SONAR automatically deletes wanted file dpnsvrm.exe

Norton Security | Norton Internet Security
1

Hi

 

Can anybody please advise on this please? I use MSN Spy Monitor however every time i install this the above file is flagged up and automatically deleted by SONAR.

 

I have excluded MSNSpyMonitor in Signature exclusions, have excluded the relevant folder and files in Sacan Exclusions and have Advanced heurestic protection set to off in my settings.

 

 Thanks in advance

 

DL.

2

Hi daley_lama, welcome to the Norton Community :-)

 

So SONAR is still quarantining the file even after you have added it to exclusions? I know that NAV and NIS 2010 had this problem (a hotfix has been released for this bug), but I've not yet heard of Norton 360 displaying this behaviour.

 

Can you please indicate the exact version of your Norton product? Also, what kind of Operating System are you running?

 

In the meantime, you can submit the file which you regard as a false positive to Symantec via this form:

https://submit.symantec.com/dispute/false_positive/

Message Edited by Yaso_Kuuhl on 10-12-2009 06:45 PM
3

Hello Yaso and thank-you for the warm welcome.

 

I am currently on

 

Product Name: Norton 360

  • Version: 3.0.0.135

    •  

    For Windows I run Windows Vista Home Basic

     

    Norton 360 SONAR does not even quarantine the file, it simply removes the file, bypassing quarantine. Initially, two files were being deleted, this file and file vssvcm.exe. Excluding the program stopped the latter being deleted but not the former.

     

     I will use the attached form as advised.

     

    Many thanks

     

    DL

     

     

    4

    Thanks for the information, daley_lama.

     

    The latest version of Norton 360 is 3.5.2.11; have you tried running LiveUpdate manually to see whether you receive this upgrade?

    5

    Hi

     

    I've run LiveUpdate manually and unfortunately it has failed to update the version. My current edition is approximately 6 months old i think.

     

    May I ask a question regarding the submission you suggested earlier? It looks to me like a form for developers to submit their programmes for re-appraisal whereas I am an end user, so I don't think I can really fill this in. I have e-mailed the suppliers to ask them if they can submit the form.

     

    Thanks

     

    DL

    6

    daley_lama -

     

    First, you can check for the newest version of N360 here at the Norton Update Center

     

    After that (and for future reference), SONAR exclusions are NOT handled through Scan Exclusion lists nor through the Auto-Protect Exclusion list.  You can not manually set up a SONAR exclusion.  The only way to add one is by restoring the file through the History log of Resolved Security Risks or SONAR activity.  If the deletion shows up there, you will have the option of restoring the risk AND at the same time, making this an exception (Exclusion) to the SONAR scan.  The only reason this would not be offered to you is if this was flagged by SONAR as a positive HIGH Risk item.  In this case it would delete the file and you have no option on restoring it.

     

    If this is what you find in the history logs then the FP form would be your best recourse.  You can also send the file to an independent testing site like Virus Total to get a second opinion on the validity of the file.