NAV Redirector update of 05/12

After NAV Redirector update (for NAV2002), had a problem, couldn't re-boot or shut down - use of Reset button resolved it.

The following Symantec executes added to system:

Program Files\CommonFiles\Symantec shared:
Sevinst.exe
IDSLU.exe
IDSCol.exe

Program Files\Symantec\LiveUpdate:
SNDMon.exe

Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Exitem1169_symantec$20redirector_4.5.2_english\LUProdRg.exe

Don't know which of the above caused the condition - if anyone has a problem with this update beyond what I had, here is where to look.

Regards - Charles

EDIT: This one: SNDMon.exe wants to startup at bootup as Symantec NetDriver Monitor

 

Hi Christer,

It did resolve itself once I hit the reset and the system rebooted.

Got a message right after the NAV update was finishing that the system has to be re-booted for the changes to take effect and to hit OK. So I think the "reboot" command to the system by the Symantec process failed.

I also disabled that new startup - Symantec NetDriver Monitor -for the time being. Will try to track down what it is and what it does.

Do you have any of these new additions I listed?

Regards - Charles

EDIT: This update gave someone running NIS2002 a far bigger headache: http://www.wilderssecurity.com/showthread.php?t=31945

 

The only refernce to SNDMon.exe (Symantec NetDriver Monitor) is here: http://computercops.biz/forum82.html which BTW is the nearest thing to a Symantec forum I've run into.

This appears from the one of the posts to be tied to Symantec's current security problem and is giving users of NIS2002 hell.

I have it disabled and appears to have no effect on any NAV function. It may have to do with LiveUpdate (which I have disabled) or this is Symantec's attempt at equiping NAV2002 with its very own version of CCClient - I think that's what its called.

Regards - Charles

 

Tracked down some more info on Symantec NetDriver Monitor:

quote
The Symantec Redirector (Symredir) is a set of shared network drivers that allow Norton AntiVirus, Norton Personal Firewall, and Norton Internet Security to filter incoming and outgoing data for malicious or undesired content.

The Redirector intercepts data coming into, or leaving your computer, and redirects it to a temporary location on your hard drive where it processes the data, and then sends the data to its intended destination. Without the Redirector, your email program sends your email messages directly to your email server. With the Redirector running, data that your browser sends to a Web server is diverted through the Norton Internet Security (NIS) or Norton Personal Firewall (NPF) filters to scan for and protect privacy or confidential data. Once filtered, that data is sent to the Web server. Data coming in from a Web server is diverted through the NIS/NPF filters, and undesired active content or unwanted advertising content is filtered out. The data is then passed to your Web browser for processing.

In all these situations, the Redirector is invisible to both the email programs and Web browsers you use.
End quote

Ok, so if one is not running any Symantec firewall/security suite, this startup is superfluous. I'm wondering how much of the rest of the Redirector update is besides the point if only running the AV.

Regards - Charles

 

OK, this site provides the information needed:

http://www.internetnews.com/dev-news/print.php/3353841

It seems Netdriver Monitor is a patch for a security hole found in Norton Internet Firewall 2002, 2003, and 2004. It is necessary and should not be "turned off ".

 

Hello balo and welcome here,

Thanks for confirming that its useless if NOT RUNNING NIS/NPF

Regards -Charles

 

Hi Christer,

This all started because of this hole in Symantec firewalls http://www.internetnews.com/dev-news/print.php/3353841

Mark higihlighted this issue earlier on this Board and I didn't especially pay attention to it because I don't use Symantec firewalls. Only after SNDMon.exe started on my system that I started looking into it.

For users, the fix caused problems. This thread here on this Board for example http://www.windowsbbs.com/showthread.php?t=31204 and here: http://www.dslreports.com/forum/remark,10248995~mode=flat and the thread on ComputerCops Symantec forum for which I gave a reference to above. Warning, the last two are both l o o n g threads

Regards - Charles

 

For users, the fix caused problems. This thread here on this Board for example http://www.windowsbbs.com/showthread.php?t=31204 and here: http://www.dslreports.com/forum/rem...48995~mode=flat and the thread on ComputerCops Symantec forum for which I gave a reference to above. Warning, the last two are both l o o n g threads

Charles: I have had no problem since the download. Of course it is only a day. However, if a problem pops up I will let all know.

 

Hi balo,

Great to have another new person on the Board.

Yes, please do let us know.

For the sake of clarity, are you running a Symantec suite/firewall or just an AV?

Regards - Charles

 

I am running SWS Pro 2003 and the Symantec Firewall

 

FWIW,
My kids' comp (XP Pro with NIS 2002) took that update automatically and was not affected, AFAIK.

Dumb luck?
Johanna