Not what you are looking for? Ask the experts!
SONAR.Heuristic.120 deleting product files without even a quarantine
We are a ISV (in business since 1997) with software products. Our customers who have Norton are notifying support because our product stops working. When we investigate, file(s) have been DELETED from their installation. SONAR.Heuristic.120 They were not asked, it just happened; they typically didn't even notice the small notification from SONAR. The files that were deleted, sometimes without quarantine so they can't be restored, perform some network activity integral to the operation of the client/server product(s). In some cases, In some cases these files are the programs for windows services on a server that allow clients to access the program from other machines on the LAN. In other cases, it sends email notification to us using one of our pop accounts (for example there is a Help... Email support feature that sends us log files with the support request). We can find no way to fix other than turning off SONAR to fix this which customers are reluctant to do. Yes, we are submitting the files as false positives, and one by one they are being whitelisted, but this takes time and is a nightmare (and will apparently need to be repeated for every file with every release which is a manual process of filling out a web form for every file) and is hurting our reputation as a vendor (not counting the support hours to deal with this). How can we avoid this from our end. Our customers are NOT technically savy and typically do not have a technical support person, so configuring any security software will have to be a cookie cutter recipe for them. We need to find a way to stop this. I am technical and can't find a way to tell SONAR to leave files alone so I can't write the recipe. It used to be easy to configure filewalls to ignore specific programs and ports and we document how to do this, but I don't see how to do this with the current version, so how can I tell my customer? Right now we're having to recommend our customers switch to MS Essentials instead since (so far) they leave our products alone.