Skip the navigation

XP SP3 update corrupts Windows registry, users claim

They blame Symantec's Norton security software, but Symantec denies connection

May 20, 2008 12:00 PM ET

Computerworld - Symantec Corp. today denied that its consumer security software, including Norton Internet Security and Norton 360, is to blame for wreaking havoc on some users' PCs after they upgraded to Windows XP Service Pack 3.

Microsoft Corp. declined to answer questions about the problem, which has emptied Windows' Device Manager and deleted network connections, preventing some users from connecting to the Internet or to wireless networks.

According to reports posted the day after Microsoft launched Windows XP SP3 on Windows Update, some users found that their network cards and previously-crafted connections had mysteriously vanished from Windows after updating to the service pack.

"The Network Connections screen now does not show any of the NIC cards. I have three adapters that used to show up," said someone using "MRFREEZE61" as an alias on Microsoft's XP SP3 support forum on May 7. "In an attempt to troubleshoot, I tried to bring up the Device Manager, and to my surprise it is now empty."

Numerous other users corroborated MRFREEZE61's account on the same support thread.

MRFREEZE61 reported that he had found large numbers of corrupted entries in Windows Registry, a directory that stores settings and other critical information for Microsoft's operating system. Those entries, said MRFREEEZE61, began with the characters "$%&"; once they were removed, the PC returned to normal.

Others chimed in to claim that the errant keys were located in sections of the registry devoted to settings for Symantec products, and they pinned blame on the security company's consumer-grade software installed on their PCs. "I see parent keys that all seem to be Norton/Symantec product keys," said someone identified as "gfrost."

"This appears to be a Symantec-related problem according to the keys showing up," said another user, "datarimlens." "Is anyone from Symantec on this yet? Since SP3 has been distributed to at least one of my machines, am I to believe that this problem did not show up in testing? Really? For something as widely tested as SP3? Really? I mean seriously?"

"I upgraded three well-maintained laptop machines, one with NIS2008 [Norton Internet Security 2008] installed and running during the upgrade, one with NIS2008 installed but shut down during installation and one without NIS2008 installed," said "bighowie," yet another user posting to the forum. "As you guessed, the one without NIS2008 upgraded like a charm. No problems. The other two have the same mess as identified by all in this thread."

Today, Symantec said its initial investigation had uncovered no cause and effect between its software and the corrupted registry keys, which in some cases numbered in the thousands.

"While we're seeing that this issue can affect Norton users, we don't believe we're the root cause," said Sondra Magness, a Symantec spokeswoman, in an e-mail. "In further searches on this issue, we found a number of users experiencing the problem but who do not have Norton software and/or are experiencing the issue on XP SP2."



Our Commenting Policies
Consumerization of IT: Be in the know
consumer tech

Our new weekly Consumerization of IT newsletter covers a wide range of trends including BYOD, smartphones, tablets, MDM, cloud, social and what it all means for IT. Subscribe now and stay up to date!