Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Comcast Norton takes too long to run


  • Please log in to reply

#16
sccm&49HELP

sccm&49HELP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts

I was sure I had. I went to get log files and made copies to put on desktop.

Log s1:# AdwCleaner 7.0.1.0 - Logfile created on Sat Aug 19 19:20:37 2017
# Updated on 2017/05/08 by Malwarebytes
# Database: 08-17-2017.2
# Running on Windows 10 Home (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Legacy, C:\ProgramData\Host App Service
PUP.Optional.Legacy, C:\ProgramData\Application Data\Host App Service
PUP.Optional.Legacy, C:\Users\All Users\Host App Service
PUP.Optional.Legacy, C:\Users\Default\AppData\Local\Host App Service
PUP.Optional.Legacy, C:\Users\Default User\AppData\Local\Host App Service
PUP.Optional.Legacy, C:\Users\sucat\AppData\Local\Host App Service


***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d10lpsik1i8c69.cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d10lpsik1i8c69.cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d22j4fzzszoii2.cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d22j4fzzszoii2.cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d2m2wsoho8qq12.cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d2m2wsoho8qq12.cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\iad-usadmm.dotomi.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\metrolyrics.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\plarium.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.metrolyrics.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d10lpsik1i8c69.cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d10lpsik1i8c69.cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d22j4fzzszoii2.cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d22j4fzzszoii2.cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d2m2wsoho8qq12.cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d2m2wsoho8qq12.cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\iad-usadmm.dotomi.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\metrolyrics.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\plarium.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.metrolyrics.com
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-3518785761-3789975573-1980056702-1001\Software\Host App Service
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-3518785761-3789975573-1980056702-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
PUP.Optional.Legacy, [Key] - HKCU\Software\Host App Service
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service


***** [ Firefox (and derivatives) ] *****

SearchProvider found: nortonsafe.search.ask.com - Norton Safe Search


***** [ Chromium (and derivatives) ] *****

SearchProvider found: Norton Safe - nortonsafe

/!\ Please Reset the Chrome Synchronization before cleaning the Chrome Preferences: https://support.goog.../answer/3097271


*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [7071 B] - [2017/8/19 16:16:27]


########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt ##########

_________________________________________________________________

Log S0:# AdwCleaner 7.0.1.0 - Logfile created on Sat Aug 19 16:16:27 2017
# Updated on 2017/05/08 by Malwarebytes
# Database: 08-17-2017.2
# Running on Windows 10 Home (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Legacy, C:\ProgramData\Host App Service
PUP.Optional.Legacy, C:\ProgramData\Application Data\Host App Service
PUP.Optional.Legacy, C:\Users\All Users\Host App Service
PUP.Optional.Legacy, C:\Users\Default\AppData\Local\Host App Service
PUP.Optional.Legacy, C:\Users\Default User\AppData\Local\Host App Service
PUP.Optional.Legacy, C:\Users\sucat\AppData\Local\Host App Service


***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d10lpsik1i8c69.cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d10lpsik1i8c69.cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d22j4fzzszoii2.cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d22j4fzzszoii2.cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d2m2wsoho8qq12.cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d2m2wsoho8qq12.cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\iad-usadmm.dotomi.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\metrolyrics.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\plarium.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.metrolyrics.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d10lpsik1i8c69.cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d10lpsik1i8c69.cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d22j4fzzszoii2.cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d22j4fzzszoii2.cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d2m2wsoho8qq12.cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d2m2wsoho8qq12.cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\iad-usadmm.dotomi.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\metrolyrics.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\plarium.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.metrolyrics.com
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-3518785761-3789975573-1980056702-1001\Software\Host App Service
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-3518785761-3789975573-1980056702-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
PUP.Optional.Legacy, [Key] - HKCU\Software\Host App Service
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service


***** [ Firefox (and derivatives) ] *****

SearchProvider found: nortonsafe.search.ask.com - Norton Safe Search


***** [ Chromium (and derivatives) ] *****

SearchProvider found: Norton Safe - nortonsafe

/!\ Please Reset the Chrome Synchronization before cleaning the Chrome Preferences: https://support.goog.../answer/3097271


*************************



########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########

_______________________________________________________

Now did I get the right one?

Susan


  • 0

Advertisements


#17
sccm&49HELP

sccm&49HELP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts

In logs in AdwCleaner, I saw a tab clean and found this log:# AdwCleaner 7.0.1.0 - Logfile created on Sat Aug 19 19:22:16 2017
# Updated on 2017/05/08 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\ProgramData\Host App Service
Deleted: C:\ProgramData\Application Data\Host App Service
Deleted: C:\Users\All Users\Host App Service
Deleted: C:\Users\Default\AppData\Local\Host App Service
Deleted: C:\Users\Default User\AppData\Local\Host App Service
Deleted: C:\Users\sucat\AppData\Local\Host App Service


***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d10lpsik1i8c69.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d10lpsik1i8c69.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d22j4fzzszoii2.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d22j4fzzszoii2.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d2m2wsoho8qq12.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d2m2wsoho8qq12.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\iad-usadmm.dotomi.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\metrolyrics.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\plarium.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.metrolyrics.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d10lpsik1i8c69.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d10lpsik1i8c69.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d22j4fzzszoii2.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d22j4fzzszoii2.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d2m2wsoho8qq12.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d2m2wsoho8qq12.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\iad-usadmm.dotomi.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\metrolyrics.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\plarium.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.metrolyrics.com
Deleted: [Key] - HKU\S-1-5-21-3518785761-3789975573-1980056702-1001\Software\Host App Service
Deleted: [Key] - HKU\S-1-5-21-3518785761-3789975573-1980056702-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted: [Key] - HKCU\Software\Host App Service
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service


***** [ Firefox (and derivatives) ] *****

SearchProvider deleted: nortonsafe.search.ask.com - Norton Safe Search


***** [ Chromium (and derivatives) ] *****

SearchProvider deleted: Norton Safe - nortonsafe


*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [7071 B] - [2017/8/19 16:16:27]
C:/AdwCleaner/AdwCleaner[S1].txt - [7139 B] - [2017/8/19 19:20:37]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########


  • 0

#18
sccm&49HELP

sccm&49HELP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts

link for picture of AdwCleaner log manager: https://www.dropbox....anager.jpg?dl=0

Hope this explains things.

Susan


  • 0

#19
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,594 posts
Hi Susan

That's the one. Perfect. :thumbsup:

We will do another few scans to check more things out.

Step1 - Malwarebytes


favicon-32x32.png Please download Malwarebytes to your desktop.

Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.

Once the program has fully updated, Proceed with the Scan options and select "Threat Scan".

The Scan Pane is the introduction to scan-related options in the program. When you click Scan in the Menu Pane, you will see the screen shown below.

10a.png

After a scan has been executed, scan results are displayed as shown below. In this scan, three threats were detected.

13a.png

Put a checkmark on all detected and click on "Quarantine Selected"

18a.png

Selected reports may be viewed on screen, or exported to a text file for later viewing. Please note that only manual (on demand) scans are available for users of the free version of Malwarebytes.

19a.png

Please note that an Export button is shown at the bottom left corner of this screen. This allows you to make a copy of the log for use by other programs. You may export to your clipboard or to a text (TXT) file. Export to a .txt file and post its contents.



Step2 - Emsisoft emegency Kit
  • Download the Emsisoft Emergency Kit and execute it. From there, click on the Extract button to extract the program in the EEK folder;
  • Once the extraction is complete, Emsisoft Emergency Kit will open, and suggest you to run an online update before using the program. Click on Yes to launch it.
  • After the update, click on Malware Scan under 2. Scan and accept to let Emsisoft Emergency Kit detect PUPs (click on Yes).
  • Once the scan is complete, if items are detected make sure that every item in the list is checked, and click on Quarantine selected;
  • If it asks you for a reboot to delete some items, click on Ok to reboot automatically;
  • After the restart, click on the Start Emsisoft Emergency Kit icon again on your desktop to open it;
  • This time, click on Logs;
  • From there, go under the Quarantine Log tab, and click on the Export button;
  • Save the log on your desktop, then open it, and copy/paste its content in your next reply.

  • 0

#20
sccm&49HELP

sccm&49HELP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts

In keeping with idea of posting as it happens, I am posting about Malware Bytes. I am noting that there seems to be no way to extend amount of time that C. N. is disabled and C. N. has a yellow check mark on icon in the toolbar.  Link for showing picture of what happened with download of MBAM: https://www.dropbox....icture.jpg?dl=0. It is a trial premium version?  See picture. So I ran a threat scan and obtained:Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 8/19/17
Scan Time: 5:16 PM
Log File: Malware bytes results.txt
Administrator: Yes

-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.160
Update Package Version: 1.0.2620
License: Trial

-System Information-
OS: Windows 10 (Build 15063.540)
CPU: x64
File System: NTFS
User: DEBORAH\sucat

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 374958
Threats Detected: 4
Threats Quarantined: 4
Time Elapsed: 3 min, 13 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 2
PUP.Optional.Package, C:\Users\sucat\AppData\Roaming\Mozilla\Firefox\Profiles\09f9ocbc.default\jetpack\@Package\simple-storage, Quarantined, [2526], [351121],1.0.2620
PUP.Optional.Package, C:\USERS\SUCAT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\09F9OCBC.DEFAULT\JETPACK\@PACKAGE, Quarantined, [2526], [351121],1.0.2620

File: 2
PUP.Optional.Package, C:\Users\sucat\AppData\Roaming\Mozilla\Firefox\Profiles\09f9ocbc.default\jetpack\@Package\simple-storage\store.json, Quarantined, [2526], [351121],1.0.2620
PUP.Optional.Spigot.Generic, C:\USERS\SUCAT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\09F9OCBC.DEFAULT\PREFS.JS, Replaced, [1902], [361538],1.0.2620

Physical Sector: 0
(No malicious items detected)


(end)

_________________________

I quarantined 4 items as you requested.Now onward to see about Emsisoft Emergency Kit.

Susan


  • 0

#21
sccm&49HELP

sccm&49HELP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts

No suspicious files were found during the scan. By closely following your installation/extraction instructions and reading the read-me text in the Emsisoft Emergency tool kit, I got it to extract program in the EEK folder, install the program, update, scan with looking for PUPs included. I saw where I could view a report without a reboot or a need to click on icon after a reboot. As nothing was suspicious, there was no need to look at Quarantine.

 

Here is report that I viewed:Emsisoft Emergency Kit - Version 2017.6
Last update: 8/19/2017 6:05:47 PM
User account: DEBORAH\sucat
Computer name: DEBORAH
OS version: Windows 10x64

Scan settings:

Scan type: Malware Scan
Objects: Rootkits, Memory, Traces, Files

Detect PUPs: On
Scan archives: Off
Scan mail archives: Off
ADS Scan: On
File extension filter: Off
Direct disk access: Off

Scan start:    8/19/2017 6:06:24 PM

Scanned    81635
Found    0

Scan end:    8/19/2017 6:09:50 PM
Scan time:    0:03:26
****************************

Please tell me at your convenience, what to do next! Thanks for your help so far.

Susan


  • 0

#22
sccm&49HELP

sccm&49HELP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts

Just checked recent history in C. N.:Category: Norton Error Reporting
Date & Time,Risk,Activity,Status,Error Type,Error Time,Error ID,Error Class,Product Name,Product Version,Process ID,Thread ID,Process Name,Process Version,Process Timestamp,Module Name,Module Version,Module Timestamp,Module Offset,Hash Code,Component Name,Component Id,Error Code,Severity,Error File
8/19/2017 6:24:31 PM,Info,Norton Error Reporting Submission,Submitted,Error Condition Detected,8/19/2017 3:49:23 PM,{1DB7C0AF-5A4F-4B76-B6E3-CA29D2B4D254},0xE086388D,Norton 360,22.10.0.85,0xA28,0x2BE8,N360,15.0.0.80,6/14/2017 12:04:18 AM,ccScanw,15.0.2.18,6/7/2017 6:31:00 PM,0x7AB61,0x52B703A8,ccScanw,0x1,0x80070006,High,"C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\CmnClnt\ErrorInstances\E086388D\1DB7C0AF-5A4F-4B76-B6E3-CA29D2B4D254.dat, C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\ErrMgmt\Queue\Incoming\SQ_{EA5A8A95-F885-4F61-A831-FB44CBE9E144}\SQ_{1B10DED3-C08E-4AAF-8FF8-91A18AC94C2F}.etl, C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\ErrMgmt\Queue\Incoming\SQ_{EA5A8A95-F885-4F61-A831-FB44CBE9E144}\SQ_{BC7AAC8E-906E-4415-A422-EBB6B1E31AA9}.plist, C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\ErrMgmt\Queue\Incoming\SQ_{EA5A8A95-F885-4F61-A831-FB44CBE9E144}\SQ_{6824E43F-C2D1-45A5-A5EC-57B96F632434}.dlist"

Don't know what this means.

Susan


  • 0

#23
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,594 posts
I'm not too sure myself what it means but your drive is looking clean.

Has the the other drives had a completed virus scan? The info you originally posted seems to suggest Norton is doing what it should.

It's late here in the UK so I am about to sign off for the night, you can turn your AV back on again. You could try a full scan on your drive if you wish and report back on this.

You mentioned about a BSOD which is what brought you here. Can you run the following program and post the result.
  • Download WhoCrashed to your desktop.
  • Right click on the file and select Run as administrator.
  • Accept the Licence agreement to install the software.
  • Click the Analyse button.
  • Once analysis complete scroll down to view the report.
  • Please copy and paste the report produced in your next reply.

  • 0

#24
sccm&49HELP

sccm&49HELP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts

Ok for your next convenience here is the report:Computer name: DEBORAH
Windows version: Windows 10 , 10.0, build: 15063
Windows dir: C:\WINDOWS
Hardware: F0BF002KUS, LENOVO, SKYBAY
CPU: GenuineIntel Intel® Pentium® CPU G4400T @ 2.90GHz Intel586, level: 6
2 logical processors, active mask: 3
RAM: 8482426880 bytes total


 

Crash Dump Analysis


Crash dump directory: C:\WINDOWS\Minidump

Crash dumps are enabled on your computer.

On Sun 8/13/2017 4:10:53 PM your computer crashed
crash dump file: C:\WINDOWS\Minidump\081317-50546-01.dmp
This was probably caused by the following module: srtsp64.sys (SRTSP64+0x33F2)
Bugcheck code: 0x3B (0xC0000005, 0xFFFFF8013D7833F2, 0xFFFF9481F5C48650, 0x0)
Error: SYSTEM_SERVICE_EXCEPTION
file path: C:\WINDOWS\System32\Drivers\N360x64\160A000.055\SRTSP64.SYS
product: AutoProtect
company: Symantec Corporation
description: Symantec AutoProtect
Bug check description: This indicates that an exception happened while executing a routine that transitions from non-privileged code to privileged code.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: srtsp64.sys (Symantec AutoProtect, Symantec Corporation).
Google query: Symantec Corporation SYSTEM_SERVICE_EXCEPTION



On Sun 8/13/2017 4:10:53 PM your computer crashed
crash dump file: C:\WINDOWS\memory.dmp
This was probably caused by the following module: srtsp64.sys (SRTSP64+0x33F2)
Bugcheck code: 0x3B (0xC0000005, 0xFFFFF8013D7833F2, 0xFFFF9481F5C48650, 0x0)
Error: SYSTEM_SERVICE_EXCEPTION
file path: C:\WINDOWS\System32\Drivers\N360x64\160A000.055\SRTSP64.SYS
product: AutoProtect
company: Symantec Corporation
description: Symantec AutoProtect
Bug check description: This indicates that an exception happened while executing a routine that transitions from non-privileged code to privileged code.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: srtsp64.sys (Symantec AutoProtect, Symantec Corporation).
Google query: Symantec Corporation SYSTEM_SERVICE_EXCEPTION



On Tue 8/8/2017 12:26:11 AM your computer crashed
crash dump file: C:\WINDOWS\Minidump\080817-33562-01.dmp
This was probably caused by the following module: srtsp64.sys (SRTSP64+0x33F2)
Bugcheck code: 0x3B (0xC0000005, 0xFFFFF802378033F2, 0xFFFFC50151CB7650, 0x0)
Error: SYSTEM_SERVICE_EXCEPTION
file path: C:\WINDOWS\System32\Drivers\N360x64\160A000.055\SRTSP64.SYS
product: AutoProtect
company: Symantec Corporation
description: Symantec AutoProtect
Bug check description: This indicates that an exception happened while executing a routine that transitions from non-privileged code to privileged code.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: srtsp64.sys (Symantec AutoProtect, Symantec Corporation).
Google query: Symantec Corporation SYSTEM_SERVICE_EXCEPTION






Conclusion

3 crash dumps have been found and analyzed. A third party driver has been identified to be causing system crashes on your computer. It is strongly suggested that you check for updates for these drivers on their company websites. Click on the links below to search with Google for updates for these drivers:

srtsp64.sys (Symantec AutoProtect, Symantec Corporation)

If no updates for these drivers are available, try searching with Google on the names of these drivers in combination with the errors that have been reported for these drivers. Include the brand and model name of your computer as well in the query. This often yields interesting results from discussions on the web by users who have been experiencing similar problems.


Read the topic general suggestions for troubleshooting system crashes for more information.

Note that it's not always possible to state with certainty whether a reported driver is responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.



________________

This was copied by highlighting text in the report, copying and pasting. I saw no easy way to get a copy of the report.

Susan


  • 0

#25
sccm&49HELP

sccm&49HELP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts

Trying to post some text but it is too large and hopeless. I ran autofix in C.N. which found nothing wrong. I looked for information on supposed driver which cashed the crash and ended up with some confusing thread on Norton Community forums about TrueCrypt and Norton(I use Western Digital back up). Most reliable information about latest version of C. N. that I trust has come from the expert on Comcast's forums who composed the FAQs. I have followed his lead on how to contact him (USAF_E-8-RET) and await his reply. You are the expert I will follow on what to do next.

 

I have run a scan of Norton Power Eraser with no intention of removing anything until you say so. Link to report:https://www.dropbox....202952.txt?dl=0

I sent the files it tagged to Symantec including the one of your tools it flagged. I intend to exit NPE with no removals.I intend to run C.N.

Susan


  • 0

Advertisements


#26
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,594 posts
Hi Susan

The Norton AV will flag up the security tools - this is a false positive and nothing to worry about.

Please do not run the Eraser power utility to remove any items. I will remove my tools when I'm finished. :)

Who crashed has identified the Norton driver srtsp64.sys as the likely cause of your crashes. The general advice to see if this resolves your issue is to remove all Norton products, run the Norton removal tool, reboot, run the removal tool again and reboot again. Then reinstall Norton.

If you want to try this mkae sure you have everything backed up first and you have your Norton account details handy.

Step1 - Download Norton Removal Tool from here and save to desktop. Do not run it yet.

Step2 - Remove Norton programs

Norton Security Suite

right-click the Start button and click Control Panel. Go to Programs and Features (if your Control Panel is in Category view, go to Uninstall a Program).
Find the program you want to uninstall, click it to select it, and then click Uninstall.

Step3 - Run Norton Removal Tool - right click and Run As Administrator. Follow the on screen instructions and reboot the machine.

Step4 - Run Norton Removal Tool for a second time. Reboot.

Step5 - Reinstall your Comcast Norton Security product.

Let me know if this goes successfully.

Also run the following report
  • Download SecurityCheck by glax24 here and save utility on your Desktop
  • Double-click it (For Windows XP users) or right-click and choose Run As Administrator (For Windows Vista/7 users)
  • Do not block the utility by your Firewall warnings (if any).
  • Wait for the end of scan.
  • Log SecurityCheck.txt will open in the Notepad;
  • In case you close the Notepad you can find a log in the system root folder named SecurityCheck, for example C:\SecurityCheck\SecurityCheck.txt
  • Copy its contents to your next post.

  • 0

#27
sccm&49HELP

sccm&49HELP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts

I have been researching the Norton driver and wanting an easy way to do it, I downloaded driver view. I saved some information from that run:Driver Name       : SRTSP64.SYS
Address           : 00000000`AB710000
End Address       : 00000000`AB7DB000
Size              : 0x000cb000
Load Count        : 1
Index             : 67
File Type         : Driver
Description       : Symantec AutoProtect
Version           : 15.3.0.74
Company           : Symantec Corporation
Product Name      : AutoProtect
Modified Date     : 7/14/2017 5:12:44 PM
Created Date      : 7/24/2017 1:50:31 AM
Filename          : C:\WINDOWS\System32\Drivers\N360x64\160A000.055\SRTSP64.SYS
File Attributes   : A
Service Name      : SRTSP
Service Display Name: Symantec Real Time Storage Protection x64
Digital Signature :
==================================================

==================================================
Driver Name       : SRTSPX64.SYS
Address           : 00000000`AB7E0000
End Address       : 00000000`AB7F6000
Size              : 0x00016000
Load Count        : 1
Index             : 68
File Type         : Driver
Description       : Symantec AutoProtect
Version           : 15.3.0.74
Company           : Symantec Corporation
Product Name      : AutoProtect
Modified Date     : 7/14/2017 5:12:44 PM
Created Date      : 7/24/2017 1:50:31 AM
Filename          : C:\WINDOWS\system32\drivers\N360x64\160A000.055\SRTSPX64.SYS
File Attributes   : A
Service Name      : SRTSPX
Service Display Name: Symantec Real Time Storage Protection (PEL) x64
Digital Signature :
==================================================

I am still running a new complete run of C.N. which started out fast ---upto 2 million files in minutes. It seems to be taking forever to get past something to do with Mozilla Firefox Profiles on E: the back up external drive.

 

I have read your instructions and looked at your links.

  • Your link to the removal tool for Norton seems to be good for every OS except Windows 10, which is what I have. What do I do about that? 
  • Comcast Norton uses a pin instead of product key and I had to hunt for where to find it in Windows 10.
  • Comcast users get their copies of C. N. from Comcast. I am tempted to follow the FAQs for this procedure from Comcast help forum. Link to this is:http://forums.xfinit...Q-s/td-p/870723
  • Information about Windows 10 and C. N. found at :http://forums.xfinit...SS/td-p/2577407
  • The links are to posts by the comcast C.N. expert USAF_E-8_RET
  • The last thing you want downloaded also does not seem to be compatible with Windows 10

Would you please answer my questions before I get myself in a mess? It is 6:30 AM here and I've been up all night. Will stop before I get too confused to function.

Until later,

 

Susan


  • 0

#28
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,594 posts
Hi Susan

I would recommend the uninstalling and reinstalling method rather than replacing the driver. If you are more comfortable following the instructions from the comcast site that's fine. :)

The Norton Removal Tool will work for windows 10.

Here is a different security check program which should work with windows 10.

Please download Security Analysis by Rocket Grannie from here
  • Save it to your Desktop.
  • Close your security software to avoid potential conflicts.
  • Double click RGSA.exe
  • Click OK on the copyright-disclaimer
  • It will produce a log named SALog.txt on the Desktop or in the same folder from where the tool is run if installed elsewhere.
  • Please copy and paste the contents of that log in this topic.

    Note: Windows 10 may give a warning message. If so it is ok to proceed.

  • 0

#29
sccm&49HELP

sccm&49HELP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts

Comcast Norton finally completed a complete scan of the system. It was started Saturday and ran thru today.  It zoomed thru scanning C: but got stuck on E: (back up external drive). Files related to Mozilla profiles took forever to scan. A picture saves 1,000 words so :https://www.dropbox....Norton.jpg?dl=0

More of the same stuff was quarantined AGAIN so wondering if the incomplete runs of "full runs of C. N." really quarantined the files.. Again pictures save words so see (please! :) ):https://www.dropbox....ummary.jpg?dl=0

 

Log of complete run follows. Note that C. N. has not be reinstalled yet due to wanting to see what happened when a complete system run was allowed to finish.

 

Scan Information:
  Virus Defs Version: 2017.08.19.002
  Virus Defs Seq ID: 186938

Scan Statistics:
  Scan Start:
   Local: 8/19/2017 9:20 PM
   UTC: 8/20/2017 1:20 AM
  Scan Time: 450,430 seconds
  Scan Targets: Entire computer
  Counts:
   Total items scanned: 4,507,178
   - Files & Directories: 4,503,221
   - Registry Entries: 777
   - Processes & Start-up Items: 2,568
   - Network & Browser Items: 608
   - Other: 4
   - Trusted Files: 24,999
   - Skipped Files: 32,716

   Total security risks detected: 8
   Total items resolved: 8
   Total items that require attention: 0

Resolved Threats:
JS.Downloader
 Type: Compressed
 Risk: High (High Stealth, High Removal, High Performance, High Privacy)
 Categories: Virus
 Status: Fully Resolved
 -----------
 1 Infected File
[fedex_id_00000493803.doc.js] inside of [fedex_id_00000493803.zip] inside of [elva, courier was unable to deliver the parcel, id00000493803.eml] inside of [unknown000df820.data] inside of [e:\wd backup.swstor\sucat\otbkmdlizgiwzmjkndazzm\history\volume{1b116ffd-3b92-4bb8-91cc-0059563e94cd}\users\sucat\appdata\roaming\thunderbird\profiles\c0mdjjzc.default\mail\local folders\mom58c088d8] - Deleted


JS.Downloader
 Type: Compressed
 Risk: High (High Stealth, High Removal, High Performance, High Privacy)
 Categories: Virus
 Status: Fully Resolved
 -----------
 1 Infected File
[fedex_id_00000493803.doc.js] inside of [fedex_id_00000493803.zip] inside of [unknown000df820.data] inside of [e:\wd backup.swstor\sucat\otbkmdlizgiwzmjkndazzm\history\volume{1b116ffd-3b92-4bb8-91cc-0059563e94cd}\users\sucat\appdata\roaming\thunderbird\profiles\c0mdjjzc.default\mail\local folders\mom58c088d8] - Deleted


JS.Downloader
 Type: Compressed
 Risk: High (High Stealth, High Removal, High Performance, High Privacy)
 Categories: Virus
 Status: Fully Resolved
 -----------
 1 Infected File
[fedex_id_00000493803.doc.js] inside of [fedex_id_00000493803.zip] inside of [elva, courier was unable to deliver the parcel, id00000493803.eml] inside of [unknown000df820.data] inside of [e:\wd backup.swstor\sucat\otbkmdlizgiwzmjkndazzm\history\volume{1b116ffd-3b92-4bb8-91cc-0059563e94cd}\users\sucat\appdata\roaming\thunderbird\profiles\c0mdjjzc.default\mail\local folders\mom59212057] - Deleted


JS.Downloader
 Type: Compressed
 Risk: High (High Stealth, High Removal, High Performance, High Privacy)
 Categories: Virus
 Status: Fully Resolved
 -----------
 1 Infected File
[fedex_id_00000493803.doc.js] inside of [fedex_id_00000493803.zip] inside of [unknown000df820.data] inside of [e:\wd backup.swstor\sucat\otbkmdlizgiwzmjkndazzm\history\volume{1b116ffd-3b92-4bb8-91cc-0059563e94cd}\users\sucat\appdata\roaming\thunderbird\profiles\c0mdjjzc.default\mail\local folders\mom59212057] - Deleted


JS.Downloader
 Type: Compressed
 Risk: High (High Stealth, High Removal, High Performance, High Privacy)
 Categories: Virus
 Status: Fully Resolved
 -----------
 1 Infected File
[fedex_id_00000493803.doc.js] inside of [fedex_id_00000493803.zip] inside of [elva, courier was unable to deliver the parcel, id00000493803.eml] inside of [unknown000df820.data] inside of [e:\wd backup.swstor\sucat\otbkmdlizgiwzmjkndazzm\volume{1b116ffd-3b92-4bb8-91cc-0059563e94cd}\users\sucat\appdata\roaming\thunderbird\profiles\c0mdjjzc.default\mail\local folders\mom] - Deleted


JS.Downloader
 Type: Compressed
 Risk: High (High Stealth, High Removal, High Performance, High Privacy)
 Categories: Virus
 Status: Fully Resolved
 -----------
 1 Infected File
[fedex_id_00000493803.doc.js] inside of [fedex_id_00000493803.zip] inside of [unknown000df820.data] inside of [e:\wd backup.swstor\sucat\otbkmdlizgiwzmjkndazzm\volume{1b116ffd-3b92-4bb8-91cc-0059563e94cd}\users\sucat\appdata\roaming\thunderbird\profiles\c0mdjjzc.default\mail\local folders\mom] - Deleted


JS.Downloader
 Type: Compressed
 Risk: High (High Stealth, High Removal, High Performance, High Privacy)
 Categories: Virus
 Status: Fully Resolved
 -----------
 1 Infected File
[fedex_id_00000493803.doc.js] inside of [fedex_id_00000493803.zip] inside of [elva, courier was unable to deliver the parcel, id00000493803.eml] inside of [unknown000df820.data] inside of [e:\wd backup.swstor\sucat\otbkmdlizgiwzmjkndazzm\volume{1b116ffd-3b92-4bb8-91cc-0059563e94cd}\users\sucat\desktop\from mail on  susan ii-pc\local folders\mom] - Deleted


JS.Downloader
 Type: Compressed
 Risk: High (High Stealth, High Removal, High Performance, High Privacy)
 Categories: Virus
 Status: Fully Resolved
 -----------
 1 Infected File
[fedex_id_00000493803.doc.js] inside of [fedex_id_00000493803.zip] inside of [unknown000df820.data] inside of [e:\wd backup.swstor\sucat\otbkmdlizgiwzmjkndazzm\volume{1b116ffd-3b92-4bb8-91cc-0059563e94cd}\users\sucat\desktop\from mail on  susan ii-pc\local folders\mom] - Deleted




Unresolved Threats:
No unresolved risks

 

*****************************************************************************************

Please tell me whether I need to do something with the items in quarantine before reinstalling Comcast Norton. You said you would remove your tools. Do these need to be removed before reinstallation of Comcast Norton?

 

I appreciate your patience waiting for the complete run to finish.

Susan


  • 0

#30
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,594 posts
Thanks. Can you run security check and post the log from my instructions in my last post.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP