05-11-2012 11:56 PM - edited 05-12-2012 12:05 AM
OS: XP Sp3
NIS: 2010 version 184.108.40.206
SONAR Settings: Advanced (automatic) / Remove Risks Automatically (off)
I'm having a problem with SONAR that I never had before and would like some clarification on a few things.
I wrote a small app using Visual Basic 6 that sends a control code to TOR (running on localhost) via MS Winsock to switch identities every 3 minutes. I've had this program running for a while but after a LiveUpdate session recently, NIS decided it was "behaving suspiciously" and deleted it.
So I have a two-part dilemma:
1. How does SONAR determine a threat and how can I stop it from deleting other programs I write?
2. During the "restore" process, I accidentally clicked "always exclude this type of threat", how do I undo that?
In regards to #2, the dialog is unclear since NIS never actually tells you what the threat is, only that an application is misbehaving but not how it is misbehaving. I assumed that this option would list the application in the exclusion list but the list is empty. I don't want to ignore a threat for all applications since one might actually be a legitimate threat.
05-12-2012 08:57 PM
Since you are running older version of Norton Internet Security, I would suggest you to upgrade to the latest version first. The latest version includes the more advanced scan engine and SONAR 4 Behavioral Protection. You can upgrade to the latest version for free of cost using our Norton Update Center:
If you encounter the same problem with the latest version, kindly report back to us and we can work together on fixing it.
05-13-2012 04:13 PM - edited 05-13-2012 04:13 PM
While I understand why upgrading is a good place to start, the reason I don't upgrade is because there is no way to export the custom rules from Smart Firewall -> Program Control.
I have too many rules with multiple criteria and the last time I upgraded I lost them all. It took me a while to get my LAN to work again because I couldn't remember all the ports I needed.