For NIS/NAV users!

Discussion in 'ProcessGuard' started by siliconman01, Nov 11, 2004.

Thread Status:
Not open for further replies.
  1. siliconman01

    siliconman01 Registered Member

    Joined:
    Mar 6, 2003
    Posts:
    780
    Location:
    West Virginia (USA)
    For Norton Internet Security and Norton Antivirus users-

    Lucomserver_2_5.exe in C:\Program Files\Symantec\LiveUpdate needs to have Install Drivers/Services privileges. The most recent liveupdate by Norton appears to make changes in service SymIDSCo and Lucomserver tries to re-install this driver/service but will be blocked if not permitted in PG.

    The name Lucomserver_2_5.exe may vary based on the version of Norton you have.
     
  2. Oremina

    Oremina Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    209
    Location:
    England
    Siliconman01

    Assume you have version 2.5.55.0?

    I ask because all my updates are spot on but I haven't had any alerts from PG. Running NIS2005 (for the moment anyway.)
     
  3. siliconman01

    siliconman01 Registered Member

    Joined:
    Mar 6, 2003
    Posts:
    780
    Location:
    West Virginia (USA)
    I have NIS 2005. The PG alert block came through this AM when Lucomserver downloaded ids$20defs$202005$20microdefs25_microdefsb.curdefs_symalllanguages_livetri.zip
     
  4. Oremina

    Oremina Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    209
    Location:
    England
    I have that one too (2.43kb, 3 files)... properties say created 1 November 2004 10.38.41 AM and modified 11 November 2004 9.17.05AM (I presume this is when I d/l'd it...but can't remember for sure.)

    Odd. o_O
     
  5. siliconman01

    siliconman01 Registered Member

    Joined:
    Mar 6, 2003
    Posts:
    780
    Location:
    West Virginia (USA)
    Perhaps the difference is that I have NIS Self Protection turned off and am letting PG do all the protecting, eh? :eek:
     
  6. Oremina

    Oremina Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    209
    Location:
    England
    No, have been following all these threads for some time and the first thing I did was turn off NIS self protection (plus one or two other things which are about as much use to me as a chocolate fireguard.) However, I have given the install Drivers/Services privilege as per your post. I may disallow again and see what happens.

    Maybe someone else will add to this if the same has or hasn't happened to them.
     
    Last edited: Nov 11, 2004
  7. siliconman01

    siliconman01 Registered Member

    Joined:
    Mar 6, 2003
    Posts:
    780
    Location:
    West Virginia (USA)
    Here's my PG log entry about it.

    Thu 11 - 03:50:11 [EXECUTION] "c:\program files\symantec\liveupdate\lucomserver_2_5.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\svchost.exe" [760]
    [EXECUTION] Commandline - [ "c:\progra~1\symantec\liveup~1\lucoms~1.exe" -embedding ]
    Thu 11 - 03:50:50 [DRIVER/SERVICE] c:\program files\symantec\liveupdate\lucomserver_2_5.exe [4068] Tried to install a driver/service named SYMIDSCO
    Thu 11 - 03:50:50 [DRIVER/SERVICE] c:\program files\symantec\liveupdate\lucomserver_2_5.exe [4068] Tried to install a driver/service named SYMIDSCO
     
  8. Oremina

    Oremina Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    209
    Location:
    England
    I've just disallowed the privilege, so I'll see what happens. I can well remember Norton's Naveng and Navex wanting those allows when I was using PG2 and, if I remember rightly, PG3 beta. But since PG3 came out 11 days ago, I haven't had one instance of any prog wanting to install Drivers/Services.
    Possibly Baldrick may be able to add a little as he appears to keep a close eye on PG3/NIS 2005 problems.
     
  9. Oremina

    Oremina Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    209
    Location:
    England
    Siliconman01
    And now I'm feeling extremely foolish (in public too!!) Well, it's not for the first time in my life and probably won't be the last.
    I have been through my PG log and see this:-

    Thu 11 - 09:17:22 [DRIVER/SERVICE] c:\program files\symantec\liveupdate\lucomserver_2_5.exe [1620] Tried to install a driver/service named SYMIDSCO
    Thu 11 - 09:17:22 [DRIVER/SERVICE] c:\program files\symantec\liveupdate\lucomserver_2_5.exe [1620] Tried to install a driver/service named SYMIDSCO

    What can I say... I shall do my usual fall-back for cases of dire emergency and open another bottle of Bishops Finger.
    I watch those PG alerts like a hawk (normally) but today I goofed. I thought it a bit odd anyway after you had mentioned it, so checked the logs and found the above.

    I can only plead insanity and apologise for wasting your time.
     
  10. siliconman01

    siliconman01 Registered Member

    Joined:
    Mar 6, 2003
    Posts:
    780
    Location:
    West Virginia (USA)
    Well, at 3:45 a.m. in the morning, I was kinda thinking I was seeing "red"...that's why I rechecked the log. :D Have a Bishops Finger for me too!
     
  11. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,301
    Location:
    South Wales, UK
    Hi there

    Been away on business in Europe and thought I had missed all the fun but.....as described by siliconman......it happened. I am running version 2.5.56.0. Oremina, have also noted that there appears to be no need to grant Naveng and Navex privileges as of old.

    At present I can add nothing more to what you have both discovered.

    Best regards



    Baldrick :D
     
Thread Status:
Not open for further replies.