Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Norton Internet Security 2007


  • Please log in to reply
2 replies to this topic

#1 hagabooq

hagabooq

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:18 AM

Posted 12 January 2008 - 02:21 PM

hi
i am new to this forum and new to pc world and general and i really appreciate the presence of such forums and thank the experienced people here helping out.

i have installed NIS (norton internet security 2007) and noticed a lot of process running. i googled them and most of them turned to be legit.. however i find lucoms~1.exe keep cycling in an out of running process and when i searched for it by windows files search option it was not there (not even in liveupdate folder).. when i using process explore and i move my cursor to the process it shows its path to be lucomserver_3_2.exe which is in liveupdate folder...... is this normal?

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

i installed NIS on pc which has only OS win XP installed.... when i went into norton firewall i saw some default prepared rules.. here they are

- ICMP
- Netbios
- Loopback
- windows file sharing
- Bootp
- windows 2000 SMB
- IPV6 loopback
- ICMPV6
- UPnP discovery

NIS technician said that most of them are required for net acces and they are legit.. BUT he said that bootp shouldn't be in the default created rules and that NIS must have created that rule when it was installed on my pc as it saw a need for it.. now what concerns me is that i have nothing installed on my pc exept OS and since bootp has to do with booting the pc and BIOS related, this raised the possibility of a malware in my bios before i installed NIS and when it was installed it created a rule for it to access the net.... is this correct..

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

my third issue with norton internet security 2007 is HOW to set it up and configure it for MAXIMUM protection, i know most default settings for all application eventually needs tweaking... how to max NIS 07 set for its maximum protection capability


thanks

BC AdBot (Login to Remove)

 


#2 Teenage.Zombiee

Teenage.Zombiee

  • Members
  • 831 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Western Sydney, Australia.
  • Local time:03:18 AM

Posted 12 January 2008 - 10:52 PM

I think I can help you out with some answers

1. Yes lucmoms~1.exe is a legit process and that is normal. read about it here What is lucoms~1.exe

2. After a bit of digging around on google i can't find anything that relates Bootp to malware.
But I did find..

Sourcewikipedia BOOTP
In computing, BOOTP, short for BOOTstrap Protocol, is a UDP network protocol used by a network client to obtain its IP address automatically. This is usually done during the bootstrap process when a computer is starting up. The BOOTP servers assign the IP address from a pool of addresses to each client.

This has given me the impression that it needs internet acces for a good non-malware related reason

3. Im sorry I can't help you there. Try looking through the settings. Because I know thats where it is with mcAfee and Trend Micro.

Hope I was of sdome help :thumbsup:

Edited by Teenage.Zombiee, 12 January 2008 - 10:53 PM.

Teenage.Zombiee is back ! :halloween:


#3 igonuts2

igonuts2

  • Members
  • 358 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:my closet
  • Local time:08:18 AM

Posted 12 January 2008 - 11:03 PM

you probaly know this, other proccess analizers

you can go to

http://www.programchecker.com/default.aspx

http://www.bleepingcomputer.com/filedb/

type in the suspect proccesses from the task manager.

i never rely on one source, i ck via all of them before doing anything.

igo

Edited by igonuts2, 12 January 2008 - 11:09 PM.

Why work when you can play!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users