Woody Leonhard's no-bull news, tips and help for Windows, Office and more… Please disable your ad blocker – our (polite!) ads help keep AskWoody going!
Home icon Home icon Home icon Email icon RSS icon
  • Active discussion of the AskWoody block on the Norton Community site

    Posted on July 8th, 2018 at 07:27 woody Comment on the AskWoody Lounge

    Thanks to all of you who have been helping, particularly @SoulAsylum.

    There’s an active thread about false positives being thrown by the latest version of Norton Safe Web, and AskWoody features prominently.

    If you care to chime in, any support would be most welcome.

    If you haven’t been following along, Norton Safe Web users are seeing a block on AskWoody.com in general, with this warning:

    Identity Threat / Phishing Attack in location/on page
    https://askwoody.com/2018/hotmail-outlook-pop-server-switcheroo

    And if you look at that page, it’s quite harmless.

    UPDATE: The Surfing Pensioner reports that Norton is no longer throwing bogus site warnings. We’re coming up five bars on the Norton Safe Web report.

    If that helped, take a second to support AskWoody on Patreon

    Home Forums Active discussion of the AskWoody block on the Norton Community site

    This topic contains 34 replies, has 14 voices, and was last updated by  SoulAsylum 6 days, 6 hours ago.

    • Author
      Posts
    • #202177 Reply

      woody
      Da Boss

      Thanks to all of you who have been helping, particularly @soulasylum. There’s an active thread about false positives being thrown by the latest versio
      [See the full post at: Active discussion of the AskWoody block on the Norton Community site]

      2 users thanked author for this post.
    • #202194 Reply

      anonymous

      I use Norton and have done so for a long time.

      I have a message for Norton.

      If you have a problem with the Ask Woody web site then please tell us what exactly it is.  If not then  please fix your warning message so it doesn t display whenever I go to the Ask Woody web site and do it right away.

      1 user thanked author for this post.
      • #203749 Reply

        SoulAsylum
        AskWoody Lounger

        Being that I provide support with Norton, (time donated Guru) I would like to suggest that everyone have an open mind about other entities within the IT field in general before making brash decisions. Over the years I have found that the only stupid questions are ones that aren’t asked. Likewise, the only solutions not found are usually the result of closed thinking processes, those where forging partnerships for a solution becomes harder than partisan information gathering and then just lumbering along until one is stumbled upon. That being said, fostering solid partnerships across the spectrum enhances knowledge for everyone. I look forward to being a possible liaison here to get answers for those who have and do not have accounts with Norton or use their products. We can all learn and mentor simultaneously, giving both communities the most accurate information possible and in a timely manner. I’m sure there may already be some members already here who regularly use the Norton forums as well. Hopefully they will join in and help make AskWoody and Norton the best places for answers possible. Have a grand week everyone.
        Cheers – SA

        • This reply was modified 6 days, 6 hours ago by  SoulAsylum.
    • #202199 Reply

      Jan K.
      AskWoody Lounger

      Just uninstall Norton and – Voila! Two flies killed with one smack! 😀

      2 users thanked author for this post.
    • #202201 Reply

      Sueska
      AskWoody Lounger

      Issues appear to be related to the Norton Connect Safe DNS servers. One of our computers uses Norton’s DNS servers for security(199.85.126.10 and 199.85.127.10). There have been problems for the last few days accessing Woody’s website with this PC. Firefox claimed the askwoody.com certificate expired on Sept 17, 2017.  No issues on my other PC which uses Google’s DNS servers. To test, I put Norton’s Connect Safe DNS servers in my device which could access askwoody.com without problems. Voila, now I had the same issues not being able to access the askwoody site. When I removed the Norton Connect safe dns servers I could get to the askwoody website again.

      • This reply was modified 1 week, 6 days ago by  Sueska.
      • This reply was modified 1 week, 6 days ago by  Sueska. Reason: fix font issues
      Attachments:
      You must be logged in to view attached files.
      1 user thanked author for this post.
      • #202242 Reply

        anonymous

        Indeed, both DNS servers return 156.154.175.215 and 156.154.176.215 (belonging to Neustar — https://whois.arin.net/rest/net/NET-156-154-0-0-1) for askwoody.com. Of course, the DNS reply is forged. Norton should be sued for abusing the DNS system to hijack the traffic to askwoody.com.

        • #202265 Reply

          anonymous

          Have they been sued or otherwise further sanctioned for their mismanagement of their Digital Certificate Authority privileges?

          1 user thanked author for this post.
    • #202206 Reply

      bjm
      AskWoody Lounger

      Norton SafeWeb and Norton ConnectSafe DNS Policy 1 employ the same database.

      2 users thanked author for this post.
    • #202224 Reply

      anonymous

      Earlier this afternoon (July 8) some new Norton definitions came in and I was able to access the askwoody.com  website with no ugly blocking screen, as it had been in the past few days.  Just tried it again – and guess what, back to being blocked…

    • #202245 Reply

      anonymous

      Woody, you should deploy DNSSEC for your domain! While it won’t prevent DNS abuse by Norton, DNSSEC-validating resolvers and clients prevent such malicious redirects. At least, you got a reason to call out on Norton; and they deserve some heat…

      2 users thanked author for this post.
    • #202303 Reply

      The Surfing Pensioner
      AskWoody Lounger

      All clear now.

      https://safeweb.norton.com/report/show?url=askwoody.com

      5 users thanked author for this post.
    • #202313 Reply

      anonymous

      The certificate problem happen often, these days.
      You just can’t get the staff, these days.

    • #202325 Reply

      lizzytish
      AskWoody Lounger

      Well like others I too have been privy to the Norton warning but it seems to be spasmodic –happens sometimes and not others.    Today I haven’t had that warning come up – so am presuming that it has been fixed – or maybe not.   But and although it’s a nuisance and possibly affecting Woody’s good name – it’s not the end of the world surely…..

      Take a look around – Has anyone been watching the news about the boys trapped in Northern Thailand ??   Now that’s mega!   The way those boys have survived and kept their morale up -2weeks they’ve been underground.   The way the rescue mission has been going about how to rescue and putting it in practice and slowly but surely getting them out.  The way people from other parts of the world have put their hands up and come forward to help with their expertise.   That’s mega…..  That’s what living is about – helping each other!

      I know we all get lost in our little world and lose sight of some great acts of courage and endurance – I know I do quite often – in fact very often – so I am posting this to remind us all and in particular ME that we need to sometimes lift our heads and look up and see the real world.   LT

      .”If you only read the books that everyone else is reading, you can only think what everyone else is thinking.”  Haruki Murakami

      6 users thanked author for this post.
      • #202335 Reply

        woody
        Da Boss

        We’ve been following the Thai cave saga intently. My wife (who’s watching the Thai-language media of various types) has been feeding me updates for Twitter. Eight boys out, five to go.

        4 users thanked author for this post.
        • #202344 Reply

          lizzytish
          AskWoody Lounger

          Eight !!!!    that’s brilliant……  my heart goes out to them all…… it’s incredible what they have achieved.     so resilient and steadfast.    When you think of what the boys and the divers who are working with them have to do – it’s absolutely mind blowing.  LT

          1 user thanked author for this post.
    • #202351 Reply

      Elly
      AskWoody MVP

      @soulasylum is to be commended for not just reporting issue with accuracy, but for not being brushed off, and continuing to provide feedback on the Norton Community thread, such as:

      “FWIW!! Several live updates have ran since the original posting in this thread. The false positives and rampant detections remain. There were no issues with any of these programs being used, no updates to those programs, totally clean systems as they always are. No PUP/Adware hidden installs. Just plain old NSBU engine going bonkers.”

      Actually, it was a great thread to read, as screen shots helped make the points. Then, @soulasylum responded to each less than effective response, so it didn’t look like it was not really a problem, or had been dealt with… way to go @soulasylum!

      Having recently used the OEM recovery media when replacing a new hard drive, I was dismayed that it took a very long time to uninstall Norton (so kindly provided as a trial version). The current Norton Removal Tool doesn’t completely remove the program (despite everyone saying to use it). It is designed only to remove part of it, in case of a bad install, and wants to immediately reinstall. Having made it past that hazard, I found multiple traces using Everything Search, and had to manually uninstall all the assorted parts. It is one thing to be difficult for malware to uninstall, it is totally obnoxious that the user interface is designed to prevent it from intentional uninstalls. From my point of view, that is mal-ware.

      Anyways, kudos to @soulasylum for getting Norton to do the right thing! AskWoody has always been a safe site to visit.

      Win 7 Home, 64 bit, Group B

      5 users thanked author for this post.
      • #202366 Reply

        anonymous

        Hello Elly, I was shocked to see your troubles with removing Norton even with the removal tool. In the past, we had success with the tool. But once or twice we had to run it a 2nd time and maybe in Safe Mode. In the worst cases we would have to manually remove a program. This was not impossible but was intense.

        You have to search the entire hard drive for Norton and Symantec. Every file or folder found is deleted. Most uninstall programs that come with a program do not get everything on purpose.This is to where you will not keep using the free trials. Something is usually left behind.

        Once you have found all files with the program’s name then you need to run a respectable registry cleaner to remove the registry keys pointing to those non existent files. We used the registry cleaner in Ccleaner (use Ccleaner 5.29 or older IMHO.) Another in our firm used an old version of JV16. This was done years ago, so things may have changed!!

        Once the registry cleaner removed the invalid registry keys you could do a search with Regedit and see if any other Norton or Symantec keys can be found.

        Removing these key is up to YOUR judgement. Before starting all of this you need to make a backup or a Registry Restore Point in Windows.

        We did have success years ago. Today may be a different situation.

        I actually found where people had trouble removing Norton in the Norton forums back in 2015.
        https://community.norton.com/en/forums/norton-internet-security-wont-uninstall

        Good luck to you and others.

        1 user thanked author for this post.
        • #202386 Reply

          Elly
          AskWoody MVP

          The old Norton Removal Tool worked better… that is what I used successfully, six years ago. Majorgeeks had it listed, but it wasn’t a valid link. The new one is designed to keep you on Norton, and really didn’t remove all the Norton and Symantec files… and I did have to go through and clean them out of the registry, and there were permissions problems, and files that couldn’t be removed because they were in use, and I had to chase it all down, despite using the current removal tool… in retrospect, it would have been easier to not use the OEM restore disks, and install from a clean Win 7 ISO… but it was a learning experience!

          And Ha! For a non-techy to do all that… well, I just say thanks to all the MVPs and other contributors here at AskWoody. I’d never have had the courage to see it through to the end.

          I’m feeling like there are more and more companies, that were once considered reputable, that are engaging in mal-ware type tactics to keep customers. From my point of view, those are companies that should be avoided, just like mal-ware. The fact that Norton was warning against AskWoody, a site that has been instrumental in keeping my computer stable and secure, so soon after I had to play wack-a-mole with its Security Suite, just emphasized that I made the right decision. It isn’t that they can’t make mistakes, ’cause people/businesses do. But their software is designed to not allow the end user that didn’t ask for it in the first place to uninstall it, and nag about reinstall… not just make it difficult for malware to disable. Not an ethical business.

          They finally did the right thing regarding AskWoody. Feeling a little bad for bashing them so badly… but they really need to be more responsive… at least if they want people to respect them.

          Win 7 Home, 64 bit, Group B

          2 users thanked author for this post.
        • #202397 Reply

          Microfix
          AskWoody MVP

          Elly, If you do run Regedit and look for Norton or Symantec as per anons post above:

          1. Hold down Win key and press r then type Regedit

          2. Back up your entire registry first before editing anything. (1st rule: backup somewhere safe)

          3. Hold down ctrl and press f (shortcut for find)

          4. Type in Symantec then press [enter]

          5. Once you find a key with the search result, export the key first (naming it ‘a’ saving somewhere safe) and then delete the registry key.

          7. Once deleted press F3 (next instance of search)

          8. Export the key first (naming it ‘b’ saving somewhere safe) and then delete the registry key.

          …and so on until all instances of Symantec are removed.

          Repeat step 4. onwards for the Norton search naming the exported keys as ‘a1’ ‘b1’ etc..

          It’s a slow process if you don’t wish to use registry cleaners (best avoided as these can do more damage than good)

          Most will be in HKLM and HKCU

          Reboot your PC and once everything works as intended over time, you can delete the exported .reg keys from your safe place.

          NOTE: If you are not confident enough to do it, perhaps this will help others. HTH

          | 2x Group A- W8.1 | Group A+ Linux Hybrid | Group W W7 Pro | Group W XP Pro
            No problem can be solved from the same level of consciousness that created IT - AE
          2 users thanked author for this post.
        • #202493 Reply

          anonymous

          Norton AV has been difficult to completely remove for a very long time.

      • #202396 Reply

        RDRguy
        AskWoody Lounger

        FYI … @elly
        There’s another Symantec removal tool available from Symantec that not only removes Symantec Enterprise products, but also their Norton consumer products. In fact, it pretty much looks for and attempts to remove most if not all other 3rd party Anti-Virus / Anti-Marware programs including our favorite “Windows Defender” if it’s name is contained in a “user edited” setup file. Check out the last couple of pages in the users manual link below.

        Essentially, it’s a tool mainly to prep your system for installation of Symantec Endpoint Protection (SEP) and therefore obviously called “SEPprep”. However it really doesn’t install anything unless you edit the setup file to do so.

        Basically you first need edit the setup file “SEPprep.ini” via a standard text editor. The setup file has 3 sections:

        1 – Settings (how you want SEPprep to run, log files, user interaction, etc.)
        2 – Uninstall Paths (normally don’t need to do anything here)
        3 – Product Names (this is where you list the programs you want to remove)

        Though it’s no longer being actively supported, it essentially uses the original program’s uninstall utility. It may or may not be successful at removing a partially installed/removed program depending on whether the original program’s uninstall utility is still available, intact and in the directory path specified in the Windows registry.

        You can find a description & download links for it here. The PDF SEPprep user manual is here.

        It’s really simple to set up & use. Only once did it not work successfully but the registry was in pretty bad shape that time.

        There’s another Symantec removal tool called “CleanWipe” here but, it’s mostly setup for SEP so I don’t think it’ll work on Norton.

        But it’s kept up-to-date and I’ve problems removing SEP even on partial/corrupt installs/uninstalls as it knows what to look for in the registry and file directories. I think this is Symantec’s Enterprise Removal tool equivalent to the “Norton Remove and Reinstall” tool here.

        Win7 Group B (Ultimate & Pro) [x64 & x86]
        MSOffice Pro Plus 2010 SP2 (x86 Perpetual)
        MSOffice Pro Plus 2013 SP1 (x64 Perpetual)
        RDRguy

        2 users thanked author for this post.
        • #202405 Reply

          Microfix
          AskWoody MVP

          Even better use see RDRguy’s post above #202396

          But, sometimes there are still remnants of old un-installed products, especially AV’s after using their removal tools this is where Regedit comes in play 😉

          | 2x Group A- W8.1 | Group A+ Linux Hybrid | Group W W7 Pro | Group W XP Pro
            No problem can be solved from the same level of consciousness that created IT - AE
          3 users thanked author for this post.
          • #202410 Reply

            RDRguy
            AskWoody Lounger

            Because SEPprep uses the original program’s uninstall file route via Windows, I would venture to say that you should be able to do mass program uninstalls of all kinds of programs from all kinds of vendors.

            I never tried this but it should be able to do it.

            And I agree with @rcprimak, if possible it’s best to do program uninstalls in safe mode without network connectivity especially Anti-Virus/Anit-Spyware/Firewall either stand-alone or all-in-one software packages.

            Edit: typo & forgot safe mode

            Win7 Group B (Ultimate & Pro) [x64 & x86]
            MSOffice Pro Plus 2010 SP2 (x86 Perpetual)
            MSOffice Pro Plus 2013 SP1 (x64 Perpetual)
            RDRguy

            • This reply was modified 1 week, 5 days ago by  RDRguy.
            • This reply was modified 1 week, 5 days ago by  RDRguy.
            3 users thanked author for this post.
            • #202415 Reply

              Microfix
              AskWoody MVP

              🙂 I have always done un-installations off-line and would sincerely advise anyone to adopt the habit.

              | 2x Group A- W8.1 | Group A+ Linux Hybrid | Group W W7 Pro | Group W XP Pro
                No problem can be solved from the same level of consciousness that created IT - AE
              2 users thanked author for this post.
            • #202419 Reply

              Elly
              AskWoody MVP

              I’m writing a note to self on uninstalling off-line, because that may have been part of the problem. But… I’m sort of proud of myself, because I was successful. I never would have been so brave if it wasn’t for the fact that my data was backed up, and hadn’t even been transferred to the new install, so I was just wrestling with a system that I could reinstall easily without risk of losing anything… and I did use Regedit (crossing fingers) without messing anything up. That was a huge tech step for me. Personal rule has been- Do Not Touch Registry!

              We are risking being chastened to stay on topic (Norton blocking AskWoody), and deservedly so… but there is a lot of good information here. Definitely AskWoody folks shine when it comes to offering help and options… so blocking them, even temporarily, from being able to help folks was a shame. If anyone has more to say on uninstalling Norton, we should start another thread. But thanks for all the ideas…

              Win 7 Home, 64 bit, Group B

              3 users thanked author for this post.
        • #202407 Reply

          Elly
          AskWoody MVP

          My first reaction is that this is too technical for me… but the instructions are really clear, and there is a step by step video to follow, too… hmm… I can follow directions…

          Luckily, I did completely banish Norton and Symantec from my system, prior to this… maybe some more techy types will find this useful, though. Thank you.

          Win 7 Home, 64 bit, Group B

          3 users thanked author for this post.
    • #202390 Reply

      geekdom

      Here are tools that may help uninstall:

      This one is free under certain conditions:
      https://geekuninstaller.com/

      I use the free one and it’s robust:
      https://www.revouninstaller.com/revo_uninstaller_free_download.html

      Another alternative:
      http://www.nirsoft.net/utils/uninstall_view.html

      If you have a death-wish for your computer, this one will let you clean up registry chunks. It is not for the faint of heart and is the option of last resort.
      http://www.nirsoft.net/utils/regscanner.html

      3 users thanked author for this post.
      • #202395 Reply

        PKCano
        AskWoody MVP

        Fixed it. 🙂

        2 users thanked author for this post.
      • #202399 Reply

        rc primak
        AskWoody MVP

        Normally I am a big fan of Geek Uninstaller, but never, never for antivirus products!

        Elsewhere at AskWoody I posted about a possible drive-by install of Avast Free AV while I was trying to download CCleaner’s latest update from their own downloads page, with all my ad blockers and script blockers up to full shields. I still got Avast force-installed, though it might have been something undeclared in the CCleaner installer.

        Geek Uninstaller tried to remove Avast and all their little nasties, and left Windows 10 Pro unable to boot, and Linux unable to access the NTFS partitions on that drive.

        Too bad Norton no longer offers a real complete removal tool. This makes it insanely difficult to remove any of their products — even the little program which assists in their “free” online scanner.

        The reason to go into Safe Mode to run any AV uninstaller is that they run Windows Services and Drivers which are almost impossible to stop, short of Windows Safe Mode or even an offline out-of-OS removal. Bootable (portable) versions of Revo uninstaller or some similar removal program might succeed in this effort (in Safe Mode or from Portable Media), because it can be run on a system which is inactive.  (I haven’t tried Geek Uninstaller Portable, but I assume it would work pretty well, too.)

        Again, the initial removal has to be with the tool which pairs up with the brand and version of the AV product you are trying to remove. The more generic removal tools only clean up leftovers, and with varying degrees of success.

        With Avast, their removal tool explicitly requires restarting into Windows Safe Mode, which their tool does for you. If Norton’s removal tool does not do this, make it a point to run it in Windows Safe Mode without Networking. That’s your best chance of successful removal, save for the Registry traces and empty folders which prevent reusing their Free Trial offers. Those you can remove by hand from Windows Safe Mode, or bust into the file system with Linux Live, which ignores the Permissions issues, but cannot edit the Windows Registry.

        It’s not like Avira has caused me any less of a pain and a bother, but I am willing to use that program as my front-line defense in Windows 10. I am not willing to trust Microsoft to guard their own chicken coop.

        In all these cases, before installation of any non-OEM third-party software, a good backup (I use Macrium Reflect Free) with boot (recovery) media which use WinPE 10 is your best defense. Same with any Microsoft product or service updates, and these can come as “drive-by’s” any day of the month now.

        -- rc primak

        • This reply was modified 1 week, 5 days ago by  rc primak.
        4 users thanked author for this post.
    • #202409 Reply

      Peacelady
      AskWoody Lounger

      Seeing that it’s a complicated mess to completely uninstall Norton — what about if I wait until my subscription expires (I don’t have automatic renewal) and don’t renew it, then will my Norton Security be totally uninstalled?  (I’m assuming that going to All Programs and finding Norton and hitting “uninstall” does not completely uninstall it).  Thanks!

      • #202414 Reply

        Elly
        AskWoody MVP

        @Peacelady- When the time comes, a lapsed subscription might leave you with renewal nagging… at that time, maybe you can post and get help to walk you through uninstalling. I wouldn’t worry about it until then.

        Win 7 Home, 64 bit, Group B

        2 users thanked author for this post.
        • #202421 Reply

          Peacelady
          AskWoody Lounger

          Thanks Elly & RDRguy.  May I be so bold Elly as to ask what antivirus you currently use?  No problem if you’s rather not say. 🙂

          • #202438 Reply

            Elly
            AskWoody MVP

            So… I’m not thrilled with any of my choices, and got less thrilled the more I researched. For one, I can’t afford to pay for anything extra right now. I ended up with MSE, not because I trust Microsoft, but because Woody recommended it.

            Win 7 Home, 64 bit, Group B

            1 user thanked author for this post.
      • #202416 Reply

        RDRguy
        AskWoody Lounger

        I don’t want to scare you but if I were a betting man, I would say that not only does it NOT uninstall itself, it starts bugging you every time you power up your computer and maybe every 1-4 hours thereafter informing you that your subscription has ended, your definitions are out-of-date and your system’s at RISK for who knows how long … maybe forever 🙁

        It’ll probably feel like Microsoft’s GWX campaign all over again only this time it’ll be Norton trying to get you to renew the subscription 🙁 🙁

        Win7 Group B (Ultimate & Pro) [x64 & x86]
        MSOffice Pro Plus 2010 SP2 (x86 Perpetual)
        MSOffice Pro Plus 2013 SP1 (x64 Perpetual)
        RDRguy

        2 users thanked author for this post.
    • #202412 Reply

      Microfix
      AskWoody MVP

      I personally found that by using these so called, ‘security scanners’ like McAfee Stinger, left so much crud in the registry I stopped using ANY of them years back. NEVER AGAIN, it was like trying to remove all the registry keys from an un-installed MSFT Silverlight…absolute endless nightmare within Regedit.

      | 2x Group A- W8.1 | Group A+ Linux Hybrid | Group W W7 Pro | Group W XP Pro
        No problem can be solved from the same level of consciousness that created IT - AE
      4 users thanked author for this post.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Active discussion of the AskWoody block on the Norton Community site

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Your information: