Your asFilter.dll and ccL80U.dll are from an older version, as indicated by the installation path. Can you download the 16.5 version from http://www.norton.com/nis09 and install it? I don’t know if this will fix your problem or not but we should be working with the lastest version as a starting point (note that you might get 16.7 via LiveUpdate and we should stick with that if you do.)
Hi Reese,
Ok so I have uninstalled NIS2009 yet again and installed version 16.5. After 25 hours retraining the antispam engine (why does it take so long????) I am in exactly the same position - no spam is identified at all!
Any ideas?
Philip
Now we’re back to the previous question, what versions of the files are on the system. If you are still ending up with the mismatches, that’s probably the root of the problem and will have to be researched.
Here are the new versions of the files as requested:
asFilter.dll
location C:\Program Files\Norton Internet Security\Engine\16.5.0.135
version 4.5.0.44
WS2_32.dll
Location C:\WINDOWS\ServicePackFiles\i386 and C:\WINDOWS\system32
Version 5.1.2600.5512 (xpsp.080413-0852)
ccL80U.dll
Location C:\Program Files\Norton Internet Security\Engine\16.5.0.135
Version 108.1.0.24
And C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\562C4DD5\16.5.0.135
Version 108.1.0.24
SHLWAPI.dll
Location C:\WINDOWS\ServicePackFiles\i386 and C:\WINDOWS\system32
Version 6.00.2900.5512 (xpsp.080413-2105)
ADVAPI32.dll
Location C:\WINDOWS\ServicePackFiles\i386
Version 5.1.2600.5512 (xpsp.080413-2113)
and C:\WINDOWS\system32
Version 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)
and C:\WINDOWS\system32\dllcache
Version 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)
MSVCR80.dll
Location – many! Including C:\WINDOWS\system32 version 8.00.50727.42
and C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\562C4DD5\16.2.0.7\Microsoft.VC80.CRT version 8.00.50727.762
and C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\AddOns\NortonSafeWeb\3.2.0.8\Microsoft.VC80.CRT version 8.00.50727.762
and C:\NSS version 8.00.50727.762
MSVCP80.dll
Location many! Including C:\Program Files\Norton Internet Security\Engine\16.5.0.135\Microsoft.VC80.CRT version 8.00.50727.762
And C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\562C4DD5\16.5.0.135\Microsoft.VC80.CRT version 8.00.50727.762
And C:\WINDOWS\system32 version 8.00.50727.42
And C:\NSS version 8.00.50727.762
USER32.dll
Location C:\WINDOWS\ServicePackFiles\i386 Version 5.1.2600.5512 (xpsp.080413-2105)
And C:\WINDOWS\system32 version 5.1.2600.5512 (xpsp.080413-2105)
KERNEL32.dll
Location C:\WINDOWS\ServicePackFiles\i386 version 5.1.2600.5512 (xpsp.080413-2111)
And C:\WINDOWS\system32\dllcache version 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)
And C:\WINDOWS\system32 version 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)
Many thanks
Philip
Now the file version numbers seem correct.
Try to disable the product's tamper protection, make a copy of asfilter.dll and then delete the original. You shouldn't be able to delete it. If it does delete it, please restore for the copy and report the results.
Hi Reese,
I cannot copy the file - I get a message that access is denied - make sure th edisk is not full or the file is not in use!
Philip
That is mysterious. As James indicated, it looks like everything is working but it’s obviously not filtering. The usually occurs if non-standard ports are used or the mail is transferred over an encrypted/SSL connection.
Nope - everything is standard - incoming port 110, outgoing 25 and no SSL
Just no filtering!
Philip
I'm stiIl trying to isolate where the problem might be.
Can you send and receive mail and while the send and receive is processing run 'netstat –b' from a command prompt and post the results. You should see ccSvcHst connected to the local machine via the loop back and outlook also connected to the local machine via loop back then ccSvcHst connected to the mail server.
This is what it looks like on a test machine:
C:\Documents and Settings\User 1>netstat -b
Active Connections
Proto Local Address Foreign Address State PID
TCP XPPSP3VM:1097 localhost:3321 ESTABLISHED 2900 [ccSvcHst.exe]
TCP XPPSP3VM:3321 localhost:1097 ESTABLISHED 1940 [msimn.exe]
TCP XPPSP3VM:3319 192.168.12.128: smtp ESTABLISHED 2900 [ccSvcHst.exe]
TCP XPPSP3VM:3322 192.168.12.128: pop3 ESTABLISHED 2900 [ccSvcHst.exe]
TCP XPPSP3VM:1097 localhost:3318 TIME_WAIT 0
Message Edited by reese_anschultz on 08-31-2009 02:04 PM
here atere the netstat -b results:
Active Connections
Proto Local Address Foreign Address State PID
TCP philiplh:2874 192.168.1.11:http SYN_SENT 992
[HPTLBXFX.exe]
TCP philiplh:2875 192.168.1.11:http SYN_SENT 992
[HPTLBXFX.exe]
TCP philiplh:2876 192.168.1.11:http SYN_SENT 992
[HPTLBXFX.exe]
TCP philiplh:2877 192.168.1.11:http SYN_SENT 992
[HPTLBXFX.exe]
TCP philiplh:1030 philiplh:1031 ESTABLISHED 1776
[KService.exe]
TCP philiplh:1031 philiplh:1030 ESTABLISHED 1776
[KService.exe]
TCP philiplh:1032 philiplh:1033 ESTABLISHED 1776
[KService.exe]
TCP philiplh:1033 philiplh:1032 ESTABLISHED 1776
[KService.exe]
TCP philiplh:2176 philiplh:2878 ESTABLISHED 3344
[ccSvcHst.exe]
TCP philiplh:2176 philiplh:2880 ESTABLISHED 3344
[ccSvcHst.exe]
TCP philiplh:2187 philiplh:27015 ESTABLISHED 4556
[iTunesHelper.exe]
TCP philiplh:2207 philiplh:2209 ESTABLISHED 4108
[msnmsgr.exe]
TCP philiplh:2209 philiplh:2207 ESTABLISHED 4108
[msnmsgr.exe]
TCP philiplh:2878 philiplh:2176 ESTABLISHED 5632
[OUTLOOK.EXE]
TCP philiplh:2880 philiplh:2176 ESTABLISHED 5632
[OUTLOOK.EXE]
TCP philiplh:27015 philiplh:2187 ESTABLISHED 1196
[AppleMobileDeviceService.exe]
TCP philiplh:microsoft-ds 192.168.1.10:1279 ESTABLISHED 4
[System]
TCP philiplh:1026 philiplh:2161 ESTABLISHED 1156
[PBESER~1.EXE]
TCP philiplh:2161 philiplh:1026 ESTABLISHED 1144
[pbeagent.exe]
TCP philiplh:2203 by2msg3010505.phx.gbl:1863 ESTABLISHED 4108
[msnmsgr.exe]
TCP philiplh:2879 toaster-vh.clara.net:pop3 ESTABLISHED 3344
[ccSvcHst.exe]
TCP philiplh:2881 nginx-vdtc01.mx.aol.com:pop3 ESTABLISHED 3344
[ccSvcHst.exe]
TCP philiplh:3388 a213-253-9-11.deploy.akamaitechnologies.com:http ESTABLISHED 144
[jusched.exe]
TCP philiplh:5152 philiplh:2635 CLOSE_WAIT 1252
[jqs.exe]
TCP philiplh:2188 a92-123-0-56.deploy.akamaitechnologies.com:http CLOSE_WAIT 804
[LWS.exe]
TCP philiplh:2331 a213-253-9-9.deploy.akamaitechnologies.com:http CLOSE_WAIT 1100
[dpupdchk.exe]
no replies in over 2 weeks - anybody still awake?
I know Reese has been away for a period but he's just back now so let's see if he picks this up soon.
Have you considered trying NIS 2010 which handles spam in a totally different way having adopted the methods used in the Enterprise version?
I was concerned to find that installing it lost all my learned lists since I used the upgrade on top of the previous generation which used to preserve them but it does not depend so much on being taught but works, I gather, rather like Norton Insight and Community watch with the so called "Cloud" techniques.
I find that I'm not doing as much reclassifying as I used to and while you cannot add an existing list to the Excluded group it does learn when you do use the This is Spam button.
I think my ISP may have tightened up their filtering since I'm getting much less spam anyway.
You can download the complete 2010 Installation file file if you want to try it.
New NIS 2010: Click on this link NIS 2010
Message Edited by huwyngr on 09-15-2009 04:39 PM
Is this the full release version or a beta?
Can I just install this over NIS2009 on my current license?
If so it is worth a try if it might solve the problem!
Many thanks
]
Philip
plhermette wrote:Is this the full release version or a beta?
Can I just install this over NIS2009 on my current license?
If so it is worth a try if it might solve the problem!
Many thanks
]
Philip
Yes this is the full release that you can get from the Norton Update Center and will be in the stores sometime soon I imagine.
If you go to the Norton Update Center and tell it what you have installed it will check and then use a Download Manager to install on top of your NIS 2009 and while I understand that it saves Parental Controls and the Password center stuff I can't vouch for this since I don't use them so back up whatever you can.
The update works fine for many but some of us, including me have had some unusual events like the OneCLick center popping up with an error that it can't fix. Because of this I did a very clean uninstall and then installed the complete package.
Also note that some of us are getting some odd behavior of Outlook Express -- coming up with the OffLine flag set and not downloading mail when starting up.
Hopefully all of these will get cleared up.
But since you can always reinstall NIS 2009 ......
Thanks for that.
:Looks like I may be substituting one dysfunctional programme for another with different dysfunctions but what the heck...... I'll give it a go!
Philip
"Nobody's perfect" <g>
I just thought I'd warn you -- note that there's been a post from Symantec Staff in another thread about antispam in 2010 indicating that when a spam message comes through but not flagged/sorted as spam when you use the This is spam button you must also use Send this to Norton for it to be examined and added to the spam base if it is to be subsequently dealt with automatically.
Someone was asking why having used the This is spam button messages from the same source kept coming through not as spam.
You may want to do a search on [ antispam 2010 ] and read up to get used to the new system.
Oh I see - so flagging something as spam by pressing the "this is spam" button does not actually designate it as spam unless it is sent to Big Brother (symantec) and he agrees and adds it to the central database! - What is the point of the "this is spam" button then?
On a happier note, I have upgraded to NIS2010 and at least Norton now recognises some email as spam and sends it to the appropriate folder HOORAY! and after only 10 months!
Philip
Did it recognize the spam on its own or did you have to previously let it know it was spam? That seems to be the case for me with 2010. I have to hit the “This is spam” button before it is subsequently sent to the spam folder. Won’t recognize anything as spam otherwise. Also, anything that was marked as Norton AntiSpam from my old NIS2009 now goes to the Junk E-mail folder in Outlook 2007 with the marking as (Norton Antispam) plus description in the Subject column.
That was my problem with NIS2008 andn NIS2009 - no emails were recognised as spam. Installing 2010 appears to have corrected this - emails are now annotated with [Norton Antispam] and sent to the antispam folder - (although some are also annotated and sent to the junk folder as well - but who cares!). No-one appears to know why this did not work in 2008/9 but I hope it is not going to cause trouble in 2010 as well!
All the best
Philip
Take your pick -- I'm just trying to help you understand how the system apparently works. What happens if you do not send it to Symantec I don't know.
Since I never ever had the experience you describe as having encountered with 2009 and before I've no idea how your system differs from mine.