Desperately seeking Shakespeare, no - Support:
I posted a plea before but I haven't received any feedback. I tried several options including HP support. In desperation I scrutinized my system operating files and began to gather evidence of what I thought indicated access and control from an unknown entity. I backed up what I could of my personal data and made a separate disk with "evidence" and performed a system restore to factory installation. (By the way the backup "evidence" disk shows blank.)
Right away I saw evidence that someone/something was logging onto my system and creating firewall exceptions and permissions. I've gathered some evidence since, but I'm not certain some of it isn't valid. If someone could answer some basic questions and let me know if I'm truly at risk or if these past weeks of constant vigilance and distress have just made me paranoid.
The NIS program has not found any "threat" - nor has Malwarebytes or NPE or Windows Defender which does make me seem all Shakespearian, making much ado about nothing. However . . . I think the threat came preinstalled on my system and "blue-screening" (to borrow a movie industry term - my computer access.
Ignoring for now the questions I have from reading the recovery logs and XML scripts and checking file properties and ownership and following file - service - process paths, here are the questions for my Norton community:
Q: What should the first entries in Norton history be after a Recovery?
Mine are basically as follows: Firewall enabled - then firewall rules are being updated 30, rules loaded from default, newly detected network Software Loopback Interface (2 separate IP addresses) plus adapters for Realtek and Broadcom (also 2 separate IP addresses), and Microsoft Teredo Tunneling Adapter (2 separate addresses). [If it matters, I have a Linksys modem and Netgear wireless for my home network.
Interestingly, even after I disconnect from the network I found I could still access the internet. Task Manager Networking tab lists Bluetooth disconnected, Local Area Connection 100 Mbps, Wireless Network currently disconnected even though both my modem and wireless are on - it has been Connected with 130 Mbps and it has been this path that is accessed despite showing an icon indicating it is disconnected, and a Wireless Network Connection 2 disconnected. I also notice that my graph icon showing signal status is missing at present.
This is followed by firewalls being auto-created for Microsoft SeaPort Search Enhancement Broker and Host Process for Windows Services, a change in firewall setting "AlertThreadEnable", and a note re: Intrusion Prevention Engine version: 4.9.0.5 Definitions Set version: 20110519.031.
This is either just the tip of the iceberg of my Titanic or the crushed ice of my celebratory Margarita. Please let me know if I should "be" worried or not - sparing you the obvious Shakespeare reference :) but an appropriate Elizabethan expletive would follow since I see I could have just attached my screensaves instead of posting this long explanation. Perhaps I should not attach these since it does list my IP addresses or are those commonly discovered?
Hoping - praying - begging for your feedback if not the perfect solution. Thanks!