses backed up to restore points cannot be removed. This is OK, because viruses cannot run from a restore point, anyway. Scanning System Volume Information is therefore not necessary, and it is very time consuming.
You want to set your Norton Scan Exclusions back to their default settings. Items to Exclude from Auto-Protect and SONAR Detection is supposed to be empty. "\System Volume Information\" should appear in Items to Exclude from Scans. If either of these is not what you have, click the Default Alll link at the bottom of the Scan Exclusions window to correct the entries.
Restoring the defaults will cancel any exclusions you have entered manually. If you wish to reinstate an exclusion, you would need to click the "Add" button and navigate to the file location.
If it really was a Sonar detection and exclusion. It can't be changed, edited, or removed, unless you re-install the product.
Seems very silly and unfriendly to me but I also have a couple exclusions that are nowhere to be found.
Look here, this is from 2010 but I'm not aware of any changes in 2011
Dave
DaveH wrote:If it really was a Sonar detection and exclusion. It can't be changed, edited, or removed, unless you re-install the product.
Seems very silly and unfriendly to me but I also have a couple exclusions that are nowhere to be found.
Look here, this is from 2010 but I'm not aware of any changes in 2011
Dave
In 2011 you can configure SONAR exclusions and remove them. This is configured in Computer Settings > Items to Exclude from Auto-Protect and SONAR.
What I need to do some testing on is whether an item you restore from Quarantine and choose the option to exclude from future detection gets added to the user editable list in Computer Settings. The malware samples I use for testing do not have the option to exclude via restore from Quarantine.
From the NIS Help documentation:
Returns the selected Quarantine item to its original location without repairing it and excludes the item from being detected in the future scans
This option is available only for the detected non-viral threats.
I do know this option works when you manually add exclusions to the list from Computer Settings.
Best wishes.
Allen
Hi windyN,
I understand you want to remove this exclusion. Did you determine at a later time that it was malware after all and want to remove it from the exclusion?
Is this a program you can provide me a link to so that I can do some testing on this? If you can send me a link to the file, please do so in PM ONLY. Do NOT post the link on the forum here.
You can click on my username and then click on "Send this user a private message". Please provide details to me in PM about what kind of file this is and what type of malware it is, if applicable.
I have a test laptop I can do some testing on.
Best wishes.
Allen
Thank you for your help!
I have tried to set default in "Items to Exclude from Scans", "Items to Exclude from Auto-Protect and SONAR Detection", and "Signatures to Exclude from All Detections". But the "default all" could be click only in "Exclude from Scans" and system volume information was restored. The file I had excluded was still hiding.
I have asked some NIS2011 users in my location, they said only the file set in exclusion manually could be shown. So there is still a bug that the file excluded in history menu would be hidden. The only way to recover it is to reinstall NIS....
There isn't a link for this file because it is in a large zip I downloaded it from P2P. It is some kind of install tool for a game. It is killed by scan not SONAR. I have run it before I scan it. It took several seconds before the window appeared so I think SONAR was doing some test. But at last it passed SONAR. So I think it may be possible not to be virus. The thread name is Suspicious.Cloud.5.A.
What I worried about is that If we cant see the hidden list, then we do not know what is in that list. If we excluded some dangerous files to that list by mistake, then there will be no way to change back...
Hi windyN,
It won't help you for this occurence but I am going to pursue this because I also suspect that excluding a file from the Quarantine is not getting added to the user editable exclusion list and if true I would consider this a bug also.
For now if clicking on Default All as SendOfJive suggested did not work for you then the only other way would be to uninstall and reinstall NIS.
Here is my boiler plate on this.
If you use Identity Safe you should back up this data first. Please see this link for details on how to do this. If you have any other customized settings make note of these also or take screen shots that you can refer to later.
Please download the full version of NIS 2011 from here. Please note that this is the English version so please let me know if you need a different language and I will provide the appropriate link.
You can get your Norton product key from your Norton Account.
For your protection, disconnect from the Internet before continuing.
Do a conventional uninstall of NIS via the Control Panel and then restart your computer. Choose the option to NOT save user data and settings.
Then please install NIS 2011 from the full version downloaded earlier. Once installed please reconnect back to the Internet and run Live Update repeatedly (rebooting as requested) until it reports there are no more updates.
Be sure to restore Identity Safe data also.
Hope this helps.
Best wishes.
Allen
Hi windyN,
Would you be willing to ZIP up the file in question and send it to me?
Please check your PM. You should see a icon near the upper right corner of your browser. Click on that and you will see a PM from me. I'll have further information there.
Thanks and best wishes.
Allen
Thanks, AllenM.
So I think I need to be more careful next time when exlcuding a file as this action cant be undone.
Hope they would fix this bug in NIS2012.
Hi wendyN,
I would like to report this to Symantec but would prefer to do some testing first so I can 1. confirm that I can reproduce it and 2. to gather any information Symantec might need to look into this.
Also, please remember that if you add a file or directory to the exclusions list via Computer Settings and not from restore from quarantine, then you can remove the exclusion as desired.
I got your PM, thanks.
Best wishes.
Allen