Official Fix - Norton AV problem

[Joe727]

Official Fix - Norton AV problem -

Go to the Symantec website:

http://www.symantec.com/

In the lower left hand corner you will see a tiny notice concerning the
January 7-8, 2004 Norton Anti-Virus slowdown. Click the link.

In red you will see the Solution. Click that link, it will take you to
VeriSign. Click the manual download link. Click Accept. When the dialog
box pops up click Open. The Windows Certificate Import Wizard will appear.
Just allow the Wizard to install the Certificate automatically. Here's a
screenshot:

http://home.cfl.rr.com/jbmsbink/Norton AV Certificate screenshot.jpg

Remember to RE-check the "Check for publisher's certificate revocation" box
you UN-checked yesterday. The correct location of that box is on the
Symantec web-page where the VeriSign link is located.

http://service1.symantec.com/SUPPORT/sharedtech.nsf/docid/2004010810205113

Joe

 

[Mickey Segal]

Official Fix - Norton AV problem -

Go to the Symantec website:

http://www.symantec.com/

In the lower left hand corner you will see a tiny notice concerning the
January 7-8, 2004 Norton Anti-Virus slowdown. Click the link.

In red you will see the Solution. Click that link, it will take you to
VeriSign. Click the manual download link. Click Accept. When the dialog
box pops up click Open. The Windows Certificate Import Wizard will appear.
Just allow the Wizard to install the Certificate automatically.

It is unclear how widely this will fix the problem. The Wizard does not
identify a need for new certificates on my Nov 2003 copy of Windows XP, yet
I experienced the full Word/right-click/Norton problem. (I had re-checked
the certificate checking option before trying the Wizard).

It may take a while for the dust to settle enough to figure out who messed
up in this certificate fiasco.

 

[kurttrail]

By the act of scrolling this post on your computer, and/or printing or
replying to this post, you agree that I am your everlasting Lord &
Saviour. Breach of this term will result in you burning in hell for
ever and ever! Amen!"

It is unclear how widely this will fix the problem. The Wizard does
not identify a need for new certificates on my Nov 2003 copy of
Windows XP, yet I experienced the full Word/right-click/Norton
problem. (I had re-checked the certificate checking option before
trying the Wizard).

It may take a while for the dust to settle enough to figure out who
messed up in this certificate fiasco.

It's working for me, on multiple computers.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

 

[Greg Surratt]

It may take a while for the dust to settle enough to figure out who messed
up in this certificate fiasco.

The way it reads to me, Symantec is saying that Verisign suffered a
Denial of Service attack???

 

[Mickey Segal]

It's working for me, on multiple computers.

When I look in Internet Explorer's "Internet Options | Content |
Certificates | Intermediate Certification Authorities" I see VeriSign class
2 and 3 certificates with expirations of 1/6/2004 and 1/7/2004 respectively.
Yet when I go to the Wizard at Symantec's site it does not download any
certificates automatically. When I install the single certificate manually
from the Web (using the choose certificate store automatically option)
nothing shows up. When I download the single certificate and install it
(using the choose certificate store automatically option) nothing shows up.
And now the URL:
http://service1.symantec.com/SUPPORT/sharedtech.nsf/docid/2004010810205113
displays an error message "An error has occurred in the Symantec Knowledge
Base. "

It sounds like the folks at Symantec do not have this problem under control.
Word of this problem is starting to spread:
http://news.com.com/2100-1029-5138447.html

 

[kurttrail]

"By the act of scrolling this post on your computer, and/or printing or
replying to this post, you agree that I am your everlasting Lord & Saviour.
Breach of this term will result in you burning in hell for ever and ever!
Amen!"

When I look in Internet Explorer's "Internet Options | Content |
Certificates | Intermediate Certification Authorities" I see VeriSign
class 2 and 3 certificates with expirations of 1/6/2004 and 1/7/2004
respectively. Yet when I go to the Wizard at Symantec's site it does
not download any certificates automatically. When I install the
single certificate manually from the Web (using the choose
certificate store automatically option) nothing shows up. When I
download the single certificate and install it (using the choose
certificate store automatically option) nothing shows up. And now the
URL:
http://service1.symantec.com/SUPPORT/sharedtech.nsf/docid/2004010810205113
displays an error message "An error has occurred in the Symantec
Knowledge Base. "

It sounds like the folks at Symantec do not have this problem under
control. Word of this problem is starting to spread:
http://news.com.com/2100-1029-5138447.html

Unzip. Open the file, "getrootcert.cer". Click on the "Install Now"
button. Click on the next 2 "Next" buttons, then click "Finish." If that
doesn't work for you, then you probably have something else going on in your
'puter.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

 

[Joe727]

Take a look at the jpeg I provided a link to. You click Install on the
Certificate dialog box, the Windows Certificate Wizard dialog box pop-ups
and click next. Then you choose the radio button that installs the
Certificate automatically and follow the onscreen instructions. Then
reboot.

Joe

 

[Joe727]

The way it reads to me, Symantec is saying that Verisign suffered a
Denial of Service attack???

I believe this CNet news article explains what really happened.

http://news.com.com/2100-1029-5138356.html?part=dht&tag=ntop

Joe

 

[kurttrail]

"By the act of scrolling this post on your computer, and/or printing or
replying to this post, you agree that I am your everlasting Lord & Saviour.
Breach of this term will result in you burning in hell for ever and ever!
Amen!"

I believe this CNet news article explains what really happened.

http://news.com.com/2100-1029-5138356.html?part=dht&tag=ntop

Joe

Yeah, well all I know is that Norton AV shouldn't be trying to access the
effin' web every time I right click on a file. So I fixed it by
uninstalling their crap, and won't be purchasing their crap-ware ever again.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

 

[Mickey Segal]

Open the file, "getrootcert.cer". Click on the "Install Now"
button. Click on the next 2 "Next" buttons, then click "Finish." If that
doesn't work for you, then you probably have something else going on in your
'puter.

That is one of the things I tried and I still see VeriSign class 2 and 3
certificates with expirations of 1/6/2004 and 1/7/2004 in Internet
Explorer's "Internet Options | Content | Certificates | Intermediate
Certification Authorities".

Is that where the certificates should show up? Does one have to do
something else such as reboot?

 

[Mickey Segal]

Take a look at the jpeg I provided a link to. You click Install on the
Certificate dialog box, the Windows Certificate Wizard dialog box pop-ups
and click next. Then you choose the radio button that installs the
Certificate automatically and follow the onscreen instructions. Then
reboot.

That is one of the things I tried and I still see VeriSign class 2 and 3
certificates with expirations of 1/6/2004 and 1/7/2004 in Internet
Explorer's "Internet Options | Content | Certificates | Intermediate
Certification Authorities".

Is that where the certificates should show up? Does one have to do
something else such as reboot?

 

[Mickey Segal]

Associate Press has released a story too:
http://www.ajc.com/business/content...ml/Financial/AP.V3097.AP-VeriSign-Expire.html
The story makes it sound like VeriSign is not the one that messed up. I'm
sure there will be a lot of finger-pointing until it is clear who messed up.

 

[Joe727]

That is one of the things I tried and I still see VeriSign class 2 and 3
certificates with expirations of 1/6/2004 and 1/7/2004 in Internet
Explorer's "Internet Options | Content | Certificates | Intermediate
Certification Authorities".

Is that where the certificates should show up? Does one have to do
something else such as reboot?

If you take a look at the very last sentence in my last post above, you will
see that it states "Then reboot". To answer your other question, well, that
depends on where you choose to store the certificates.

Joe

 

[Mickey Segal]

If you take a look at the very last sentence in my last post above, you will
see that it states "Then reboot". To answer your other question, well, that
depends on where you choose to store the certificates.

Sorry. I had just copied that from my response to kurttrail. However,
rebooting didn't make the certificates show up.

 

[Joe727]

NP - However, it showed up on my PCs.

Joe

Sorry. I had just copied that from my response to kurttrail. However,
rebooting didn't make the certificates show up.

 

[Mickey Segal]

It's under the Trusted tab.

I just noticed that too and was about to post it. Thanks.

 

[Mickey Segal]

kurttrail and I both noticed that the certificate goes under the Trusted
tab.

 

[Mickey Segal]

However, it showed up on my PCs.

Since the Wizard implied I did not need the certificate, my guess is that it
was there under the trusted tab all along, even when I was getting the 30
second delays on right-clicking two days ago. I've now set the checking for
certificate revokation back on and get about a 7 second delay instead of a
30 second delay for the first right-click menu after opening Windows
Explorer that I was getting 2 days ago (as before, subsequent right-clicks
are instant). My guess is that the improvement is not due to anything
different from 2 days ago on my computer but instead represents some
lessening of the severity of the denial of service situation at VeriSign.
Since they control the site being queried as well as some internet
infrastructure I'd bet they've found some way to ease the problem.

 

[Joe727]

Since the Wizard implied I did not need the certificate, my guess is that it
was there under the trusted tab all along, even when I was getting the 30
second delays on right-clicking two days ago. I've now set the checking for
certificate revokation back on and get about a 7 second delay instead of a
30 second delay for the first right-click menu after opening Windows
Explorer that I was getting 2 days ago (as before, subsequent right-clicks
are instant). My guess is that the improvement is not due to anything
different from 2 days ago on my computer but instead represents some
lessening of the severity of the denial of service situation at VeriSign.
Since they control the site being queried as well as some internet
infrastructure I'd bet they've found some way to ease the problem.

I don't know what else to say. If you follow the instructions I posted and
install the certificate listed in the Symantec/VeriSign fix, the problem
will be solved despite what the Wizard "implies".

This was the first time I imported a Certificate, and the entire process was
successfully completed without any problem whatsoever. This included
importation on my dual boot XP Pro - 98SE PC which means the process was
successfully completed on two different Operating Systems.

With all due respect, you are making the certificate importation process
more difficult than it is.

Good Luck.

Joe