C20 Feb 00:29:40 - Window Log Started 20 Feb 11:17:38 - Process Guard Protection is ACTIVE 20 Feb 20:44:46 - Process Guard Protection is ACTIVE 21 Feb 11:25:40 - Process Guard Protection is ACTIVE 21 Feb 11:35:45 - [DRIVER/SERVICE] c:\docume~1\alluse~1\applic~1\symantec\liveup~1\downlo~1\exitem2406_norton$20internet$20security$20ids$20signatures_1.0_english\idscolu.exe [2068] Tried to modify an existing driver/service named symidsco Can u please help with this log. THE MUL
Hi Mul, This looks like the NAV udater trying to start a service, I do not use NAV but if you do a search on this forum there are a number of PG - NAV posts. If you have not already done it you may need to add the udater .exe to the list HTH Pilli
I had the same log report after NIS 2004 did a live update. Apparently part of the update included a Symantec driver revision. You need to add idscolu.exe and idslu.exe to PG and set Options to allow Driver/Service installation for these two executables. I would also ALLOW Write, SetInfo, Terminate, Suspend. Be sure the BLOCK is active for Write, SetInfo, Terminate, Suspend. These two files are found in C:\Program Files\Common Files\Symantec Shared\IDSDefs folder Also you probably need to reboot so that the new Symantec driver is active. The above PG entry should prevent this problem the NEXT time Symantec LiveUpdate downloads a Driver revision....which could happen anytime.
many, many, many, thanks for all your help, i will do this straight away. I have not had any problems before from nav, and as u say the new update has caused the problem to arise. thanks again the mul
Thanks siliconman01, you now have 14 karma cookies as I thought 13 may be deemed unlucky by some OK mul - They are a helpful lot around here Enjoy!
I have tried to find idscolu.exe and idslu.exe in the symantec shared file, but idsdefs folder does not exist in there. I have done a search and idscolu.exe only exists in the prefech, and idslu.exe does not exist ,and i also searched for the idsdefs folder, and it does not find it either. Just to let u know it is nav 2003 that i have as a backup av, it is not my main av. Hope to hear from u soon The Mul
I see in your signature that you have Norton Personal Firewall (npf). NIS is just a combination of NAV and NPF. IDSCOLU.exe is for internet security updates which would be NPF. It may be a hidden file. In Windows Explorer, do you have Show Hidden Files permitted and Hide Protected Operating System Files unchecked?
I have found it, and have show hidden files box checked already, and hide protected operating system files box i have unchecked this. I have tried to find idscolu.exe and idslu.exe in symantec shared fies, but it is not there, or any where i have looked, even a search has only found idscolu .exe exists in the prefetch that is all i can find. the mul
You might be right on that one, i have had only one log on this issue, and no other alerts before, or now, on this issue have ever appeared. I will wait and see if it happens again. thanks the mul
Yes, that is a possibility and difference between 2003 and 2004 or maybe even my NIS and your NPF. They are located where shown in my first post for NIS 2004 version. From what I can tell, the driver gets updated okay when the PG BLOCK occurs; however, it probably does not get loaded in memory until you reboot. As you know, Symantec does a lot of program updating automatically and without rebooting under normal circumstances.
