Duis mollis, est non commodo luctus, nisi erat porttitor ligula, eget lacinia odio sem nec elit. Sed posuere consectetur est at lobortis. Vestibulum id ligula porta felis euismod semper. Donec ullamcorper nulla non metus auctor fringilla. Aenean lacinia bibendum nulla sed consectetur. Cras justo odio, dapibus ac facilisis in, egestas eget quam. Cras mattis consectetur purus sit amet fermentum. Morbi leo risus, porta ac consectetur ac, vestibulum at eros. Sed posuere consectetur est at lobortis. Etiam porta sem malesuada magna mollis euismod. Cum sociis natoque penatibus et magnis dis parturient montes, nascetur ridiculus mus. Duis mollis, est non commodo luctus, nisi erat porttitor ligula, eget lacinia odio sem nec elit. Cras justo odio, dapibus ac facilisis in, egestas eget quam. Aenean eu leo quam. Pellentesque ornare sem lacinia quam venenatis vestibulum. Curabitur blandit tempus porttitor. Sed posuere consectetur est at lobortis.
Please Click Here and submit the file for review.
cannot upload, it keep pop up
"Please complete the empty required form field: upload file "
also, when i choose to scan it, it keep pop up
"file cannot be opened"
3019,2
i thought i did post the infection log, but it seems to be deleted automatically,
so i post again. I translate some of them for easy to read
20/6/2008 19:15:41,病毒掃描程式,Infostealer.Gampass,Fixed ,檔案,N/A,N/A,200806200003,12.8.0.4,AntonyLee,CND61725F9,"來源:手動掃描程式,Threat:Virus,Action:Fixed,說明:受影響的區域: 1 額外的區域:Unknown - deleted"
20/6/2008 19:15:41,病毒掃描程式,Trojan.Drondog,已修復,檔案,N/A,N/A,200806200003,12.8.0.4,AntonyLee,CND61725F9,"來源:手動掃描程式,Threat:Virus,Action:Fixed,說明:受影響的區域: 1 額外的區域:Unknown - deleted"
20/6/2008 19:14:15,病毒掃描程式,Infostealer.Gampass,已修復,檔案,N/A,N/A,200806200003,12.8.0.4,AntonyLee,CND61725F9,"來源:手動掃描程式,Threat:Virus,Action:Fixed,說明:受影響的區域: 1 額外的區域:Unknown - deleted"
20/6/2008 19:14:15,病毒掃描程式,Trojan Horse,已修復,檔案,N/A,N/A,200806200003,12.8.0.4,AntonyLee,CND61725F9,"來源:手動掃描程式,Threat:Virus,Action:Fixed,說明:受影響的區域: 1 額外的區域:Unknown - deleted"
20/6/2008 19:12:50,自動防護,Infostealer.Gampass,自動刪除,檔案,N/A,N/A,200806200003,12.8.0.4,SYSTEM,CND61725F9,"Source:C:\WINDOWS\system32\bootvidgj.tmp, Action - deleted"
20/6/2008 19:12:41,自動防護,Trojan.Drondog,拒絕存取,檔案,N/A,N/A,200806200003,12.8.0.4,SYSTEM,CND61725F9,"Source:C:\Temp\Temporary Internet Files\Content.IE5\SFTTE83T\soft10[1].exe,Action : repair failed, Action : Denied Access"
20/6/2008 19:12:31,自動防護,Infostealer.Gampass,拒絕存取,檔案,N/A,N/A,200806200003,12.8.0.4,SYSTEM,CND61725F9,"Source:C:\Temp\Temporary Internet Files\Content.IE5\SFTTE83T\soft9[1].exe, Action: repair failed, Action: Denied Access"
20/6/2008 19:12:22,自動防護,Infostealer.Gampass,拒絕存取,檔案,N/A,N/A,200806200003,12.8.0.4,SYSTEM,CND61725F9,"Source:C:\Temp\Temporary Internet Files\Content.IE5\SFTTE83T\soft8[1].exe, Action: repair failed, Action: Denied Access"
20/6/2008 19:12:12,自動防護,Infostealer.Gampass,拒絕存取,檔案,N/A,N/A,200806200003,12.8.0.4,SYSTEM,CND61725F9,"Source:C:\Temp\Temporary Internet Files\Content.IE5\9943J5F2\soft7[1].exe, Action: repair failed, Action: Denied Access"
20/6/2008 19:12:02,自動防護,Infostealer.Gampass,拒絕存取,檔案,N/A,N/A,200806200003,12.8.0.4,SYSTEM,CND61725F9,"Source:C:\Temp\Temporary Internet Files\Content.IE5\9943J5F2\soft6[1].exe,Action: repair failed, Action: Denied Access"
20/6/2008 19:10:52,自動防護,Infostealer.Gampass,拒絕存取,檔案,N/A,N/A,200806200003,12.8.0.4,SYSTEM,CND61725F9,"source:C:\Temp\Temporary Internet Files\Content.IE5\S260ANME\soft5[1].exe,Action: repair failed, Action: Denied Access"
20/6/2008 19:10:43,自動防護,Infostealer.Gampass,拒絕存取,檔案,N/A,N/A,200806200003,12.8.0.4,SYSTEM,CND61725F9,"Source:C:\Temp\Temporary Internet Files\Content.IE5\S260ANME\soft4[1].exe,Action: repair failed, Action: Denied Access"
20/6/2008 19:10:32,自動防護,Infostealer.Gampass,自動刪除,檔案,N/A,N/A,200806200003,12.8.0.4,SYSTEM,CND61725F9,"source:C:\WINDOWS\system32\mstimewd.tmp, Action: Automatically Deleted"
20/6/2008 19:10:22,自動防護,Infostealer.Gampass,拒絕存取,檔案,N/A,N/A,200806200003,12.8.0.4,SYSTEM,CND61725F9,"Source:C:\Temp\Temporary Internet Files\Content.IE5\S260ANME\soft2[1].exe,Action: repair failed, Action: Denied Access"
20/6/2008 19:10:14,自動防護,Infostealer.Gampass,自動刪除,檔案,N/A,N/A,200806200003,12.8.0.4,SYSTEM,CND61725F9,"Source:C:\WINDOWS\system32\mtewdh.dll, Action: Automatically Deleted"
20/6/2008 19:10:05,自動防護,Trojan Horse,拒絕存取,檔案,N/A,N/A,200806200003,12.8.0.4,SYSTEM,CND61725F9,"Source:C:\Temp\Temporary Internet Files\Content.IE5\N3G5JBMH\soft0[1].exe,Action: Repair failed, Action: Denied Access
hi Antony-Lee - i stumbled across this article related to the error code sequence (3019,2). i think the protocol here is to ensure that you have the latest virus signatures (which i think you mentioned previously), reboot in safe mode and do a full scan.
mel
actually, i think the problem is fixed,
I have try to stop the Symantec Core LC service, and i can read the informations description and scan it already.
What happen is some pop-up exe have actually run, shown up in task manager, while my norton is turn-on, which shock me,
and the norton files seems to have been modified, fear that norton have actually being compromised already.
and for myself, for this situation, i actually wanna to see norton can provide a file verifier in web site which can be download to check the integrity of norton.
and actually, to your suggestion, I have some different opinion, i have encounter many friends reboot before cleaning though, and left the antivirus program being compromise, and that's why i have hold the reboot
worse situation is that the virus can have chance to loaded before norton defense is up during reboot. so to my point, i always hold until i felt really safe before rebooting.
and it is all because i am purchase online and forgot to made a bootable antivirus CD w/ virus definition updated.
Today, I saw a .tmp file in my task manager, usuaally there should be .exe and .dll,
is that something new in window or actually my computer was infected ?
[edit: Moved post into posters existing thread as it most likely relates to the original issue.]
It might be an infection, but .tmp files will appear from time-to-time in the task manager, depending on the programs you have installed. What is the filename that is running? Are you running any other programs at the time?