Gampass "resolved" while "remove failed"?

Norton Security | Norton Internet Security
1

Hi there,

New to this forum, so pls bear with me....

I am running a Dell desktop, windows 8 - 64 bit; I am generally cautious with what I open/visit, but may have picked up nasties from seemingly innocent Excel forums.

Since this morning, NIS (v21.5) picks up infostealer.gampass, then claims that all "threats are resolved", yet the same dialog box lists gampass as only "partially resolved"; in the NIS file insight box, it says that "this threat has been removed, no further action is needed", yet in that very same box, it lists 5 out of 6 files as "remove failed"... Upon a next scan, the same 6 files turn up, even after emptying the quarantine. Pls see NIS log at the bottom...

Malwarebytes Pro doesn't pick up anything suspicious, not even on a full scan. What's more, NIS claims that the infected file is a MWB tmp file (which I cannot see even if I set folders to 'show hidden/system files'). As said, NIS claims to remove the file, only to pick it up again on a next scan.

My questions:

  • Is gampass even there? NIS seems to detect a MWB log file or something?
  • If it is, how do I get rid of it? (nope, haven't used power-eraser yet)
  • If it isn't, how do I stop NIS from giving a false alarm.

Many thanks for your help, all ideas appreciated, Qoxob

 

 

The NIS Log info:

 

Filename: 00030684.tmp

Threat name: Infostealer.Gampass

Full Path: c:\program files (x86)\malwarebytes' anti-malware\00030684.tmp

 

Details

Very Few Users,  Very New,  Risk High

 

Startup Item

No

Launched

No

 


File Actions

File: C:\Windows\SysWOW64\dllcache\wshtcpip.dll->C:\Windows\SysWOW64\ wshtcpip.dll Remove Failed

File: C:\Windows\SysWOW64\lpk32.dll->C:\Windows\SysWOW64\ lpk.dll Remove Failed

File: C:\Windows\SysWOW64\ws3help.dll->C:\Windows\SysWOW64\ ws2help.dll Remove Failed

File: C:\Windows\SysWOW64\ws2helpXP.dll->C:\Windows\SysWOW64\ ws2help.dll Remove Failed

File: C:\Windows\SysWOW64\wimedump.dll->C:\Windows\SysWOW64\ ws2help.dll Remove Failed

Infected file: c:\program files (x86)\malwarebytes' anti-malware\ 00030684.tmp Removed

File Thumbprint - SHA:

5cb4b720ef9dbfb85840306473b025a4fb4dfa9b805d46d0a105dade3dd59880

File Thumbprint - MD5:

Not available