I had something similar I had to do a uninstall and reinstall of NIS 2009 and that fixed it for me. I am now on 2010.

---

mo wrote:

I had something similar I had to do a uninstall and reinstall of NIS 2009 and that fixed it for me. I am now on 2010.

---

Tks for reply, mo.

Sure don't want to do that un/re-install.  Had problems before (not Intrusion stuff, tho).  Un/Re didn't help.  *Lot* of trouble.

May go to 2010, too.  But, mostly waiting on latest 2009 version... 16.8. (I'm 16.7.2.11)

In looking over various threads, nothing exactly like my problem -- but some similar.  Discussions there seem to indicate a Symantec/Norton problem with latest LU's (and maybe something to do with my new Firefox, 3.5.6?).  I'll hope they find solution and send out on LU.

BTW, ran Full System Scan (using NIS 2009 - w/ NO "Exclusions") a few hours ago.  Nothing found but tracking cookies.

Finally... this is strange.  Was going to check "Properties" of my executable file (uiStub.exe).  But, discovered that, now, there's a folder out there for 16.8.0.41.  Hmmm.  Where'd that come from?  Wasn't there an hour ago.

Yet, even when I execute that folder's (16.8..) uiStub, "Help & Support/About" still shows 16.7...

Weird.

Appreciate the help.

Best,

Robby

OK, I did a warm restart, and NIS 2009 version is now 16.8.0.41.

And... NIS came up fine in Sys Tray.  Maybe problem solved?  We'll see.

Robby

Sounds like it may be fixed  the way NIS updates  in bits and pieces then all works after a restart....fingers crossed...I hate going the reinstall route but sometimes it can not be avoided.

---

Calls wrote:

Anyone noticing an increased attack on port 64643? My firewall indicates that unused port blocking has blocked inbound TCP attempts on port 64643. This seems to happen multiple times per hour  and comes from various IP addresses. It is being blocked so I'm pretty sure I'm safe. Just wondering if this is part of a larger /global issue of cyber attack?

---

Starting Monday, 1 Feb. 2010, my NIS 2009 system had "Intrusion Prevention" (and a lot of other things), "disabled".  Don't know why or how.  [Update to latest NIS 2009 build (16.8.0.41), yesterday evening, may have fixed the problem?  But, why/how NIS was disabled, not determined.]

[I posted here about all this, yesterday: http://community.norton.com/t5/Norton-Internet-Security-Norton/NIS-2009-quot-Intrusion-Prevention-Di...]

Also, since this Feb 1st date, I've been hit with a lot of (various) port attacks.  To my knowledge, I've never had such attacks before (my Full History log shows these attacks only starting Feb. 1st).  Here's something I just posted on the above ("disabled" topic) link:

_______________________________

From about the same time my "Intrusion disabled" problem started (1 Feb, 2010), I'm getting a *lot* of NIS Log messages:

"Unused port blocking has blocked communications. Inbound TCP connection."  Most recently, though: " Rule 'Default Block EPMAP' blocked [IP address]. Inbound TCP connection."

Mostly from China.  Some, Turkey.

Think these could have anything to do with my initial problems?

[Just got 3-more (1-"Unused port," Ningbo, China; 2-"Default Block Microsoft Windows 2000 SMB," Winter Haven, FL, USA). ]

Hmmm.

__________________________________

Something is going on.

Robby

I would start a new thread on those as long as they are blocked that is good...someone else can shed some light on them.

---

mo wrote:

I would start a new thread on those as long as they are blocked that is good...someone else can shed some light on them.

---

Well, I did post on "Calls" thread about these ("Attacks on port 64643").

http://community.norton.com/t5/Norton-Internet-Security-Norton/Attacks-on-port-64643/td-p/200631

Didn't get any response.  But, I'm still getting hit --  (13) today.  (10) yesterday. (6) Monday [1 Feb, 2010].

IP of "blocks" are from all over the World -- including a good number from the U.S.

Maybe I will start a new thread.

Tks for input.

Robby

Robby:

Please wait for assistance on your own thread.  Asking questions on someone else's thread is considered hijacking.  It just confuses the issue.  I will ask to have your post merged with the other one.