u can set the exe file as trusted by user and it will always be skiped at scanes

You need to submit your file to Symantec to have them add it to the allowed list. Follow the directions to manually submit a file at the bottom of this Symantec knowledge base article.

 

> You need to submit your file to Symantec to have them add it to the allowed list.

> Follow the directions to manually submit a file at the bottom of this Symantec knowledge base article.

 

The link above refers to NIS2010. NIS2012 does not seem to have 'Submit to Symantec' button as described.

 

Try this article.

 

It covers reporting false positives. That should get you the links your need to report your files.

i'm sorry i was a bit unclear i had false positives problems with self playing exe files created by screen2 exe program a program with wich u can make video screen recordings my solution for that problem was before playing them i used norton file insight and set them trusted by user u can do that by rightclick on file and u have norton internet security and there u have insight network scan and norton file insight click on norton file insight and it will tell u date of creation of file how many users and program that created and u can set that file trusted by user that way that file will never be scaned on that pc also cos it runs on norton trust network it will apear as a posible good file for all norton users

Ok, now I have more details: It seems, that SONAR in NIS2012 on Windows XP HOME with SP3 is preemptively deleting ANY EXE compiled right now with Powerbuilder 6.5.1. This is NOT the case with the same EXEs compiled up to approx. mid-March 2012. Source code is the same, just one compilation was today, original in March. I used different computers and different Powerbuilder applications for compilation, all of them virus and malware free, one computer with up to date NIS2012. When Powerbuilder created EXE is run it works, until a keyboard key is pressed (any key). Then SONAR deletes EXE and says that the reason is (my translation):

 

Suspicious operation: Event: interception of pressed key

 

It also says 'Very few users, very new, High threat' - as I say application was just compiled, I wonder then what it would say about NIS2012 right after its compilation:-) Now seriously again, this is happening ONLY on Windows HOME with SP3, it is NOT happening on XP Professional with SP3 and not on Windows 7 64-bit that I am also using for testing. Also, the change to SONAR that affects my Powerbuilder executables has been done by Symantec probably close to April 15. Before everything was fine for many years.

 

Symantec should try to fix SONAR somehow, because it is doing quite a bad job for everybody with these deletions. Digital signing, fine, file exclusion, fine, but still branding as high threat and deleting ANY EXE created with Powerbuilder 6.5.1 (I don't know about other versions) makes no sense to me at all, no matter how I look at it.

 

---

azaleski wrote:

Ok, now I have more details: It seems, that SONAR in NIS2012 on Windows XP HOME with SP3 is preemptively deleting ANY EXE compiled right now with Powerbuilder 6.5.1. This is NOT the case with the same EXEs compiled up to approx. mid-March 2012. Source code is the same, just one compilation was today, original in March. I used different computers and different Powerbuilder applications for compilation, all of them virus and malware free, one computer with up to date NIS2012. When Powerbuilder created EXE is run it works, until a keyboard key is pressed (any key). Then SONAR deletes EXE and says that the reason is (my translation):

 

Suspicious operation: Event: interception of pressed key

 

It also says 'Very few users, very new, High threat' - as I say application was just compiled, I wonder then what it would say about NIS2012 right after its compilation:-) Now seriously again, this is happening ONLY on Windows HOME with SP3, it is NOT happening on XP Professional with SP3 and not on Windows 7 64-bit that I am also using for testing. Also, the change to SONAR that affects my Powerbuilder executables has been done by Symantec probably close to April 15. Before everything was fine for many years.

 

Symantec should try to fix SONAR somehow, because it is doing quite a bad job for everybody with these deletions. Digital signing, fine, file exclusion, fine, but still branding as high threat and deleting ANY EXE created with Powerbuilder 6.5.1 (I don't know about other versions) makes no sense to me at all, no matter how I look at it.

 

---

You mention you have different versions of Powerbuilder on different computers. Is it possible to take the version that is on one of the working computers and install that on the XP Home computer?

 

The issue seems to be with Sonar and Powerbuilder exe's, but if the other version of Powerbuilder works, then it can help Symantec to find a solution to your problem.

The settings for Sonar give an option to have Norton ask you for each detection. Click Settings - Computer - Real Time Protection and click on the setting button beside Remove Risks Automatically. See image below. This will give you control of what to do with a file detected by Sonar.

 

A Symantec Knowledge Base article on Sonar can be found here.