Norton AV upgrade cripples thousands Chinese computers

Tech News

By Steve Ragan May 21, 2007, 15:03 GMT

The Chinese Internet Security Response Team (CISRT), Symantec’s SRT group located in China, called it ‘Black Friday.’ In what should have been a routine update to the popular anti-virus software, an update issued Friday disabled several thousand computers across China. The Norton AntiVirus update caused the computers to recognize two Windows XP files as malicious and remove them. The result was the infamous BSOD (Blue Screen of Death) after a system reboot, resulting in a rather expensive paperweight.The files removed by Norton are lsasrv.dll and netapi32.dll according to several technical reports. The security software tags the files as being a malicious backdoor named appropriately Backdoor.Haxdoor Trojan. “With these files removed, Windows XP will no longer start up, and even the system safe mode no longer functions. Only Chinese language versions of Windows appear to be affected so far,” said a report on Usenet about the issue. (alt.comp.antivirus) “The problem appears to stem from an update Microsoft released in November 2006, which contained new versions of some system files, as PCs which have not applied this update are unaffected.”On the CISRT website, the issue was addressed and confirmed the Windows XP language version, “Only simplified Chinese Windows XP, SP2 users are affected by this false detection because they have patched Microsoft bulletins (MS06-070, KB924270). As now, Symantec has already fixed this false detection through LiveUpdate definitions (20070517, version 71). This issue has made a huge effection to Chinese people. According to Rising reports, more than 7,000 users have asked help for solving this problem to Rising. We hope this kind of issue will not happen again.”While there was a patch released to fix the issue, the problem remains that those who rebooted are left with no option to apply it. Some reports online quote Symantec advising users to ‘use the Windows XP CD and the Recovery Console.’ This solution will work by copying the removed files to the system, using command line tools, and rebooting the PC. The problem faced by many Chinese computer users, is that most do not own a Windows XP CD. Reports link this to the growing number of pirate copies of the Microsoft operating system installed across the country.The software is listed as Norton 360, which includes the Norton Anti-Virus software. Norton issued the warning to all customers just incase, but so far only Chinese computers are affected. Symantec offered assistance to those who need it in restoring their PCs according to a translated statement on the company website. The likely issue is those without a valid CD for Windows XP will receive little help.

Your Talkback on this Story

Note posts made on our older Talkback system will still show below. However, new posts can only be made via the new system (above). We will export the old comments to the new shortly. You can still comment as a guest on the new system but it also allows you to login using various social network and other accounts.

Other features coming soon.

Talkback

page: 1

michael clarkMay 22nd, 2007 - 01:11:27

I think there are problems with there updates here in canada also on the french version of norton as my wifes pc is full of problems since she opened it on friday and I had installed the last updates to it on Wen. ot night I removed norton and am reinstalling it now. I will let you know if it works.

Report this comment

Why not try other AV insteadMay 22nd, 2007 - 16:54:40

Norton AV used to be very effective and popular
in its earlier days. Not so it seems, and 'other'
Anti-virus software are getting better. Just
google it and you'll see your world of options...

So why not try other AV programs instead??

Report this comment

usvajsJun 14th, 2007 - 20:33:58

maybe there are backdoors in those dll files.

Report this comment

page: 1

Tech

Norton AV upgrade cripples thousands Chinese computers

Tech News

Your Talkback on this Story

Talkback

Latest Headlines in Tech

From Sites We Like

Latest PopEater News

Latest Cinema Blend News

Latest Tech Herald News

In Monsters and Critics

Corporate

The Fine Print