Norton Internet Security 2002

astroc · Trooper Joined: Jan 30, 2004 Posts: 24 Location: USA

I am running Win 2K Pro SP4. IE 6.0.. I downloaded the latest update to my NIS Program Security Update as well as the Common Drivers update from Symantec Live Update earlier today and now my system is running like molasses. I checked my System Event Code and it shows an ID Event 7009...says " Timeout (30000 milliseconds) waiting for the Norton Internet Security Service service to connect ". My system runs normal if I disable the Norton Internet Security Program completely. Is there a way to correct this problem or even perhaps to uninstall the update I just downloaded??? I am 100% certain that the latest download of updates from Symantec is the reason causing my system to crash. Any help is appreciated...In the mean time I am connecting to the internet without the NIS enabled in order for my system to run normal. Thanks Astroc

jvmorris · Posted: Mon May 17, 2004 10:14 am Post subject:

Yes, it's happening all over the place. There's an earlier posting on this board. Matter of fact, I think there's sort of a quick-fix at the end of the other thread here.

If you want something to read while waiting for Symantec to fix it Shocked

; you could try the thread over at BBR/DSLR Security Forum at http://www.dslreports.com/forum/remark,10248995~mode=flat That thread talks about some of the older tools and utilities that can be used to at least document what's going on with your system since the update (which might be useful to Symantec if they have any trouble figuring out what went wrong).

At the moment, it looks like something in one of the NIS executables downloaded in that LiveUpdate makes NIS/NPF 2002 'burp'. You may see weird events in your firewall and alert event tabs, but we think those are caused by a problem with the new code. In other words, it doesn't look like the ruleset has been corrupted or basic configuration settings messed up.

No timeline for a fix being released yet. Maybe today, maybe tomorrow, maybe never (since Symantec maintains that NIS 2002 is no longer a supported product -- which sort of makes you wonder why they were putting out an update for it, I guess Confused

). Oh, yes, the Update . . . Well, that seems to have been occasioned by the four vulnerabilities that eEYE discovered.

Everything I currently know about this problem is either in the other thread here or the thread at BBR/DSLR Security Forum.

astroc · Trooper Joined: Jan 30, 2004 Posts: 24 Location: USA

Thanks Joseph. I will check out the other thread and in the mean time I guess it is better not to do anything drastic but just run my system with the NIS totally disabled. Thanks again for the heads up. Regards, astroc

Nightblade · Trooper Joined: May 17, 2004 Posts: 10 Location: France

Hello
Please allow me to add my stone to the wall.

After having recently used the Live Update function of my Norton Internet Security 2002 , i ran into several problems.

-The first one, that occurs at the system startup is a strange long delay (5/6 minutes) before NIS accept to consider me as the supervisor to allow me to change options/rules etc...
I noticed that i am considered as the supervisor exactly at the time the Alert Tracker icon decide to appear (before the "fatal" live update , the Alert Tracker appeared at the startup without delay, and so i was always considered as the supervisor immediately when i opened NIS)
This delay happens even if i disable the automatic launch of NIS or NAV at startup

-The second one, that occurs when loading internet pages or browsing is that the system seems to "stutter" until the web page finish loading , very unpleasant , as i have now to limit what is displayed by IE actually to limit the "stuttering" time.

-The third problem is the new presence of SNDMON.EXE (Symantec Net Driver Monitor) at the startup, and as i cant find yet what is the purpose of this program , i wonder what it is and what impact this can have on the global NIS security.
Disabling this program at startup does not seem to solve any of the problems or stutterings .

-The last one is the heavy number of attacks that seems to occurs since the "fatal" liveupdate (fortunately everything is blocked), i think that certainly some people try to use the recently revealed critical issues with NIS, so i cant really say that it is related to the "fatal" liveupdate.

After searching on internet any topic related to the issues like the ones i am facing , i found several threads , and finally was pointed to this website and forum that i am now browsing since that time.
Actually i noticed from all those threads that the NIS 2002 is the subject of those problems, the 2003 and 2004 version seems unaffected.

While waiting and hoping for a fix soon from Symantec (i hope that they will came back from Cancun Wink

) , i want to salute every users of those boards , i am learning several interesting new thing here.
Thanks

astroc · Trooper Joined: Jan 30, 2004 Posts: 24 Location: USA

Hey Nightblade I have just about the same problem particularly the slow slow crawling loading of a single page on the internet. Based on my error messages, it definitely pointing to NIS is the source of the problem. I am now running my system with NIS disabled totally so I can access faster page loading. I have tested the Live Update about couple hours ago and there are 2 more updates...NIS Security update and Symantec Redirector...I downloaded them both and successfully installed them and my system is still like molasses with NIS enabled...so I am back to disabling the NIS so I can live with the problem until Symantec can come up with a fix for this. I am sure they are aware of it otherwise there wouldnt be successful updates available on a daily basis concerning the NIS and Redirector. I am like you hope that they would get on their horses and fix this problem that they had created. Hang in there, astroc
ps. what OS are you running? I assume you are NIS 2002 v 4.0 also

Nightblade · Trooper Joined: May 17, 2004 Posts: 10 Location: France

Hello

I run under the Window Me OS , up to date according to microsoft "window update".
But what is happening actually is not OS specific from what i have read, as some 9x or XP users share this NIS 2002 problem.

To see if it was not a mistake on my system, i uninstalled completely (files/folders/registry keys) then re-installed NIS 2002 and ran the live update completely 2 times today.
And after the liveupdate procedure is complete and no more new contents are available, the exact same problems were back.

When i tested the connection before downloading the last batch of live update content, each time everything was fine : browsing was at the good speed, i was immediately at start up recognized as the supervisor for NIS etc ... life was good Wink

Then after the last batch of liveupdate content : problems appeared again.

From my own test, the fault is certainly inside one of the most recent liveupdate content, as probably everyone understood already.

That is not the first time in 2 years i have problems with NIS 2002.
I remember the problems that occured a long time ago with some installshield files that were recognized as virus/trojan but were in fact perfectly clean.
There was the problem some months ago with the VeriSign certificates that made NIS very very slow.

I just hope that Symantec will come with a good solution or work-around soon, as i am near to look in the direction of Zone Alarm if nothing is done even if i find NIS interface very intuitive after those 2 years of practice with it.

astroc · Trooper Joined: Jan 30, 2004 Posts: 24 Location: USA

Hey Paul, I am going to run mine disable for now...if they cant get it fix soon...I then will just uninstall NIS and go other direction as you are thinking also. astroc

Nightblade · Trooper Joined: May 17, 2004 Posts: 10 Location: France

This morning i tried to make an experiment :

-I uninstalled every files/folders/registry key related to symantec products from my harddrive.

-I installed Norton Antivirus 2002 only from the NIS 2002 install CD by running the NAV.MSI program located in the NIS folder of the CD
This way i have NAV 2002 without the other NIS 2002 content.

-I installed Zone Alarm Pro and configured it by blocking every IP ranges i blocked in the NIS firewall and denied access to every program i used to block with NIS firewall.
After changing the settings of ZA Pro to my personnal taste and internet usage, i launched internet.

-I launched NAV 2002 Live Update to its maximum, installing EVERY live update content available.

Result : no problem at all , every thing on my system is running fine .

Conclusion : the faulty update touched something insdide NIS , but it is absolutely not the NAV 2002 part of it.
The faulty update is not related to SymEvent and the Symantec Net Driver Monitor that is installed with this update, because it is installed by one of the NAV 2002 update without any problems after that.

I think i will stay with my current security settings with ZA Pro + NAV 2002 instead of NIS for a long period, as everything seems to run fine and seems secure enough.

jvmorris · Posted: Tue May 18, 2004 11:24 am Post subject:

I'm getting easily confused here (with all the different inputs), so let me just recapitulate my understanding of your current situation:

astroc · Trooper Joined: Jan 30, 2004 Posts: 24 Location: USA

I did something very similar...I uninstalled NIS 2002 and NAV 2002....left my NU intact. Then I reinstall Nav 2002 first....get all the updates for that and then reinstall NIS 2002 but not updating anything on it...reset all the settings and got online and the system is not crashing and running as fast as before....I did that as a last resort but it should serve the purpose for some Firewall Protection for now until Symantec can get on their ball to do something about it....Anyone find any thing on the Symantec site regarding this problem yet? Regards, Astroc

jvmorris · Posted: Tue May 18, 2004 12:49 pm Post subject:

Nightblade · Trooper Joined: May 17, 2004 Posts: 10 Location: France

Nightblade · Trooper Joined: May 17, 2004 Posts: 10 Location: France

Oh, i just noticed your post on the other forum, so here is my second file

sndsrvc.exe
***Network Driver Service***

jvmorris · Posted: Tue May 18, 2004 1:43 pm Post subject:

astroc · Trooper Joined: Jan 30, 2004 Posts: 24 Location: USA

I did some experimenting to try to pin point as to which update is the one that cause my NIS 2002 to crash. I am 99.9% sure it is only the NIS update.....NOT NAV Updates as Nightblade had confirmed. The NIS update that caused my system to crash is NIS PROGRAM UPDATE...NIS 2002 with the size of 102.2kb....I reinstalled NIS 2002 and tested each update individually and this is the one caused my system to slow down. It ran fine up till that point connecting to the internet. All NIS Security updates are fine...only the NIS PROGRAM update is the one to be weary about. Hope this help someone. Astroc


	Home ˇ Topics ˇ Submit News ˇ Top 10 This entire site, Cops Themes, and Computer Cops are Š 2002 - 2004 Computer Cops, LLC. All rights reserved. You can syndicate our news using the file RSS 0.91, ultramode.txt, or RSS 1.0. Acceptable Use Policy. Use signifies your agreement. Engine Copyright Š 2002 by PHP-Nuke, GNU/GPL Licensed. ICRA Member. Paul Laudanski, Member of Computer Cops, LLC Server Load: 768 pages served in previous 5 minutes. Page Rendered: 0.483 seconds.