Hi,
Windows 10 64bit Home
A Norton 360 scan gave the following information:
Filename: 00018650.tmp
Threat name: Infostealer.Gampass This tmp file was in this folder c:\programdata\norton\
On computers as of
Not Available
Last Used
11/24/2015 at 7:21:47 PM
Startup Item
No
Launched
No
Threat type: Virus. Programs that infect other programs, files, or areas of a computer by inserting themselves or attaching themselves to that medium.
Source: External Media
File Actions
File: C:\WINDOWS\SysWOW64\lpk32.dll->C:\WINDOWS\SysWOW64\ lpk.dll Remove Failed
File: C:\WINDOWS\SysWOW64\ws3help.dll->C:\WINDOWS\SysWOW64\ ws2help.dll Remove Failed
File: C:\WINDOWS\SysWOW64\ws2helpXP.dll->C:\WINDOWS\SysWOW64\ ws2help.dll Remove Failed
File: C:\WINDOWS\SysWOW64\wimedump.dll->C:\WINDOWS\SysWOW64\ ws2help.dll Remove Failed
File: C:\WINDOWS\SysWOW64\dllcache\wshtcpip.dll->C:\WINDOWS\SysWOW64\ wshtcpip.dll Remove Failed
Infected file: c:\programdata\norton\00018650.tmp Removed (The file is in quarantine)
____________________________
File Thumbprint - SHA:
Not available
File Thumbprint - MD5:
Not available
This is a new computer and I don't have any external media connected(I assume this means CD/DVD or Flash Drive)
I am not sure what the Removed Failed part means. Does it mean that it was blocked from making change? Meaning the first part is what it was trying to change to and the second part is what is actually on my computer. I looked in the SysWOW64 folder and I just found the lpk.dll and ws2help.dll. I didn't find lpk32.dll, ws3 help.dll, ws3helpXP.dll or wimedump.dll. I could not find the dllcache folder at all. It may be there but I did not see it.
Earlier in the day(11-24-15) I was on IMDB.COM and REDDIT.COM (I was on reddit.com looking for info on another security issue- Locate icon on my taskbar.
I also noticed in my firewall logs that SIHClient.exe was granted custom access to the internet. I did not allow this. Could this file have caused this problem? Any help would be appreciated. Thanks