 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
| HomeDiscussionsAccessExcelInfoPathOutlookPowerPointPublisherWordDirectoryUser Groups Related Topics Outlook ExpressInternet ExplorerWindowsMS Server ProductsMore Topics ... |
MS Office Forum / Word / Setup / January 2004Word starts slow and doc's load slow
Running Win 2K and Office XP I reloaded a system that had crashed for a friend today and I'm having delay problems with Word. It takes about 1 minute to load Word and about a minute to load any document. While the doc is loading the lower left says "requesting virus scan". If I disable the network card, Word and Docs load in about 5 seconds... Any ideas? >-----Original Message----- >Running Win 2K and Office XP [quoted text clipped - 6 lines] >ideas? >. I hope someone from Microsoft support is reading this because I spent a good deal of time tracking down the source of this problem using SMS Network Monitor. The cause is apparently due to the fix discussed in this KB article that is now malfunctioning: http://www.microsoft.com/technet/treeview/default.asp? url=/technet/security/bulletin/MS01-017.asp Some core Windows component is trying to access crl.verisign.com (the first thing you'll see is a DNS lookup to resolve the IP for this domain). It then tries to download the file http://crl.verisign.com/Class3SoftwarePublishers.crl. This file is a 'certificate revocation list' that I can only guess that VeriSign (?) maintains. It contains info about security certificates that were fraudulently issued under Microsoft's name and now MS has fixes in their OS to download this file off the internet (frequency unknown) and use for OS validation. However, the site is DOWN (or some of the IP's that crl.verisign.com point to are). This is causing whatever's requesting this file via HTTP GET requests to timeout (usually it tries about 4 times, every 4 secs). To compound the problem, apparently now even if the file is successfully downloaded, the control seems to keep downloading the file every time it initializes (actually, according to the network trace, it downloads it twice starting MS Word). Definitely a huge problem in something. You would think that if this type of scheme were being used that the control would only do this every week or two at most and cache the result, but it appears to now be malfunctioning (possibly due to some other certificate expiration?) and doing this all the time now (seems to have started yesterday for me on all 3 of my machines at home and my work PC now too). I've tried ping'ing the site periodically through the day and the I keep getting redirected to various IP addresses, some of which are up and some that go up and down very randomly. It tells me that someone is working feverishly to try to stop what now seems like a denial of service attack to the site(s) because of the malfunction. Whatever's doing this does have some intelligence built in, though. If you disconnect your LAN cable or disable the LAN card, it gives up immediately and all appears to work fine. Not a good workaround. For me, it's also affecting other programs like Norton Antivirus when trying to launch the config from the system tray. If I take a network trace, I see the same behavior. Problem seems to have gotten worse after I downloaded the latest NAV program updates, too. It really depends on the app and how many times it causes whatever's doing this to go out and try to download the file. You would think MS's support would be flooded with calls by now and VeriSign should be quite upset with a world of Windows PC's now slamming the site. I thought it was only happening to me until I dug into the problem myself and realized this should be happening all over. According to this message board and other searching around the internet this appears to have started. This needs to be fixed by Microsoft ASAP. I had the same problem and found a soulution on the NG's. It was caused by a NAV (Norton Antivirus) update yesterday. A temporary fix is to Disable the Office Plugin in NAV. Right click the NAV icon, go to Configure, go to Miscellaneous and uncheck "unable Office Plug In" (at least until Symantec can figure it out) Steve >-----Original Message----- > [quoted text clipped - 79 lines] > >. I've got machines that are running a much older version of the NAV 2003 Pro (pre the latest EXE update), and they still have the same problem. If it really has something to do with NAV then I suspect a combination of a MS update and something like a certificate expiration. Everything was working great until yesterday. Possibly another workaround is to uncheck the certificate revocation checking under security section in IE options/Advanced. I don't advise this except as a test. I have yet to try it and take another network trace. Jeff >-----Original Message----- >I had the same problem and found a soulution on the NG's. [quoted text clipped - 100 lines] >> >. I think I've found the problem. There are a number of VeriSign certificates on the system that expired on 1/7/2004 (even one for 1/6/2004). You can view them all under the IE config options/Content/Certificates. The one I see trying to get downloaded is the Class 3 certificate. Apparently there isn't a newer one available or it is failing to get updated properly if it does come down ok. Whose responsibility is it to provide updated versions, VeriSign or MS? I would have thought they would come down with all these cumulative IE updates always on Windows Update. Jeff >-----Original Message----- >I've got machines that are running a much older version [quoted text clipped - 130 lines] >> >. Thanks for the sleuthing Jeff. I'm glad I've found out the reason for the problem I've been having, but am perturbed for a few reasons: a) how and when will the problem be resolved? b) I installed ZoneAlarm and sure enough both Word and Excel were trying to get out to the Internet. I blocked them, but somehow they are still managing to get around ZoneAlarm and packets are coming and going as the app is loading. Not sure how they are evading ZoneAlarm. c) I can't believe all the certificates in IE. Who are these people? Should I be worried about SecureNet or Thawte? Perhaps I should go back to Netscape. Maybe that would help. >-----Original Message----- >I think I've found the problem. There are a number of [quoted text clipped - 75 lines] >>>>to download the file >>>>http://crl.verisign.com/Class3SoftwarePublishers.crl. >>>>This file is a 'certificate revocation list' that I >can [quoted text clipped - 73 lines] >>>> >>>>This needs to be fixed by Microsoft ASAP. Thanks for the sleuthing Jeff. I'm glad I've found out the reason for the problem I've been having, but am perturbed for a few reasons: a) how and when will the problem be resolved? b) I installed ZoneAlarm and sure enough both Word and Excel were trying to get out to the Internet. I blocked them, but somehow they are still managing to get around ZoneAlarm and packets are coming and going as the app is loading. Not sure how they are evading ZoneAlarm. c) I can't believe all the certificates in IE. Who are these people? Should I be worried about SecureNet or Thawte? Perhaps I should go back to Netscape. Maybe that would help. >-----Original Message----- >I think I've found the problem. There are a number of [quoted text clipped - 75 lines] >>>>to download the file >>>>http://crl.verisign.com/Class3SoftwarePublishers.crl. >>>>This file is a 'certificate revocation list' that I >can [quoted text clipped - 81 lines] >> >. Thanks for the inputs Jeff. I'll keep looking to see if I can find anything else showing a correction to the problem. I also found some information on the Symantec web site that might be of interest to you at the link below. http://service1.symantec.com/SUPPORT/sharedtech.nsf/docid/ 2004010810205113 >-----Original Message----- >I think I've found the problem. There are a number of [quoted text clipped - 75 lines] >>>>to download the file >>>>http://crl.verisign.com/Class3SoftwarePublishers.crl. >>>>This file is a 'certificate revocation list' that I >can [quoted text clipped - 81 lines] >> >. In regards to Jeff's comment: >Some core Windows component is trying to access >crl.verisign.com (the first thing you'll see is a DNS >lookup to resolve the IP for this domain). It then tries >to download the file >http://crl.verisign.com/Class3SoftwarePublishers.crl. >To compound the problem, >apparently now even if the file is successfully >downloaded, the control seems to keep downloading the >file every time it initializes (actually, according to >the network trace, it downloads it twice starting MS Word). I'm interested in more details here since our own testing shows that once the file (Class3SoftwarePublishers.crl) is downloaded and stored in the IE cache, it is not subsequently fetched from the network. Do you still see the same behavior if you sniff the network traffic today? Do you know that NAV was the source of the crl file request? Have you installed a later NAV update that changed the behavior? Please email me or post any further details of your system environment and answers to the above if you have seen the behavior Jeff describes. Thanks, Mike Lenz VeriSign |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.