Jump to content
siliconman01

Pre-Rel V4.29.1002 resolves NIS 2010 conflict issues

Recommended Posts

2 systems- Vista SP2 x86 Business, Vista SP2 x64 Business.

SAS PRO pre-release V4.29.1002 appears to have resolved the conflict issue with NIS 2010 on system startup. SAS no longer hangs up on system startup.

I have this pre-release on both computers and it is running well. Note that my x64 system has Avira Premium Security Suite, not NIS 2010. So my "TEST' really only applies to my Vista SP2 x86 system with NIS 2010.

I strongly suspect that the pre-release resolves this issue with NIS 2009 also.

Share this post


Link to post
Share on other sites

V4.29.1002 worked for 2 days with Norton, by turning off Norton Tamper Protection. Of course Norton plugged that hole and now give you an error to reinstall Norton. This reactivates Norton tamper protection and Sonar protection. If you turn on SAS realtime then you have the old right click lockup and boot issues again. SAS needs to fix their software, stop creating duplicate objects and messing with Norton.[attachment=0]Duplicate Object Created block by Norton.jpg[/attachment]

Share this post


Link to post
Share on other sites

What version of Norton are you running? I don't seem to have PIFsvc.exe on my NIS 2010 system.

The PIFsvc.exe is part of Norton LiveUpdate which looks like it kicked in on your system during system start up. I "think" the fix in SAS PRO is like a blacklist of Norton file names that SAS real-time is suppose to bypass during memory handle duplication by SAS. Apparently, PIFsvc.exe was not included. I have not encountered this on my Vista SP2 x86 business system with NIS 2010 with V4.29.1002. I suspect that it is a timing issue where you got caught with SAS PRO initializing and the Norton LiveUpdate kicked in. Or it is that you are running a Norton package that is not the 2010 release.

Symantec PIF AlertEng: Part of Symantec's LiveConnect service that delivers large updates and patches for your software. There has been some controversy as to why this package was installed without users being notified.

I recommend that you submit a CSR so that the SAS gurus can promptly fix this.

https://www.superantispyware.com/precreateticket.html

Share this post


Link to post
Share on other sites

I am running Norton Internet Security 2010. on Vista Ultimate Quad Core System. Is your 'Norton Tamper Protection' and 'Norton Sonar Protection' turned on ? If there are not on, turn them on, per Norton defaults and see if get the reinstall Norton message ? My brother's system is also now failing after the latest updates, so maybe the update has just no been rolled out to your system or your tamper protection is off.

As far as putting in a trouble ticket on this issue, I found the forums and emailing my sales contact in SAS works better at get the 4.29 SAS attempt at fixing this conflict. Support just closes my ticket telling me it is a Norton issue....sorry it is not. Thanks for your input, Dave :D

Share this post


Link to post
Share on other sites

My Tamper Protection is turned on. SONAR Protection is on and SONAR Advanced Mode is set to Aggressive. I did a totally clean install of NIS 2010 on Vista SP2 x86 Business. The system had NIS 2009 and I used the Norton Removal Tool to totally remove NIS 2009.

There is no folder PIF under C:\Program Files\Common Files\Symantec Shared\ on my system. I do not have the Add-on pack installed. My NIS 2010 is V17.0.0.136.

From what I can determine on Google, PIFSvc.exe is a component of Norton LiveConnect Service from older versions of NIS.

Also please see this post over on the Norton Community forum.

http://community.norton.com/norton/board/message?board.id=nis_feedback&message.id=21693&query.id=1136138#M21693

A Suggestion:

1. Download the latest Norton Removal Tool and save it on your desktop.

http://service1.symantec.com/support/tsgeninfo.nsf/docid/2005033108162039?OpenDocument&seg=hm&lg=en&ct=us

2. Via Control Panel>Programs and Features, uninstall NIS 2010 and reboot.

3. Run the Norton Removal Tool and reboot.

4. Run the Norton Removal Tool and reboot again.

5. Re-Install NIS 2010.

I think you will then find that PIFSvc.exe is no longer present on your system.

Share this post


Link to post
Share on other sites

Thank you again for your suggestions. Using the Norton Removal Tool on all my systems is non-starter with as it will force me to reinstall all my Norton products, lose all my settings and more than likely go over me max. install number of time for Norton products. Also all my other anti-spyware programs such as, Spybot, Malwarebytes and CounterSpy run without trying to mess with Norton processes or files, plus Norton runs without errors. I did rename pifsvc.exe to pifsvc.xxx to stop the program loading. That stop Norton Tamper Protection stopping SAS on that file, but then SAS hard stopped on turning on real-time protection when SAS tested my Norton Ghost see attached error. The bottom line is now, Norton is protect all Norton products and directories, to stop scumware makers from stopping Norton processes or changing their files.

SAS need to bypass all Norton processes and directories.[attachment=0]Ghost Duplicate Object Created block by Norton.jpg[/attachment]

Share this post


Link to post
Share on other sites
SAS needs to fix their software, stop creating duplicate objects and messing with Norton.

Norton is the one that has the bug - the duplicate handle exists for use - Norton is blocking it as part of their tamper protection - SAS is not tampering with the software, it's reading the memory. I am sorry you feel you need to blame SAS, but the proper blame on this one belongs with Norton.

As for 4.29.1002 not working, we don't scan Norton files any more, so I would be curious as to see which file it's protecting on your system.

Share this post


Link to post
Share on other sites
SAS needs to fix their software, stop creating duplicate objects and messing with Norton.

Norton is the one that has the bug.

:)

I don't even work on a "Norton Protected" computer unless the customer agrees to remove such crap...

"The internet doesn't work and my computer is very slow"

"Are you using Norton? lol

Share this post


Link to post
Share on other sites

Yes Norton is now block all and any of their software from have duplicate handles created. Tamper Protection believes any software doing that is possible scumware, that is about to kill their processes. It is NOT bug, it now feature of all Norton products. ! I am not blaming SAS, just trying to inform you have an issue. Please see my earlier attachments and comment for some of the program names and Norton files, even Norton Ghost is now protected. White listing Norton processes is not the way to go, as Norton could create a new program name at any time. Also, per my earlier comments, all my other anti-spyware programs such as, Spybot, Malwarebytes and CounterSpy run without trying to create duplicate handles on Norton processes, plus Norton runs without errors, so bottom-line SAS has an issue, that needs correcting.

Share this post


Link to post
Share on other sites
Yes Norton is now block all and any of their software from have duplicate handles created. Tamper Protection believes any software doing that is possible scumware, that is about to kill their processes. It is NOT bug, it now feature of all Norton products. ! I am not blaming SAS, just trying to inform you have an issue. Please see my earlier attachments and comment for some of the program names and Norton files, even Norton Ghost is now protected. White listing Norton processes is not the way to go, as Norton could create a new program name at any time. Also, per my earlier comments, all my other anti-spyware programs such as, Spybot, Malwarebytes and CounterSpy run without trying to create duplicate handles on Norton processes, plus Norton runs without errors, so bottom-line SAS has an issue, that needs correcting.

Again "bottom line SAS has an issue" - so it's ok for another product to block all access and cause other products to crash or hang - but it's not Norton that has the problem, it's every other product that decides to block access......hmmmmmmmm. I think "bottom line" Norton made a bad call here on the way they are handling it and they should white list legit security products as not to cause problems for their users whom are using additional security products because Norton can't do it all.

Yes, all of your other products run without problem because they are not handling many types of malware that require duplicating a handle to get to the process - the "other" products simply ignore those files and don't scan them - thus leaving your system infected - great plan! LOL.

As for Norton creating new files, they do that about once a century so white lising in our database is an effective solution - we can update that white list on a moments notice - we are not going to bail out on technology that catches spyware other products miss to avoid a white list.

Share this post


Link to post
Share on other sites

Thank you, that I all wanted was someone at SuperAntiSpyware to whitelist or do what ever for the Norton processes required to make SuperAntiSpyware work in realtime. As I stated I was not looking to into a war of words or call SAS detection of malware into question, as I have used SAS to clean a number of computers for clients. It would so much easier if one could put in a trouble ticket and get issues like this fixed, without get my trouble ticket cancelled...sorry it not an issue go away !

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×