some 1 please help :'(, i download a file i thought it was legit, but it was a virus. avast caught halve of it, it called major defense kit. it was faking Microsoft warning and said there was a trojan and none of the other anti virus found it except major defense kit and some other antivirus. it restart my computer, and tries to lock down all my defense against it and pretend to be an anti virus, i cant start up internet explore, firefox (that all my browser), any system restore files, help files and system manager. but i got lucky and it didnt find my process explorer and i manage to shut it down. i check my avast and check online, it appear that avast caught halve the file, but now everytime i start up my computer, it there. all the online solution isnt clear, i cant find the files they mentions
http://www.removevirus.org/major-defense-kit
Here be a removal guide for the nasty>>http://www.bleepingcomputer.com/virus-removal/remove-major-defense-kit
That first site you found could give you more trouble than it is worth. Use the one I gave instead.
Report 2010-06-29 00:14:04 (GMT 1)
Website removevirus.org
Domain Hash a0631930cfe25e4514303e907141a1af
IP Address 70.85.81.137 [SCAN]
IP Hostname 89.51.5546.static.theplanet.com
IP Country US (United States)
AS Number 21844
AS Name THEPLANET-AS - ThePlanet.com Internet Service…
Detections 3 / 19 (16 %)
Status DANGEROUS
Scanning site with: AMaDa CLEAN
Scanning site with: BrowserDefender CLEAN
Scanning site with: Finjan DETECTED
Scanning site with: Google Diagnostic CLEAN
Scanning site with: hpHosts DETECTED
Scanning site with: Malware Patrol CLEAN
Scanning site with: MalwareDomainList CLEAN
Scanning site with: McAfee SiteAdvisor CLEAN
Scanning site with: McAfee TrustedSource CLEAN
Scanning site with: MyWOT SUSPICIOUS
Scanning site with: Norton SafeWeb CLEAN
Scanning site with: ParetoLogic URL Clearing House CLEAN
Scanning site with: PhishTank CLEAN
Scanning site with: SURBL CLEAN
Scanning site with: Threat Log CLEAN
Scanning site with: TrendMicro Web Reputation CLEAN
Scanning site with: URIBL CLEAN
Scanning site with: Web Security Guard UNRATED
Scanning site with: ZeuS Tracker CLEAN
i am currently scanning with avast and malware.
but this are the file that avast caught before the virus started
bvxlyv.exe-win32 ertor [trj]
bvxlyv.exe-win32 ertor [trj]
dlcfig.exe-win32 malware-gen
dlcfig.exe-win32 malware-gen
download.rar-win32 malware-gen<—file i was downloading
hytniqkszx[1].htm-win32 ertor [trj]
hytniqkszx[1].htm-win32 ertor [trj]
qdlsn[1].htm-win32 malob-cb [cryp]
qdlsn[1].htm-win32 malob-cb [cryp]
syvfxa.exe-win32 malob-cb [cryp]
syvfxa.exe-win32 malob-cb [cryp]
vvqkfy[1].htm-win32 malware-gen<-i dontknow whether this is a W or v x2, it look like v x2
vvqkfy[1].htm-win32 malware-gen
p.s, i scan the file before i use it and it was fine ??? and i dont know why there are duplication of some files
edit: this is what i get from running r kill
This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Ran as Kurato on 24-Sep-10 at 6:27:46.
Services Stopped:
Processes terminated by Rkill or while it was running:
Rkill completed on 24-Sep-10 at 6:27:52.
Just follow the guide, letter-to-letter, front-to-back, in order.
Skipping any of the steps can lead to having to start over again, or failure to completely remove.
i removed it, thanks you very much. but there was a problem, but it was fix. i couldnt connect to the internet, but luckily i left system restore on. and it was fix through there, was this suppose to happen? and again, thanks (futher replies will be delay, must get some sleep now, 7 am now