XP SP3 update corrupts Windows registry, users claim

An update from Computerworld U.S.:

Symantec Corp. today denied that its consumer security software,including Norton Internet Security and Norton 360, is to blame forwreaking havoc on some users’ PCs after they upgraded to Windows XPService Pack 3.

Microsoft Corp. declined to answer questions about the problem,which has emptied Windows’ Device Manager and deleted networkconnections, preventing some users from connecting to the Internet orto wireless networks.

According to reports posted the day after Microsoft launched WindowsXP SP3 on Windows Update, some users found that their network cards andpreviously-crafted connections had mysteriously vanished from Windowsafter updating to the service pack.

“The Network Connections screen now does not show any of the NICcards. I have three adapters that used to show up,” said someone using“MRFREEZE61″ as an alias on Microsoft’s XP SP3 support forum on May 7.“In an attempt to troubleshoot, I tried to bring up the Device Manager,and to my surprise it is now empty.”

Numerous other users corroborated MRFREEZE61’s account on the same support thread.

MRFREEZE61 reported that he had found large numbers of corruptedentries in Windows Registry, a directory that stores settings and othercritical information for Microsoft’s operating system. Those entries,said MRFREEEZE61, began with the characters “$%&”; once they wereremoved, the PC returned to normal.

Others chimed in to claim that the errant keys were located insections of the registry devoted to settings for Symantec products, andthey pinned blame on the security company’s consumer-grade softwareinstalled on their PCs. “I see parent keys that all seem to beNorton/Symantec product keys,” said someone identified as “gfrost.”

“This appears to be a Symantec-related problem according to the keysshowing up,” said another user, “datarimlens.” “Is anyone from Symantecon this yet? Since SP3 has been distributed to at least one of mymachines, am I to believe that this problem did not show up in testing?Really? For something as widely tested as SP3? Really? I meanseriously?”

“I upgraded three well-maintained laptop machines, one with NIS2008[Norton Internet Security 2008] installed and running during theupgrade, one with NIS2008 installed but shut down during installationand one without NIS2008 installed,” said “bighowie,” yet another userposting to the forum. “As you guessed, the one without NIS2008 upgradedlike a charm. No problems. The other two have the same mess asidentified by all in this thread.”

Today, Symantec said its initial investigation had uncovered nocause and effect between its software and the corrupted registry keys,which in some cases numbered in the thousands.

“While we’re seeing that this issue can affect Norton users, wedon’t believe we’re the root cause,” said Sondra Magness, a Symantecspokeswoman, in an e-mail. “In further searches on this issue, we founda number of users experiencing the problem but who do not have Nortonsoftware and/or are experiencing the issue on XP SP2.”

In a follow-up telephone conversation, Dave Cole, Symantec’s seniordirector for product management of its consumer offerings, acknowledgedthat users running Norton titles were experiencing problems, but hesaid the numbers are small. “The support lines are not ringing off thehook,” he said. Cole also said that Symantec had done “extensivetesting” of its products with Windows XP SP3, but this issue hadn’tsurfaced.

And he essentially blamed Microsoft for causing the problem. “Thisis related to XP SP3,” he said, “and XP SP3 has already had otherissues specific to some OEMs and some processors.”

Cole was referring to the “endless reboot” snafu that users beganreporting after applying the service pack upgrade. Last week,Hewlett-Packard Co., whose AMD-powered machines were cited by mostusers as the only ones affected, confirmed the rebooting glitch, andMicrosoft announced it would add a filter to Windows Update to preventAMD-based PCs from obtaining XP SP3 via the update service’s listings.

“People need to exercise caution before [updating to] XP SP3,” said Cole. “This may well go beyond Symantec.”

For its part, Microsoft has remained mum. Although a Microsoftengineer asked users on the support forum for additional information —and provided an e-mail address for them to forward details — thecompany did not address questions put to it Monday that asked it toconfirm the problem, point out any posted Microsoft solutions and fixblame on either Symantec or its XP SP3 update.

Microsoft limited its response to boilerplate language that it hasused before in statements about XP SP3. “Customers who experience aproblem with Windows XP SP3 installation should contact MicrosoftCustomer Support Services, which can provide free assistance andtroubleshooting for these issues,” a company spokeswoman said in ane-mail Monday afternoon.

Some users, in fact, reported that they had contacted Microsoft’shelp desk, and via a remote session managed by the tech supportrepresentative, had had their Windows registry cleaned. Many others,however, vented at the apparent lack of interest by Microsoft in theirtroubles.

“I see no evidence that Microsoft is working on this issue, or eventhat they are mildly concerned about it,” wrote “Sandbridge” Friday.

MRFREEZE61 posted clean-up instructions for afflicted users on theMicrosoft support forum, and several reported back that the work-aroundhad done the trick. “Hey Mr. Freeze, just wanted to say that yoursolution saved my butt big time,” said someone identified as “RevDAGG”on Sunday.

Manually deleting the rogue registry keys, however, was impossiblefor some, who reported thousands, even tens of thousands, of corruptedentries; several called for an automated tool to help them do clean-up.

“Once we’ve figured out how many customers this affects, [anautomated tool] is absolutely possible,” said Symantec’s Cole. “Ifthere is something we can do to address the problem, we’ll do it.”

Related Download
CanadianCIO Census 2016 Mapping Out the Innovation Agenda Sponsor: Cogeco Peer 1
CanadianCIO Census 2016 Mapping Out the Innovation Agenda
The CanadianCIO 2016 census will help you answer those questions and more. Based on detailed survey results from more than 100 senior technology leaders, the new report offers insights on issues ranging from stature and spend to challenges and the opportunities ahead.
Register Now