Krusty
Logging Assistant
In Oz
Posts: 2,330
|
Post by Krusty on Nov 10, 2013 16:06:22 GMT -8
Hello,
I need help locating Norton folders to help with HMP Alert beta.
Thanks!
Krusty
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Nov 10, 2013 16:08:20 GMT -8
Uninstall HMP - Alert for now so that the Norton GUI works.
Quads
|
|
Krusty
Logging Assistant
In Oz
Posts: 2,330
|
Post by Krusty on Nov 10, 2013 16:12:34 GMT -8
Done!
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Nov 10, 2013 16:16:02 GMT -8
Please download SystemLook from the link below and save it to your Desktop. jpshortstuff.247fixes.com/SystemLook.html the 64 bit version Disable Norton for say 30 mins or more as this took take some time with the amount of search items Start Systemlook Copy the content of the following below inside the codebox into the main textfield: (don't forget the : in front of :filefind) :filefind N360 NIS NAV Symantec Norton
:folderfind Symantec Norton
:regfind Symantec Norton NIS N360 NAV Click the Look button to start the scan. When finished, a notepad window will open with the results of the scan. Please post this log in your next reply (attach to message). Note: The log can also be found on your Desktop entitled SystemLook.txt Quads
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Nov 10, 2013 16:21:55 GMT -8
That's better Code Box fixed
Quads
|
|
Krusty
Logging Assistant
In Oz
Posts: 2,330
|
Post by Krusty on Nov 10, 2013 16:32:40 GMT -8
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Nov 10, 2013 16:43:50 GMT -8
That answers your Question for x64 systems and N360.
I will just have to pull out locations and double ups
Quads
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Nov 10, 2013 17:01:39 GMT -8
All of the registry keys appear to link to folders inside those listed
C:\Program Files\Symantec C:\Program Files (x86)\Common Files\Symantec Shared C:\Program Files (x86)\Symantec C:\Program Files (x86)\Hewlett-Packard\HP Setup\Weblayer\modules\security\symantec C:\ProgramData\Symantec C:\Users\All Users\Symantec C:\Users\[Username]\Documents\Symantec C:\Users\Public\Symantec C:\ProgramData\Norton C:\Users\All Users\Norton C:\Users\[Username]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton C:\Users\Public\Downloads\Norton C:\Users\All Users\NortonInstaller
For X64 system
The product installed is then inside the above folders For instance C:\Program Files (x86)\Symantec
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NU16StartManagerSvc]
"ImagePath"="C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe"
Quads
|
|
Krusty
Logging Assistant
In Oz
Posts: 2,330
|
Post by Krusty on Nov 10, 2013 17:08:26 GMT -8
Thank you for that, Quads.
So I delete SystemLook and the SystemLook.txt now?
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Nov 10, 2013 17:12:05 GMT -8
You can do.
Quads
|
|