How to make Norton 360 Pishing Filter Go The Fuck Away

Dear internet, please remind me not to do free tech support anymore. Seriously! I mean it. Next time you see me agreeing to this bullshit just smack me upside the head or something.

To make a long story short, an acquittance asked me to solve their “bizzzzzzzzzare” computer issue the other day. And yes I was told that the problem is so bizarre they needed several extra Z’s for emphasis. I guess it was a trade in – bunch of Z’s for the second R. Sounds like a pretty decent deal to me.

The problem at hand was succinctly summarized to me as “Gmail don’t work”. Not the internet, not the browser – just Gmail, and only on that one computer which happened to be an old, decrepit dell machine. I decided to investigate, so I had the person log into her Gmail for me to see what happens. The page loaded fine, albeit slow – but I attributed it to the general slowness of the machine. So… I guess it’s fixed? Can I go home now?

“Watch this!” she exclaimed while clicking on the first unread email. The mouse turned into a hourglass, and IE started loading something very slowly. Several seconds passed, and nothing changed. So my friend decided to click on it harder and then even harder afterward. When that didn’t work, she decided to change strategy and click on it really fast – as if she was trying to communicate with the computer using morse code. Eventually IE said “fuck it” and displayed the famous “(Not Responding)” message in the toolbar.

“See? Every time I go into Gmail it crashes!” she said triumphantly, clearly pleased with this demonstration. Of course IE did not crash – it simply stopped responding because you just clicked on it like a million times. You have to understand that when you have a computer that was made at the begging of the bronze age, you can’t expect it to have instant response time. So I asked her to wait a bit, and about a minute and a half later, IE popped back to life, displaying the email she requested. Still, the response time was slow, even for an old computer. What’s more intriguing, other websites loaded much faster.

I installed Chrome on her system and ran a quick test. Gmail performance was blazing fast compared to IE. Unfortunately, my friend preferred that I fix IE instead of trying to force alternative browsers upon her. So I sat down and started digging. Pretty quickly I narrowed down the performance to the Phishing toolbar provided by her copy of Norton 360. I disabled the Phishing protection, restarted IE and Gmail started working normally. I enabled it, and Gmail would take a whole minute to load an email.

Norton 360 is a piece of crap, but since she just renewed the license for another year uninstalling it was not a viable option. So I recommended simply keeping the Phishing protection disabled from now on, which would work if Symantec did not go out of their way to make their software super intrusive. As soon as I disabled the feature, Norton but a huge red X in the task bar. Then, every few minutes it would display a popup message that warned the user she was not protected, taunting her with a large, alluring “Fix Protection Now” button. I looked through all the available options, looked online and even read the help files searching for a way to disable this message. Turns out there is no way to do this. You either run with the phishing filter on, or you have to deal with annoying nag messages popping up all the time.

I tried to explain this to my friend, but she did not listen to me. Lusers never do – it’s their defense mechanism. You see, if a computer illiterate people would even accidentally learn something about computer or technology in general, it could make them lose their street cred. So whenever one of us tries to explain something to them, they just switch off. Their eyes glaze over, and they nod politely – but they are not really there. Their mind is adrift somewhere else. So the conversation went something like this.

Me: So I just ignore these messages for now and don’t click “Fix” when it complains about the Phishing filter
Her: Ok. Got it.
Norton 360: WARNING! WARNING! YOU ARE NOT PROTECTED! CLICK HERE TO FIX!
Her: *quickly clicks on the fix button*
Me: facepalm.jpg

It was fairly clear that this solution would not work. So I started to dig around. I opened IE, pulled up the Manage Add-onns panel and found the entry for Norton Anti-Phishing toolbar (which was for some reason called “Norton Confidential” in the list). I noticed that it was linked to a file called CoIEPlg.dll. On her system it was located in:

C:\Program Files\Common Files\Symanted Shared\coShared\Browser\2.6\

So I decided to do something silly – I renamed that file and then re-enabled the phishing protection via the Norton 360 settings menu. Strangely enough, the nag message went away and the icon in the task bar turned green. I verified that Norton did not quietly restore the file while I was not looking and I tested IE. Surprisingly it launched without a hitch, simply ignoring the missing file completely. It also did not have any issue with Gmail this time around. I rebooted the machine few times to make sure it won’t restore the DLL at boot time. It did not. Amazingly, this ugly hack worked… Which I guess just goes to show that Norton is a piece of shit product. If it was worth the money people spend on it, it should have prevented me from doing this. It should have also had an option to disable Phishing filter without incurring the wrath of the Annoying Nag Bar Monster.

Oh, and don’t tell me I made her computer less secure this way. I did not. When I arrived, the toolbar was hidden in IE which prevented any substantial Phishing warnings from being displayed. She was not using it at all – merely doing her best to ignore it. So yes, this fix theoretically broke Norton, but fixed her Gmail. I installed a full version of Malwarebytes on that box which probably does more for protection than the whole memory hugging, bloated Norton 360 suite.

TLDR: I broke my friends POS Norton 360 installation to fix her Gmail. Also, why the fuck am I still doing free tech support? Someone stop me next time.

This entry was posted in sysadmin notes and tagged . Bookmark the permalink.



4 Responses to How to make Norton 360 Pishing Filter Go The Fuck Away

  1. Rob UNITED STATES Mozilla Firefox Windows Terminalist says:

    Isn’t it always the stuff you do for free that’s the most time consuming or the biggest pain in the ass? I think I’m with you, nothing for free anymore.

    Reply  |  Quote
  2. IceBrain PORTUGAL Mozilla Firefox Debian GNU/Linux Terminalist says:

    Ah, Norton. That brings me back to a time filled with slowness and nags everywhere.

    I remember that a couple years ago a friend of my mother’s had some version of Norton installed (just the Antivirus, if I recall correctly), and its “Full System Scan” was impossible to stop:
    The Antivirus would start it, showing a windows with the file names flying by. He would then click [stop], but all it did was stopping the filename change; the system scan would continue to be done in the background, slowing the system to a crawl.
    His solution was killing the process manually :|

    The worst part is that it didn’t prevent him from being infected with a virus sent from a friends computer!

    By the way, Luke, I think you have a typo:

    a computer that was made at the begging of the bronze age

    Reply  |  Quote
  3. Mart SINGAPORE Mozilla Firefox Windows Terminalist says:

    As the Joker once said, “If you’re good at something, don’t do it for free!” :D

    Seems like Norton is the phishing product in the first place. It takes people’s money every year for “subscriptions” while no longer “protecting” them. Sounds like a protection racket to me. Guess the money gleaned from these “subscriptions” goes into marketing rather than development at Norton.

    Reply  |  Quote
  4. Jay SINGAPORE Mozilla Firefox Mac OS says:

    At the end of the day, we’re all nice guys at heart who don’t mind a puzzle or two. ;)

    Reply  |  Quote

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>