• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

Kudos0

NAV 11.1.1 Vulnerability Protection Engine 1.0.0

We seem to have Vulnerability Protection Engine 1.0.0 on one of our machines. (Active and valid subscription for NAV 11)

That's not the latest version is it?

Vulnerability Protection Signatures Date: 9/29/09 

Virus Defs date: 1/12/2010

NAV 11.1.1f2 (stand-alone electronic download)

LiveUpdate:  5.1.1f18

MacOS 10.4.11 PPC

Replies

Kudos0

Re: NAV 11.1.1 Vulnerability Protection Engine 1.0.0

We seem to have Vulnerability Protection Engine 1.0.0 on one of our machines. (Active and valid subscription for NAV 11)

That's not the latest version is it?

Vulnerability Protection Signatures Date: 9/29/09 

Virus Defs date: 1/12/2010

NAV 11.1.1f2 (stand-alone electronic download)

LiveUpdate:  5.1.1f18

MacOS 10.4.11 PPC

Kudos0

Re: NAV 11.1.1 Vulnerability Protection Engine 1.0.0

How are you determining the version of the Vulnerability Protection engine? Perform a Get Info command in the Finder on the file

/System/Library/Extensions/SymIPS.kext

The version number should be 1.3.1, which is the latest version.

The version number reported by LiveUpdate is incorrect, and should be ignored. This is a known issue but it won't affect anything, since that version number is only used by LiveUpdate.

Ryan

Ryan McGann Technical Director Norton Business Unit, Symantec
Kudos0

Re: NAV 11.1.1 Vulnerability Protection Engine 1.0.0

Hi Ryan, 

Yes, I was looking at the VPE version displayed in the LiveUpdate window on the machine in question.

On my other machine it is reported as 1.3.0 by LiveUpdate I believe.

I will double-check the  SymIPS.kext version when I am back at that machine again i a few days.

Note that NAV was also showing a VP signatures date of  9/29/09 while my other system says 12/15/09

 Thanks.

Timothy 

Kudos0

Re: NAV 11.1.1 Vulnerability Protection Engine 1.0.0

The latest date for the signatures is indeed 12/15, so I am not sure why your machine doesn't have the latest definitions. Make sure to run LiveUpdate.

If it doesn't find the latest signatures after running LiveUpdate, please upload the last 100-200 lines or so of your LiveUpdate log file here. The log file can be found at 

/Library/Application Support/Symantec/LiveUpdate/liveupdt.log

Attaching the entire file may not work, as it's going to be large, but the last 100-200 lines or so should be sufficient. 

Ryan 

Ryan McGann Technical Director Norton Business Unit, Symantec
Kudos0

Re: NAV 11.1.1 Vulnerability Protection Engine 1.0.0

SymIps.kext is showing as version 1.2f28 in Get Info even after running LU several times and restarting the machine.

<IdsJluCommandLine><-c /2FLibrary/2FApplication Support/2FSymantec/2FLiveUpdate/2Fliveupdate.conf --abort-on-file-exists /2Fprivate/2Ftmp/2Fliveupdate.0.8aYo8E --available-list /2Fprivate/2Ftmp/2Fliveupdate.1.G964wj [ -p NAV for Macintosh Virus Defs -v MicroDefsB.Full -l SymAllLanguages -z 0 -t VirusDef ] [ -p NAV for Macintosh Virus Defs -v MicroDefsB.Jan -l SymAllLanguages -z 2010011832 -t VirusDef ] [ -p NAV for Macintosh Virus Defs -v MicroDefsB.CurDefs -l SymAllLanguages -z 2010012232 -t VirusDef ] [ -p Vulnerability Protection Engine for Macintosh -v 1.0.0 -l SymAllLanguages -z 0 -t MacUpdate ] [ -p Vulnerability Protection Engine for Macintosh -v 1.0.0 -l SymAllLanguages -z 0 -t Update ] [ -p Vulnerability Protection for Macintosh -v IPSsigs -l SymAllLanguages -z 20091215 -t IPSUpdate ] [ -p LiveUpdate for Macintosh -v 5.1.1 -l English -z 0 -t MacUpdate ] [ -p LiveUpdate for Macintosh -v 5.1.1 -l English -z 0 -t Update ] [ -p Norton AntiVirus for Macintosh -v 11.1.1 -l English -z 0 -t MacUpdate ] [ -p Norton AntiVirus for Macintosh -v 11.1.1 -l English -z 0 -t Update ] [ -p Symantec Scheduler for Macintosh -v 5.1.1 -l English -z 0 -t MacUpdate ] [ -p Symantec Scheduler for Macintosh -v 5.1.1 -l English -z 0 -t Update ] ><IdsJluCommandLineCharacterSet><UTF-8><IdsPVLListing1><IdsPVLListing2><IdsJluCommandLineAddedJluToSession><IdsJavaVersion><1.5.0_19><IdsJavaLiveUpdateVersion><3.2><10><IdsProductInventoryParsedDefault></2Fetc/2FProduct.Catalog.JavaLiveUpdate><IdsPVLListing3><IdsPVLListing2><IdsProductInventoryDeleteProductNotFound><0C0C89F8-E695-41de-941C-3C79DDAE2FFD><IdsMaxSizeNull><maxZipFileSize><IdsMaxSizeChanged><maxZipFileSize><614400><IdsMaxSizeNull><maxTriFileSize><IdsMaxSizeChanged><maxTriFileSize><10485760><IdsMaxSizeNull><maxPackageSize><IdsMaxSizeChanged><maxPackageSize><734003200><IdsMaxSizeNull><maxPackageContentSize><IdsMaxSizeChanged><maxPackageContentSize><734003200><IdsJluSyncCheckCurrentSession><IdsJluSyncCheckPort><49652><IdsJluSyncCheckActive><IdsJluSyncCurrentSessionActive><IdsDownloadMsg><minitri.flg></2Fprivate/2Ftmp/2Fliveupdate/2Fminitri.flg><IdsHttpConnectionMsg2><liveupdate.symantecliveupdate.com><80><HTTP><IdsHttpConnectedMsg><63.84.59.64><IdsHttpWaitingMsg><IdsContentType><minitri.flg><text/2Fplain><IdsHttpReceivingFileMsg><IdsTransferCompleteMsg><185><1410>

<IdsJluCommandLine><-c /2FLibrary/2FApplication Support/2FSymantec/2FLiveUpdate/2Fliveupdate.conf --abort-on-file-exists /2Fprivate/2Ftmp/2Fliveupdate.0.8aYo8E --available-list /2Fprivate/2Ftmp/2Fliveupdate.1.G964wj [ -p NAV for Macintosh Virus Defs -v MicroDefsB.Full -l SymAllLanguages -z 0 -t VirusDef ] [ -p NAV for Macintosh Virus Defs -v MicroDefsB.Jan -l SymAllLanguages -z 2010011832 -t VirusDef ] [ -p NAV for Macintosh Virus Defs -v MicroDefsB.CurDefs -l SymAllLanguages -z 2010012232 -t VirusDef ] [ -p Vulnerability Protection Engine for Macintosh -v 1.0.0 -l SymAllLanguages -z 0 -t MacUpdate ] [ -p Vulnerability Protection Engine for Macintosh -v 1.0.0 -l SymAllLanguages -z 0 -t Update ] [ -p Vulnerability Protection for Macintosh -v IPSsigs -l SymAllLanguages -z 20091215 -t IPSUpdate ] [ -p LiveUpdate for Macintosh -v 5.1.1 -l English -z 0 -t MacUpdate ] [ -p LiveUpdate for Macintosh -v 5.1.1 -l English -z 0 -t Update ] [ -p Norton AntiVirus for Macintosh -v 11.1.1 -l English -z 0 -t MacUpdate ] [ -p Norton AntiVirus for Macintosh -v 11.1.1 -l English -z 0 -t Update ] [ -p Symantec Scheduler for Macintosh -v 5.1.1 -l English -z 0 -t MacUpdate ] [ -p Symantec Scheduler for Macintosh -v 5.1.1 -l English -z 0 -t Update ] ><IdsJluCommandLineCharacterSet><UTF-8><IdsPVLListing1><IdsPVLListing2><IdsJluCommandLineAddedJluToSession><IdsJavaVersion><1.5.0_19><IdsJavaLiveUpdateVersion><3.2><10><IdsProductInventoryParsedDefault></2Fetc/2FProduct.Catalog.JavaLiveUpdate><IdsPVLListing3><IdsPVLListing2><IdsProductInventoryDeleteProductNotFound><0C0C89F8-E695-41de-941C-3C79DDAE2FFD><IdsMaxSizeNull><maxZipFileSize><IdsMaxSizeChanged><maxZipFileSize><614400><IdsMaxSizeNull><maxTriFileSize><IdsMaxSizeChanged><maxTriFileSize><10485760><IdsMaxSizeNull><maxPackageSize><IdsMaxSizeChanged><maxPackageSize><734003200><IdsMaxSizeNull><maxPackageContentSize><IdsMaxSizeChanged><maxPackageContentSize><734003200><IdsJluSyncCheckCurrentSession><IdsJluSyncCheckPort><49652><IdsJluSyncCheckActive><IdsJluSyncCurrentSessionActive><IdsDownloadMsg><minitri.flg></2Fprivate/2Ftmp/2Fliveupdate/2Fminitri.flg><IdsHttpConnectionMsg2><liveupdate.symantecliveupdate.com><80><HTTP><IdsHttpConnectedMsg><63.84.59.64><IdsHttpWaitingMsg><IdsContentType><minitri.flg><text/2Fplain><IdsHttpReceivingFileMsg><IdsTransferCompleteMsg><185><1410>

Kudos0

Re: NAV 11.1.1 Vulnerability Protection Engine 1.0.0

<IdsDownloadMsg><nav$20for$20macintosh$20virus$20defs_microdefsb.full_symalllanguages_livetri.zip></2Fprivate/2Ftmp/2Fliveupdate/2Fnav$20for$20macintosh$20virus$20defs_microdefsb.full_symalllanguages_livetri.zip><IdsHttpConnectionMsg><63.84.59.64><HTTP><IdsHttpConnectedMsg><63.84.59.64><IdsHttpWaitingMsg><IdsHttpReceivingFileMsg><IdsTransferCompleteMsg><30413><126><IdsDownloadMsg><symantec$20scheduler$20for$20macintosh_5.1.1_english_livetri.zip></2Fprivate/2Ftmp/2Fliveupdate/2Fsymantec$20scheduler$20for$20macintosh_5.1.1_english_livetri.zip><IdsHttpConnectionMsg><63.84.59.64><HTTP><IdsHttpConnectedMsg><63.84.59.64><IdsHttpWaitingMsg><IdsDownloadMsg><vulnerability$20protection$20engine$20for$20macintosh_1.0.0_symalllanguages_livetri.zip></2Fprivate/2Ftmp/2Fliveupdate/2Fvulnerability$20protection$20engine$20for$20macintosh_1.0.0_symalllanguages_livetri.zip><IdsHttpConnectionMsg><63.84.59.64><HTTP><IdsHttpConnectedMsg><63.84.59.64><IdsHttpWaitingMsg><IdsDownloadMsg><nav$20for$20macintosh$20virus$20defs_microdefsb.curdefs_symalllanguages_livetri.zip></2Fprivate/2Ftmp/2Fliveupdate/2Fnav$20for$20macintosh$20virus$20defs_microdefsb.curdefs_symalllanguages_livetri.zip><IdsHttpConnectionMsg><63.84.59.64><HTTP><IdsHttpConnectedMsg><63.84.59.64><IdsHttpWaitingMsg><IdsHttpReceivingFileMsg><IdsTransferCompleteMsg><30159><103><IdsDownloadMsg><jlu$20macintosh_3.2_english_livetri.zip></2Fprivate/2Ftmp/2Fliveupdate/2Fjlu$20macintosh_3.2_english_livetri.zip><IdsHttpConnectionMsg><63.84.59.64><HTTP><IdsHttpConnectedMsg><63.84.59.64><IdsHttpWaitingMsg><IdsDownloadMsg><liveupdate$20for$20macintosh_5.1.1_english_livetri.zip></2Fprivate/2Ftmp/2Fliveupdate/2Fliveupdate$20for$20macintosh_5.1.1_english_livetri.zip><IdsHttpConnectionMsg><63.84.59.64><HTTP><IdsHttpConnectedMsg><63.84.59.64><IdsHttpWaitingMsg><IdsDownloadMsg><norton$20antivirus$20for$20macintosh_11.1.1_english_livetri.zip></2Fprivate/2Ftmp/2Fliveupdate/2Fnorton$20antivirus$20for$20macintosh_11.1.1_english_livetri.zip><IdsHttpConnectionMsg><63.84.59.64><HTTP><IdsHttpConnectedMsg><63.84.59.64><IdsHttpWaitingMsg><IdsDownloadMsg><nav$20for$20macintosh$20virus$20defs_microdefsb.jan_symalllanguages_livetri.zip></2Fprivate/2Ftmp/2Fliveupdate/2Fnav$20for$20macintosh$20virus$20defs_microdefsb.jan_symalllanguages_livetri.zip><IdsHttpConnectionMsg><63.84.59.64><HTTP>

<IdsDownloadMsg><nav$20for$20macintosh$20virus$20defs_microdefsb.full_symalllanguages_livetri.zip></2Fprivate/2Ftmp/2Fliveupdate/2Fnav$20for$20macintosh$20virus$20defs_microdefsb.full_symalllanguages_livetri.zip><IdsHttpConnectionMsg><63.84.59.64><HTTP><IdsHttpConnectedMsg><63.84.59.64><IdsHttpWaitingMsg><IdsHttpReceivingFileMsg><IdsTransferCompleteMsg><30413><126><IdsDownloadMsg><symantec$20scheduler$20for$20macintosh_5.1.1_english_livetri.zip></2Fprivate/2Ftmp/2Fliveupdate/2Fsymantec$20scheduler$20for$20macintosh_5.1.1_english_livetri.zip><IdsHttpConnectionMsg><63.84.59.64><HTTP><IdsHttpConnectedMsg><63.84.59.64><IdsHttpWaitingMsg><IdsDownloadMsg><vulnerability$20protection$20engine$20for$20macintosh_1.0.0_symalllanguages_livetri.zip></2Fprivate/2Ftmp/2Fliveupdate/2Fvulnerability$20protection$20engine$20for$20macintosh_1.0.0_symalllanguages_livetri.zip><IdsHttpConnectionMsg><63.84.59.64><HTTP><IdsHttpConnectedMsg><63.84.59.64><IdsHttpWaitingMsg><IdsDownloadMsg><nav$20for$20macintosh$20virus$20defs_microdefsb.curdefs_symalllanguages_livetri.zip></2Fprivate/2Ftmp/2Fliveupdate/2Fnav$20for$20macintosh$20virus$20defs_microdefsb.curdefs_symalllanguages_livetri.zip><IdsHttpConnectionMsg><63.84.59.64><HTTP><IdsHttpConnectedMsg><63.84.59.64><IdsHttpWaitingMsg><IdsHttpReceivingFileMsg><IdsTransferCompleteMsg><30159><103><IdsDownloadMsg><jlu$20macintosh_3.2_english_livetri.zip></2Fprivate/2Ftmp/2Fliveupdate/2Fjlu$20macintosh_3.2_english_livetri.zip><IdsHttpConnectionMsg><63.84.59.64><HTTP><IdsHttpConnectedMsg><63.84.59.64><IdsHttpWaitingMsg><IdsDownloadMsg><liveupdate$20for$20macintosh_5.1.1_english_livetri.zip></2Fprivate/2Ftmp/2Fliveupdate/2Fliveupdate$20for$20macintosh_5.1.1_english_livetri.zip><IdsHttpConnectionMsg><63.84.59.64><HTTP><IdsHttpConnectedMsg><63.84.59.64><IdsHttpWaitingMsg><IdsDownloadMsg><norton$20antivirus$20for$20macintosh_11.1.1_english_livetri.zip></2Fprivate/2Ftmp/2Fliveupdate/2Fnorton$20antivirus$20for$20macintosh_11.1.1_english_livetri.zip><IdsHttpConnectionMsg><63.84.59.64><HTTP><IdsHttpConnectedMsg><63.84.59.64><IdsHttpWaitingMsg><IdsDownloadMsg><nav$20for$20macintosh$20virus$20defs_microdefsb.jan_symalllanguages_livetri.zip></2Fprivate/2Ftmp/2Fliveupdate/2Fnav$20for$20macintosh$20virus$20defs_microdefsb.jan_symalllanguages_livetri.zip><IdsHttpConnectionMsg><63.84.59.64><HTTP>

Kudos0

Re: NAV 11.1.1 Vulnerability Protection Engine 1.0.0

Not sure from the log what's going on exactly, but try running LiveUpdate manually. Download all available updates. When it returns, please let us know what version of Vulnerability Protection it thinks is installed. Restart if it asks you to. From the Terminal, please run the command

kextstat | grep symantec

And paste the results here. Sometimes the Finder can used cached information about kernel extensions, so kextstat is the more definitive place to find out what versions are loaded into memory.

Version 1.3 of Vulnerability Protection was included as part of the Norton AntiVirus 11.1 update, so if you have Norton AntiVirus 11.1, then you should have the latest version of Vulnerability Protection. Make sure the Finder says your Norton AntiVirus application version is at 11.1 or 11.1.1.

Thanks,

Ryan

Ryan McGann Technical Director Norton Business Unit, Symantec
Kudos0

Re: NAV 11.1.1 Vulnerability Protection Engine 1.0.0

63    1 0x4b8000   0xf000     0xe000com.symantec.kext.internetSecurity (1.3f32) <5 4 3 2>   64    0 0x4c7000   0x22000    0x21000    com.symantec.kext.ips(1.2f28) <63 5 4 3 2>  104    0 0x47936000 0x4000     0x3000com.symantec.kext.SymAPComm (11.1f102) <6 5 4 2>

63    1 0x4b8000   0xf000     0xe000com.symantec.kext.internetSecurity (1.3f32) <5 4 3 2>   64    0 0x4c7000   0x22000    0x21000    com.symantec.kext.ips(1.2f28) <63 5 4 3 2>  104    0 0x47936000 0x4000     0x3000com.symantec.kext.SymAPComm (11.1f102) <6 5 4 2>

Seems to indicate it's an older version of the components.

Is there a way to fix this, or should I just run the Symantec Uninstaller and then reinstall from the original .dmg download?

Will the subscription still be in effect after a reinstall?

Kudos0

Re: NAV 11.1.1 Vulnerability Protection Engine 1.0.0

I also see that my VPP is version 1.o.o

Also, I don't have any files inside /System/Library/Extensions/ 

I searched for SymIPS.kext and found nothing on my macbook.

How do I fix this??

Thanks for the help.

~Andrew

Kudos0

Re: NAV 11.1.1 Vulnerability Protection Engine 1.0.0

Spotlight isn't a very good tool for situations like this, because it doesn't search in specific places. If you used Spotlight to search your drive, I wouldn't trust its results. Instead, try running the following commands in Terminal:

       ls -la /System/Library/Extensions/SymIPS.kext

Copy and paste that into the Terminal window and press return, then paste the results here.

Similarly, run the command

       kextstat

And paste the results here.

It might be that somehow these files disappeared from your Mac. In that case you might have to uninstall and reinstall. 

Ryan

Ryan McGann Technical Director Norton Business Unit, Symantec
Kudos0

Re: NAV 11.1.1 Vulnerability Protection Engine 1.0.0

Kudos0

Re: NAV 11.1.1 Vulnerability Protection Engine 1.0.0

Thanks for the help Ryan.

File Attachment: 
Kudos0

Re: NAV 11.1.1 Vulnerability Protection Engine 1.0.0

It looks like the SymIPS component is installed, but it is not loading. First, make sure that you have the latest components by running LiveUpdate. After it is finished, go to the Finder, and go to /System/Library/Extensions. Look at the version number of the SymIPS.kext by selecting "Get Info". The version number that's listed should be 1.3.1f6.

If that's not the case, you can always uninstall the product and re-install it. Use the Symantec Uninstaller application to remove the product and then re-install it. You'll need your original product installation CD or disk image to re-install. After you re-install be sure to run LiveUpdate several times.

If you don't have your product download/CD anymore, we can try and figure out what's wrong. You can run the command

     kextload -t /System/Library/Extensions/SymIPS.kext

Which will tell us why Mac OS X is not loading the SymIPS component.

Thanks,

Ryan

Ryan McGann Technical Director Norton Business Unit, Symantec
Kudos0

Re: NAV 11.1.1 Vulnerability Protection Engine 1.0.0

Andrews-MacBook-Pro:~ ajcamm$ kextload -t /System/Library/Extensions/SymIPS.kextNotice: -print-diagnostics (-t) ignored; use kextutil(8) to test kexts./System/Library/Extensions/SymIPS.kext failed to load - (libkern/kext) not privileged; check the system/kernel logs for errors or try kextutil(8).Andrews-MacBook-Pro:~ ajcamm$ 

Andrews-MacBook-Pro:~ ajcamm$ kextload -t /System/Library/Extensions/SymIPS.kextNotice: -print-diagnostics (-t) ignored; use kextutil(8) to test kexts./System/Library/Extensions/SymIPS.kext failed to load - (libkern/kext) not privileged; check the system/kernel logs for errors or try kextutil(8).Andrews-MacBook-Pro:~ ajcamm$ 

Ryan, here is the results from the kextload, I am not familiar with this shell. Finder doesn't show this file, so I couldn't check the version number.

Kudos0

Re: NAV 11.1.1 Vulnerability Protection Engine 1.0.0

I just did an uninstall/reinstall of NAV 11 today.  It was fairly quick and trouble free.

Everything seems to be up to date now.

This thread is closed from further comment. Please visit the forum to start a new thread.