This forum thread needs a solution.
Kudos0

Norton Power Eraser Question

Posted: 06-Jul-2018 | 12:14AM · Edited: 06-Jul-2018 | 5:00AM · 7 Replies ·

So the other day I was on a local news website and without clicking on an ad one of their ads tried redirecting me to a malicious website but I don't think it was able to load the page because I didn't see anything on the website, chrome gave me a message asking if I wanted to reload the page which i didn't I closed the browser, I'm not sure if Norton or chrome maybe blocked the website or what happen.

I then scanned my pc with Norton (online and offline) malwarebytes (online and offline) Microsoft malicious software removal tool (online and offline) All 3 programs came back clean so I tried the same in safe mode and still all 3 came back clean. Thats when I decided to run Norton power eraser just to make sure and it came back clean but then when I ran it again now its showing something in registry and I'm not sure if this is a false positive or something that is bad like it says so if anyone could give me any advice that would be great.

I haven't noticed anything weird with my pc like slowdowns/freezing/errors/high cpu or data usage, everything seems normal and my browser settings are fine same with all my other settings.

Labels: Norton Power Eraser [NPE]

Replies

Kudos0

Re: Norton Power Eraser Question

Posted: 06-Jul-2018 | 12:21AM · Permalink

Since my pictures are still in moderation here is what NPE is saying is bad and offers to repair it.

____________________________
Registry Key: HKEY_USERS\S-1-5-21-2495352770-3182042516-1834595302-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\"1803"
 

Kudos2 Stats

Re: Norton Power Eraser Question

Posted: 06-Jul-2018 | 8:59AM · Edited: 06-Jul-2018 | 9:10AM · Permalink

Hi Ghost_Dragon71:

The NPE is a very aggressive scanner that was designed to be used as a rescue tool in emergency situations when your operating system becomes unstable or you believe you have deeply embedded malware that cannot be detected by a standard antivirus / anti-malware scan.  The NPE is prone to false positive detections and can sometimes remove important system files and registry entries (see Larry_A's thread Ran NPE and Now Computer Won't Boot to Windows for one example), and users in this forum generally advise against using this tool for routine scanning.  From the main Norton Power Eraser Tutorials page:

"Norton Power Eraser uses aggressive methods to detect threats, and there is a risk that it can select some legitimate programs for removal. You should carefully review the scan results page before removing files."

If your Norton Full System Scan and Malwarebytes Free v3.x Threat Scan both came back clean and you haven't noticed any further problems like pop-up ads or browser redirects then it's unlikely your system was infected. I've posted hints in BevStra's thread MyWay Search for scanning with Malwarebytes (including instructions on how to disable the 14-day trial of the Premium real-time protection features and use Malwarebytes as a free on-demand scanner) and if you are still concerned that you have hidden malware that wasn't detected by a standard Threat Scan you can move on to a Custom (full system) scan of your hard drive and see if it detects anything.
----------
32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security v22.14.2.13 * MB v3.5.1

Kudos2 Stats

Re: Norton Power Eraser Question

Posted: 06-Jul-2018 | 10:01AM · Permalink

So the other day I was on a local news website and without clicking on an ad one of their ads tried redirecting me to a malicious website but I don't think it was able to load the page because I didn't see anything on the website,

These kinds of redirects are usually malicious ads on a site you are visiting. They use JavaScript to create the redirect to some malicious site, or maybe just to some ad site. You do not have to click on anything, just the page loading the ad triggers the redirect.

With this kind of behavior, there is nothing actually downloaded onto your computer and as you close the browser, the code is gone from the computer memory. 

You can help protect from these redirects by disabling JavaScript in your browsers, or installing an ad blocker extension in the browser.

Kudos0

Re: Norton Power Eraser Question

Posted: 06-Jul-2018 | 12:35PM · Edited: 06-Jul-2018 | 12:48PM · Permalink

I did run a threat scan and custom scan with malwarebytes in windows mode and safe mode same with a full scan with norton and it came back clean. I haven't noticed anything weird with my system so I guess nothing was downloaded onto my pc and im safe. When i went to norton safeweb and entered the website i was being redirected to i see norton has it flagged for a phishing site. I downloaded the adblock plus for chrome so hopefully i never have to worry about this again, i tried disabling javascript but some websites didn't want to work right.
Kudos0

Re: Norton Power Eraser Question

Posted: 06-Jul-2018 | 1:40PM · Permalink

You could also check your Norton History, choosing the Resolved Risks from the drop down menu. That might tell you if Norton intercepted something from that site.

Kudos0

Re: Norton Power Eraser Question

Posted: 08-Jul-2018 | 4:38PM · Edited: 08-Jul-2018 | 4:42PM · Permalink

Ghost_Dragon71:
...I downloaded the adblock plus for chrome so hopefully i never have to worry about this again, i tried disabling javascript but some websites didn't want to work right.

Hi Ghost_Dragon71:

I use Adblock Plus as well, but there are other browser extensions like Ghostery (all major browsers), NoScript for Firefox and SafeScript for Chrome that allow you to selectively enable JavaScript on sites you trust - see SendOfJive's comments <here> about NoScript as well as as the MakeTechEasier article How to Block Intrusive Javascript on Chrome and Firefox.

If you don't want to use a browser extension to manage JavaScript in Chrome, the Lifewire article How to Disable JavaScript in Google Chrome has a section called Manage JavaScript Blocking Only on Specific Pages that describes how to selectively "whitelist" sites you trust and allow those trusted sites to run JavaScript after you've configured Chrome to block JavaScript.
----------
32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security v22.14.2.13 * MB v3.5.1

Kudos0

Re: Norton Power Eraser Question

Posted: 08-Jul-2018 | 4:53PM · Edited: 08-Jul-2018 | 5:19PM · Permalink

adding: or, run uBlock Origin medium mode > 1st-party scripts n' frames allowed and 3rd-party scripts n' frames blocked by default.   
FWIW ~ my uBlock Origin runs four AdGuard static filters with uBlock Origin medium mode dynamic filtering.

https://github.com/gorhill/uBlock/wiki/Blocking-mode:-medium-mode

https://www.wilderssecurity.com/threads/ublock-a-lean-and-fast-blocker.365273/

This thread is closed from further comment. Please visit the forum to start a new thread.