I wrote a program named "xyz.com". This program uses OLE automation (like ActiveX) to automatically open Microsoft word and auto-load a document.
After installing Norton 360, everytime the program attempts to launch word and load the document - N360 pops up a notification saying "Data Protector blocked a suspicious
action taken by xyz.com."
When I click "View Details" of the threat, I get these details:
Status: Excluded
Program Path: C:\Program Files (x86)\MYCOMPANY\xyz.exe
Program Name: xyz.com
Action Observed: Suspicious process attempted to modify attributes of a file protected by Data Protector
Target: C:\ProgramData\Microsoft\OFFICE\DATA\opa11.dat
This windows computer has two accounts, one "admin" and the other a non-admin type user (limited). The PC is normally used under the non-admin account for security
reasons.
Since I can not access the Norton 360 Antivirus settings when logged in as the non-admin user, I'm assuming that when I log in under the admin user and make changes to
Norton 360 antivirus settings, they will effect the non-admin user also - is this a correct assumption?
So, while logged in as the admin user, I tried these things:
1) I added the full path to my xyz.exe file to the "Items to exclude from auto-protect, Script Control, Behavioral Protection and Download Intellegence Detection" on the
"Scans and Risk" tab of the "Anti-Virus" section of the Norton 360 settings.
2) I also added the folder that contains the xyz.exe file as another "Real-Time Exclusion" in the same list as item #1 above.
3) I also added the full filespec of the xyz.exe file as in #1 above to the "Process Exclusions" section on the "Data Protector" tab of the Anti-Virus settings in Norton 360.
4) I also added the full filespec of the word app (C:\Program Files(x86)\Miscorsoft Office\Office11\WinWord.exe to the same Data Protector Process Exclusion list as item #3
above.
But after making the above changes in Norton 360, then switching windows to the non-admin window users account, when I run my app to automatically open Word and
load a file, it will pop-up that "Threats Blocked" dialog.
I did notice that if I stay logged in as the admin windows user, then doing the above changes seem to work to prevent any "Threats Blocked" dialog from appearing.
So I thought maybe I have to do the above settings while logged into the non-admin account, and since I can't access the anti-virus settings while logged into that non-admin account, I changed the account type of that accout temporarily to an admin type and all of the changes I did under the admin account were already done.
So it looks like my assumption that the norton 360 settings apply to all users of the PC seems to be correct, but then why do I only get the "Threats Blocked" dialog why I am logged in as a non-admin user?
Any suggestions on how to fix this would be greatly appreciated!