For NIS/NAV users!

Discussion in 'ProcessGuard' started by siliconman01, Nov 11, 2004.

Thread Status:
Not open for further replies.
  1. siliconman01

    siliconman01 Registered Member

    Joined:
    Mar 6, 2003
    Posts:
    781
    Location:
    West Virginia (USA)
    For Norton Internet Security and Norton Antivirus users-

    Lucomserver_2_5.exe in C:\Program Files\Symantec\LiveUpdate needs to have Install Drivers/Services privileges. The most recent liveupdate by Norton appears to make changes in service SymIDSCo and Lucomserver tries to re-install this driver/service but will be blocked if not permitted in PG.

    The name Lucomserver_2_5.exe may vary based on the version of Norton you have.
     
  2. Oremina

    Oremina Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    209
    Location:
    England
    Siliconman01

    Assume you have version 2.5.55.0?

    I ask because all my updates are spot on but I haven't had any alerts from PG. Running NIS2005 (for the moment anyway.)
     
  3. siliconman01

    siliconman01 Registered Member

    Joined:
    Mar 6, 2003
    Posts:
    781
    Location:
    West Virginia (USA)
    I have NIS 2005. The PG alert block came through this AM when Lucomserver downloaded ids$20defs$202005$20microdefs25_microdefsb.curdefs_symalllanguages_livetri.zip
     
  4. Oremina

    Oremina Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    209
    Location:
    England
    I have that one too (2.43kb, 3 files)... properties say created 1 November 2004 10.38.41 AM and modified 11 November 2004 9.17.05AM (I presume this is when I d/l'd it...but can't remember for sure.)

    Odd. o_O
     
  5. siliconman01

    siliconman01 Registered Member

    Joined:
    Mar 6, 2003
    Posts:
    781
    Location:
    West Virginia (USA)
    Perhaps the difference is that I have NIS Self Protection turned off and am letting PG do all the protecting, eh? :eek:
     
  6. Oremina

    Oremina Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    209
    Location:
    England
    No, have been following all these threads for some time and the first thing I did was turn off NIS self protection (plus one or two other things which are about as much use to me as a chocolate fireguard.) However, I have given the install Drivers/Services privilege as per your post. I may disallow again and see what happens.

    Maybe someone else will add to this if the same has or hasn't happened to them.
     
    Last edited: Nov 11, 2004
  7. siliconman01

    siliconman01 Registered Member

    Joined:
    Mar 6, 2003
    Posts:
    781
    Location:
    West Virginia (USA)
    Here's my PG log entry about it.

    Thu 11 - 03:50:11 [EXECUTION] "c:\program files\symantec\liveupdate\lucomserver_2_5.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\svchost.exe" [760]
    [EXECUTION] Commandline - [ "c:\progra~1\symantec\liveup~1\lucoms~1.exe" -embedding ]
    Thu 11 - 03:50:50 [DRIVER/SERVICE] c:\program files\symantec\liveupdate\lucomserver_2_5.exe [4068] Tried to install a driver/service named SYMIDSCO
    Thu 11 - 03:50:50 [DRIVER/SERVICE] c:\program files\symantec\liveupdate\lucomserver_2_5.exe [4068] Tried to install a driver/service named SYMIDSCO
     
  8. Oremina

    Oremina Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    209
    Location:
    England
    I've just disallowed the privilege, so I'll see what happens. I can well remember Norton's Naveng and Navex wanting those allows when I was using PG2 and, if I remember rightly, PG3 beta. But since PG3 came out 11 days ago, I haven't had one instance of any prog wanting to install Drivers/Services.
    Possibly Baldrick may be able to add a little as he appears to keep a close eye on PG3/NIS 2005 problems.
     
  9. Oremina

    Oremina Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    209
    Location:
    England
    Siliconman01
    And now I'm feeling extremely foolish (in public too!!) Well, it's not for the first time in my life and probably won't be the last.
    I have been through my PG log and see this:-

    Thu 11 - 09:17:22 [DRIVER/SERVICE] c:\program files\symantec\liveupdate\lucomserver_2_5.exe [1620] Tried to install a driver/service named SYMIDSCO
    Thu 11 - 09:17:22 [DRIVER/SERVICE] c:\program files\symantec\liveupdate\lucomserver_2_5.exe [1620] Tried to install a driver/service named SYMIDSCO

    What can I say... I shall do my usual fall-back for cases of dire emergency and open another bottle of Bishops Finger.
    I watch those PG alerts like a hawk (normally) but today I goofed. I thought it a bit odd anyway after you had mentioned it, so checked the logs and found the above.

    I can only plead insanity and apologise for wasting your time.
     
  10. siliconman01

    siliconman01 Registered Member

    Joined:
    Mar 6, 2003
    Posts:
    781
    Location:
    West Virginia (USA)
    Well, at 3:45 a.m. in the morning, I was kinda thinking I was seeing "red"...that's why I rechecked the log. :D Have a Bishops Finger for me too!
     
  11. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,495
    Location:
    South Wales, UK
    Hi there

    Been away on business in Europe and thought I had missed all the fun but.....as described by siliconman......it happened. I am running version 2.5.56.0. Oremina, have also noted that there appears to be no need to grant Naveng and Navex privileges as of old.

    At present I can add nothing more to what you have both discovered.

    Best regards



    Baldrick :D
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.