need help

[hendrix76]

i have a few problems that i need help on.

very new to all this and have come across some viruses and trojans

win32:trojan-gen [other]
vbs:malware [gen]
win32:trojan-3233 [trj]
wins32:adan-094. 078. 022. 023 [adw]
js: class loader-9. 7. 10
js:open connection-h
js: exploit:bytverify-11
win32:trojan-477 [trj]
win32:exdi
cab archive is corrupted

Please advice on any of these items to help me out.

Thank you

[Spiritsongs]

   Hi Hendrix :

      It would be helpful if we knew what other security
      program(s), other than Avast, you have on your machine.
      Would definitely recommend "Ewido" from
      www.ewido.net/en IF you have Win 2000 or XP     OR
      "A-squared" from www.emsisoft.com/en'software/free
       if you do not have either of these 2 O/S's.
       Would be a good idea to check out "Newbie and Oldie's
       list" at :
       http://members.accessbee.com/mitch/PhantomPhixer.html
 

[hendrix76]

i am so running spy bot search and destroy and adware. could i download this promgram without it getting infected with other problems?

[polonus]

Hendrik76,

Welcome to the forum. From your posting it can be concluded that you have not fully updated your software. Also you do not have the latest Sun Java version. Update the critical pathes for your OS,
if you use an alternate browser use a script blocker.
Use only one resident AV program and one resident Firewall.


polonus

[hendrix76]

how do i go about updateing my sun java version for windows xp

[hendrix76]

also i have three pop ups that i get from avast that state

user\file\web\images\sphlp32.jpg Win32:Adan-094 [Adw]
user\fill\web\images\pppcgm.jpg Win32:Adan-078 [Adw]
user\fill\web\images\idemlog.exe Win32:Trojano-3233 [Trj]

what does this mean and how can i get it to stop popping up all the time.

i am doing what it tells me to do with abort conections to it but i can not find it any were our get red of it.....

[FreewheelinFrank]

Hi hendrix76,

You have an open backdoor in your computer:

http://www.processlibrary.com/directory/files/idemlog/

Here's what you should do:

(If any of these stages don't work, do what you can, then go back and try again. If non of these steps work, we may need to manually disable the malware, but hopefully these steps should take care of it.)

Update Ad-Aware and Spybot

Download install and update Ewido anti-Trojan:

http://www.ewido.net/en/

If you don't have a good third party firewall, download one like ZA or Kerio.

Go offline.

Delete the Java cache:

http://www.java.com/en/download/help/5000020300.xml

Try a boot time scan with avast!

Right click on the scanner GUI and select 'schedule a boot time scan.'

Set the default to 'move to chest' if you have a cordless keyboard because it won't work during the scan.

In safe mode (tap F8 while booting) run scans with Ad-Aware, Spybot and Ewido.

Install a firewall if you haven't got one already.

Come back online and tell us what problems remain.

Expect to see some malware in System Restore. Cleaning this out involves disabling System Restore, but you can do this later on. Malware in System Restore is not active, and if you delete System Restore before cleaning, you have no chance of going back if something FUBAR's your system.

Good luck!

[polonus]

Hi hendrix76,

Well I see FwF dropped in here, I second this.
Read the advice here:
http://forum.avast.com/index.php?topic=18434.0

You have to put the things in the chest leave them there for a couple of weeks.
They cannot do any harm there, it is like a jail for virus and the clamps are on. So after a couple of week you can safely delete it.
The latest SunJava you can download from here:
http://www.java.com/en/download/manual.jsp

Have a nice time here and welcome to the Avast webforum,

polonus

[Spiritsongs]

   Hi Hendrix :

      BEFORE installing latest Sun Java from www.java.com,
      you MUST completely REMOVE ALL versions of this you
      have, starting with "uninstalling" by going to your
     "Add/Remove Programs" portion of your computer .