Running XP Pro-SP3 and NIS 2010
Just noticed that for some reason my Norton>IPS Defs folder has been retaining update folders since September. Now have 20 def folders at approx 4Megs apiece - the latest being 20101129.
All the other Definition folders are only retaining the current def folder.
Can these older folders be deleted? Is there anything else that needs to be changed to keep this from continuing?
And, no I dont want to upgrade to NIS 2011 at this time.
Thanks in advance
I asked the same thing in http://community.norton.com/t5/Norton-Internet-Security-Norton/Old-IPSDefs-not-being-automatically-removed/m-p/297956#M128302
Never got an answer.
Btw, it still happens in NIS 2011.
Thanks for your input and links.
At the time of the links, the explanation from Norton regarding this issue was that Internet Explorer was either hung or recently crashed while IP Defs were updating thus causing a "temporary" retention of prior IP Defs which should go away after a re-boot. However, the re-boot did not solve the issue and no final resolution was given.
As we are all aware, over the last several weeks there has been two (2) severe problems with Internet Explorer and the Symantec Intrusion Protection Browser Helper which caused browser instability and crashes (one was an IP def update, the last was a IP def update and an IP engine update). This issue was primarily with NIS 2010.
While those 2 issues were quickly resolved by Norton, is this perhaps a lingering after affect of those IE hangs, lockups, and forced terminations? Perhaps the answer lies in those 2 dat files within the IP defs folder?
Running XP Pro-SP3 and NIS 2010
Just noticed that for some reason my Norton>IPS Defs folder has been retaining update folders since September. Now have 20 def folders at approx 4Megs apiece - the latest being 20101129.
All the other Definition folders are only retaining the current def folder.
Can these older folders be deleted? Is there anything else that needs to be changed to keep this from continuing?
And, no I dont want to upgrade to NIS 2011 at this time.
Thanks in advance
Hello, I am part of the IPS team here at Symantec.
We are not sure what is causing some users to wind up with multiple definition sets. It is being researched as there should never be more than 2 . Could one of you having the problem send me your Live Update log via PM?
c:\programdata\Norton\{big long guid]\{your Norton product}\Lue\Logs\Log.lue
To answer the initial question:
There is no harm in deleting the old IPS definition sets. Once control has been handed over to the new set, the old set is inactive. Just make sure you are not deleting an active set of definitions (you can check "history > Intrusion Prevention" after a reboot and there should be a set of entries. Look for one that looks like...
"Intrusion Prevention Engine version: 4.8.0.20 Definitions Set version 20101123.001"
In this case the active folder is 20101123.001.
You would need to disable "protect my product" to delete old sets, then I suggest turning it back on.
- Thanks,
Mike
What would happen if you just leave the folders? I'm hesistant to delete anything Norton related.
Tywin7 wrote:
What would happen if you just leave the folders? I'm hesistant to delete anything Norton related.
No harm other then the disk space taken...
See attatchment for log. ITs too big to paste in PM and causes page to hang up. Its more than 1 MB large
Thanks, looking at the logs now.
And yes, no harm in leaving the def folders, all you loose is some disk space.
- MikeT
OK. I'm scared of deleting Norton files and causing some real damage. I have more than 250 GB so what harm could a few gigs do :D
Miket,
Just saw your response and request for Log.Lue files.
Let me know if you still need others - particularly for us XP Pro - SP3 users (if that matters).
I find mine at the C:\Documents&Setting\All Users\Application Data\Norton\{Big GUID}\NIS {Product number}\Lue\Logs\Log.Lue - correct ?
File is 1.47MB
Miket
So any results from the analysis??
Do you want more files from others ?
Thx
12-01-2010 01:27 PM
Thanks, looking at the logs now.
And yes, no harm
----------------------------------------------------------------------
Any conclusions on the logs ????
At this point I have 13 IP Def files at approx 4Meg apiece - at this rate that is alot of disk space within 6mos and 12mos.
Pls at least let us know if you are working on this or we are on our own to manually delete files on a regular basis.
And if we should delete the folders, should we also edit the entries for those folders away in the usage.dat file? Just deleting the folders leaves the usage.dat file with entries for non-existant folders. Don't know if that impacts anything.
