Re: After SP2 and the LU Patches Norton Products Still Have a Panopoly of Problems

From: Chris H. (
Date: 08/11/04

Date: Wed, 11 Aug 2004 12:04:49 -0700

Seems to work for a lot of other people after SP2 is installed, Chad. I
suggest you contact Symantec or Norton with your specifics.

Chris H.
Microsoft Windows MVP/Tablet PC
Tablet Creations -
Associate Expert
Expert Zone -
"Chad Harris" <> wrote in message 
> Chris--
> I appreciate the Live Update patch came out with their FAQ.  One problem 
> is that *SP2 breaks Live Update* whether you uninstall Norton and install 
> SP2 (as virtually every Microsoft document on SP2 tells you to do) or 
> leave Norton/Symantec in. The bottom Line is after a lot of game playing 
> and clicking successive links on Live Update, tripping through multiple 
> Norton KBs one leading to the next,  you have a *LU 1812 error*, whose 
> final move is to uninstall NSW or NAV manually and meticulously, and after 
> you have exhuasted it's remedies, it won't fix with SP2 RTM period.
> The only way they are delivering the compatibiilty patches for SP2 is 
> through Live Update.  SP2 whether Norton is installed before or after 
> breaks Live Udpate and you can't get the patch.
> The part left out on the KB is to install any other antivirus 
> product--many will work with SP2.
> They are not making any other means avialable to patch Norton other than 
> Live Update.  If it's broken, and their KBs to fix it often don't, you're 
> stuck with scan not working, booting up and having to turn on Auto Protect 
> with a right click (minor) and often uninstall problems with Norton 
> products.  Microsoft tells you to install SP2 first (uninstall NAV) and 
> Norton/Symantec tell you to wait until they are updated (in some cases 8 
> weeks from now for Enterprise Products according to their enterprise FAQ I 
> linked before) before installing SP2.
> Microsoft tells you to turn their Windows Firewall on; Norton 2005 
> products on the last box before you click finish will tell you in a single 
> explicit box to turn it off. NAV 2005 has a piece of NPF or NIS billed as 
> "worm protection."  How much of a piece and what it actually does compared 
> with the Windows firewall that has been criticized with respect to 
> outbound traffic still after SP2 RTM is hard to define.   Many people are 
> finding that the Windows firewall leaves much to be desired right now,  as 
> you know, but I'm sure it will be a different story  come Longhorn in 
> 2007.
> The answers from Symantec on this FAQ just issued just aren't true in some 
> cases.  There is the paradox that for many, Live Update doesn't work with 
> SP2 and Norton has elected not to deliver their update patches any other 
> way.  They aren't making them available on their site now. That was a 
> goofy choice to say the least.  The patch to fix what's broken can't be 
> obtained because you are required to use what's broken to get it--that's 
> not only ironic and paradoxical--you ain't gonna be able to fix what's 
> broken.
> Microsoft wants you to put in SP2 before Norton, and if you put in Norton 
> first and patch it, SP2 can still break Norton a number of ways.  Norton 
> 2005 seems to work pretty well with SP2 until you boot 3 times, and then 
> you have refresh freezing on all categories on the Norton Integrator or 
> gui interface, i.e. you can't tell what's on.   You can see that email 
> scanning is working.   The important thing of course, is that Auto Protect 
> is enabled, because in fact Auto Protect includes adequate email scan and 
> script blocking to the point you could turn the other two off and be just 
> fine according to every Symantec engineer I talked to--so you have to be 
> able to determine that Auto Protect is up and running.
> I reproduced this and so did others about 25 times.
> Sometimes but not all that can be fixed by reregistering jscript.dll, and 
> downloading  and reinstalling Scripten or the Microsoft Windows Script 
> package including the Windows Script Host 5.6 since IE has to function 
> correctly to read the Norton interface.
> This KB applies to any version of NSW or NIS through 2005 with Windows 
> versions past 9X.  Often Norton doesn't update KBs in version name for 
> Windows version, but the Norton/Symantec KB  will do the job.
> The FAQ says:
> "Installing Service Pack 2 will have no affect on Norton Personal Firewall 
> or Norton Internet Security."
> Some of the FAQ's are vague to the point of covering anything that will
> happen,--I like this one because it avoids saying SP2 can break things 
> that are Norton/Symantec and it does.
> "How will installing Service Pack 2 affect the Symantec Products I have 
> already installed?"
> A. "This varies on the Symantec [Norton as well] products you own." 
> Right. Many break.
> On many boxes, installing SP2 any build will outright break
> NIS/NPF any version.  It will put up a box that says "You're not the 
> Norton
> supervisor" and when you put up the Norton Integrator (the box that shows
> what it does with NAV added you can see it but you can't do anything with
> it).  You'll not be able to uninstall NIS or NPF from Add/Remove, and 
> you'll
> have to use a Norton KB that involves 30-45minutes of  using a Norton
> removal tool, thendeleting several GUID keys and other registry keys,
> multiple folders, every Norton file you can track down in ectopic places.
> "With Service Pack 2 installed, do I even need my Symantec antivirus and
> firewall products? Absolutely."
> Norton explicitly tells you to turn the Windows Firewall "*off*" in their
> 2005 products about to release.  I wouldn't run two software firewalls or
> more at once, and I don't have data comparing their abilities like 
> stateful
> inspection head on with say, ZA, and that info isn't easy to come by now.
> What they didn't say in the FAQ is that when you load Norton  or Symantec
> anything, it's going to tell you to turn your Windows Firewall in SP2
> off--last box before "Finished Install."
> "Installing Service Pack 2 will have no affect on Norton Personal Firewall
> or Norton Internet Security"  Just not the case.  SP2 can make it 
> difficult to install, and  particularly to uninstall Norton products.  I 
> don't know the numbers in 10,000 boxes for this.
> I've found this to be totally *untrue* and reproducable that the firewall
> can and will break.  Norton also tells you on installation of any 2005
> product to *turn off the Windows firewall*. It's the  last box before you
> click "Finish" on the install of the Norton/Symantec 2005 AV, PF, or NIS.
> Norton anti-spam is hype and whatever it does can be spelled a dozen ways
> without it.
> Norton Go Back reconfigures the Windows Master Boot Record, and I'd just 
> as
> soon have someone playing with my elevator lift  on the way up the Empire
> State Building--it often has the same effect and unhooking Go Back from a
> botched Windows boot strap mechanism is simply impossible--their tech
> support will tell you they have no clue how and so will MSFT personnel. 
> In
> a high percentage of cases, Go Back will destroy partitions in the Windows
> Operating System and you won't be seeing that particular OS again ever.
> It's refractory to Recovery Console moves or commands and a repair/upgrade
> or parallel install will get nowhere.
> SP2 can destroy scans in Norton System works, the ability to make it run
> after boot, and Live Update the same as in Norton Antivirus.
> On some people's boxes the security center will monitor it, but how many
> people need the Security Center (none here) need the Security Center to 
> tell
> them where Technet is, how to get to Help and Support, or whether their AV
> or Firewall are all.  Very few individuals who install a Norton product
> don't adjust it at the Norton product or who are going to be working with
> the Windows Firewall as it evolves and gets better toward Longhorn are 
> going
> to be relying on the security center to check on the firewall.  My point 
> is
> that there are 3 things that happen with multiple versions of NAV that 
> don't
> work with SP2--sometimes with the patch update.  There are fixes for them,
> and sometimes they don't work.  System scans, booting up with Auto Protect
> Off (it usually can be turned on but sometimes can't--and Auto Protect is
> key because it does script blocking/scanning and email scanning--even if 
> you
> had them both turned off (they are duplication in Norton/Symantec) auto
> protect will cover that functionality.  Live Update will often not work 
> with
> SP2 and for those people, they can't update to the patches anyway, because
> Norton has chosen not to make the patches available any alternative  way
> which is goofy to say the least.
> *Contradiction of Instructions by Microsoft and Symantec/Norton on SP2*
> There is also the direct contradiction between Microsoft's instructions 
> and
> Norton's.  Every place MSFT has an SP2 article at Technet, MSDN, the XP
> Expert Zone or any place on MSFT's site, you are told you should uninstall
> AV to install SP2.
> Symantec and Norton explicitly tell you to wait to install SP2 until you
> have updated NAV--and in the case of Symantec patches for enterprise
> security, AV, and firewall products there is a vague timetable projecting 
> 8
> weeks out from now for release toward the end of September.
> When you install a Symantec or Norton 2005 product, it tells you 
> explicitly
> to *turn off the Windows firewall--something I know the Networking team 
> and
> SP2 team did not strive to have done.   NAV 2005 has a piece of their NIS
> 2005 firewall, so-called "Worm Protection" although how much a piece is
> impossible to quantify unless you are a Symantec engineer who has the 
> code.
> I do know that Microsoft is definitely developing Microsoft Antivirus
> products, but that the publicity campaign for them is non-existent.  I 
> would
> bet on Microsoft to produce a superior product to Symantec/Norton in a
> number of ways, including the ridiculous necessity to read 10 Norton KBs 
> to
> do a cascade of work arounds to make a product work.  Live Update is a 
> great
> example.  Scans that fail are another.  Clicking a plus to go to a drop 
> down
> to get a link to get the 5th KB you've used for one Norton problem is like 
> a
> childeren's game.  Those come into play with SP2.
> I personally hope Microsoft puts Norton and Symantec out of business  and 
> gets their AV product up and running rapidly.  I guarantee Symantec is 
> looking over their big floundering shoulders.
> Best,
> Chad Harris
> _________________________________
> "Chris H." <> wrote in message 
> news:%23Ledkh6fEHA.3348@TK2MSFTNGP12.phx.gbl...
> Between your post last night, Chad, and early morning (PDT), I'm seeing
> reports of Live Update now downloading the proper fix so the Norton 
> Internet
> Security 2004 is now compatible with SP2, and Norton Antivirus is now
> properly reporting to the XP Security Center its status.
> -- 
> Chris H.
> Microsoft Windows MVP/Tablet PC
> Tablet Creations -
> Associate Expert
> Expert Zone -
> "Chad Harris" <> wrote in message
> news:Omrhpw2fEHA.3048@TK2MSFTNGP09.phx.gbl...
>> Unfortunately, Chris, Norton didn't come out with anything yet for home 
>> and small business users on their site and have thus far refused to 
>> specify the degree of backwards compatibility that the promiesed and not 
>> yet delivered patches for *Norton* products would entail.  Although there 
>> are go arounds to make SP2 work with any version of Norton product, and 
>> some a little bit Byzantine--the routine where you read one Norton KB and 
>> click on an icon in Live Update to reveal the next KB to read, followed 
>> by a hyperlink in the error message to read the 3rd KB--they all end with 
>> uninstalling Norton appropriately I belive and should add to install a 
>> product from another company.
>> The webpage that didn't deliver from Norton that has been up all week is 
>> this one:
>> They plan whenever this happens (it didn't happen on August 10 as the web 
>> page has been announcing all week, to deliver a patch in two parts, the 
>> second after a reboot.
>> The importance of SP2 working for enterprises and home was in Microsoft's 
>> press release:
>> "With the proliferation of viruses and other broad threats on business 
>> and
>> consumer desktops, I can think of no higher priority than trying to 
>> ensure
>> the security of personal computers," said Rob Enderle, principal analyst 
>> for
>> the Enderle Group. "Whether the customer is a large enterprise, a small
>> business or an individual, Windows XP Service Pack 2 is critical because 
>> it
>> addresses today's exposures in a comprehensive fashion. For anyone 
>> currently
>> using Windows XP, my advice is to apply it at your earliest opportunity."
>> The disingenuous comment by Symantec Senior Vice-President Stephen Cullen 
>> is here:
>> "With the proliferation of viruses and other broad threats on business 
>> and
>> consumer desktops, I can think of no higher priority than trying to 
>> ensure
>> the security of personal computers," said Rob Enderle, principal analyst 
>> for
>> the Enderle Group. "Whether the customer is a large enterprise, a small
>> business or an individual, Windows XP Service Pack 2 is critical because 
>> it
>> addresses today's exposures in a comprehensive fashion. For anyone 
>> currently
>> using Windows XP, my advice is to apply it at your earliest opportunity."
>> Actually in *several papers* available at Technetand MSDN,  Microsoft 
>> urges people to uninstall the antivirus before installing SP2.  There is 
>> a different story though, from Symantec who advises people to wait for 
>> their patches before installing SP2 on the webpage linked above.
>> "Symantec will release a product update to provide native support for the 
>> Windows Security Center status utility found in SP2. This update will be 
>> available worldwide over the coming weeks and will enable Symantec 
>> products to communicate their status to the Windows Security Center 
>> utility."
>> Symantec asks you to wait, and in the case of their time table for 
>> enterprise editions for a vague range up to 8 weeks:
>> FAQ Running Symantec Client Security
>> "Symantec encourages its customers to install the product update prior to 
>> installing SP2 in order to avoid incorrect reporting from Windows 
>> Security Center."
>> The "security center" for almost everyone who reads and contributes on 
>> these two groups is pretty moot, since they don't need that very basic 
>> thing to tell them where Technet security links are, or whether their 
>> firewall and AV are "on."  But many Norton products require work-arounds 
>> to make a system scan work (can be obtained as well from any web site and 
>> sometimes will work from the command line with SP2 and for some people 
>> will not), to make "Live Update" for what it's actually worth work, and 
>> to boot up with auto protect on.
>> Actually script blocking and email blocking are duplicative ancillary 
>> functions and hype in a Norton/Symantec AV product--not because those 
>> things aren't important--but because any engineer who works at Symantec 
>> will tell you that Auto-Protect does everything the other two do, and the 
>> other two could actually be turned off and you'd still get email scanning 
>> and script blocking.
>> Norton Antivirus 2005 actually has a box telling people *explicitly to 
>> turn the Windows Firewall in SP2* off as does their Tech Support 
>> currently (I spoke with several of them yesterday)--the reason being 
>> because NAV 2005 has a little code from their "worm protection" or 
>> firewall which competes with the Microsoft Windows firewall.  How much 
>> firewall is available in NAV 2005 is hard to determine (their new "worm 
>> blocking feature.")  Obviously it isn't the whole NIS 2005.
>> NAV 2005 for many people who have used it works fine with SP2 until the 
>> third boot, and then it has the well known freeze in refresh problem that 
>> is addressed sometimes by this Symantec KB which applies to Win XP RTM 
>> although it doesn't say so.  A lot of Symantec/Norton KBs are labeled 
>> forone year's version but the same steps apply to versions of Windows and 
>> Norton after 9X. This is corrected by reregistering "jscript.dll" and 
>> downloading and reinstalling Windows Script Host 5.6 and other 
>> components.
>> The more people they tick off by dragging their feet on compatibility to 
>> force sales of 2005 boxes, the better it may be for the new company, "the 
>> new security vendor on the block,"  Microsoft Antivirus.
>> Best,
>> Chad Harris
>> _____________________________________________________________________
>> "Chris H." <> wrote in message 
>> news:%2317WUfwfEHA.636@TK2MSFTNGP12.phx.gbl...
>> The problem in some cases is (1) a previous version of the beta SP2 
>> software
>> has been installed, and a program installed during that existence, or (2) 
>> a
>> software company hasn't updated their software to work with SP2 yet
>> (example:  Norton/Symantec, which is coming out today with an update to 
>> fix
>> issues).  Otherwise, it is very rare a program will fail.
>> -- 
>> Chris H.
>> Microsoft Windows MVP/Tablet PC
>> Tablet Creations -
>> Associate Expert
>> Expert Zone -
>> "KMO" <> wrote in message
>> news:Xns95416BD9E3EF4KMO@
>>> "Mike Williams [MVP]" <mikew@Nospam]> wrote in
>>> news:#5FkhRmfEHA.2764@TK2MSFTNGP11.phx.gbl:
>>>> Some software is known to fail on SP2 due to new security settings.
>>> Well that doesn't sound very inviting!