Norton 360 instructed me to reboot the computer, so I did. The computer wouldn’t turn off, so I used the power button to turn off and restart. During the reboot, it seemed to perform some sort of (bios?) update. Upon rebooting, I ran a Norton full scan and it found a rootkit in \AppData\Local\Temp\su-data…

I selected it and clicked on resolve, but now it seems to be stuck on “Resolving threat” and is not advancing. What should I do? Please help! Note: Please do not post Personally Identifiable Information like email address, personal phone number, physical home address, product key etc.

Issue abstract:

Detailed description:

Product & version number:

OS details:

What is the error message you are seeing?

If you have any supporting screenshots, please add them:

I tried to back out of it. Now it says threat couldn’t be resolved - we need to restart your computer to resolve this threat when I click on resolve.

Hello @JdBtDd
Do you run with Windows Fast Startup enabled?

I’m thinking Norton wants a machine Restart - not a machine Shut down

Please post your progress.

So I did reboot as Norton instructed. There was some sort of update, then it rebooted. Afterwards, I ran another full scan. No threat. Tried targeted scan on the temp folder. No threat. Now I’m running a “deep scan,” which required another reboot.

Hi there. Thank you for the tips. I ran Norton Startup scan. Found nothing. Did look at history and it says the rootkit was deleted.

Downloaded and ran Malwarebytes. It found something unrelated and quarantined it.

Does that mean I’m all good or should I still contact Malwarebytes forum for help?

@JdBtDd May I recommend running RKill from BleepingComputer to have it look for malicious processes that may still be hidden and stop those processes. You can then run a second scan with MBAM to be confidently sure you are clean.

SA

Hello @JdBtDd
I’m not qualified to say “you’re all good”

Were my machine and I wanted reassurance.
I’d ask Malwarebytes Malware Removal Help Forums [here] to check my machine.