Uninvited guests...Exploit:Win32/pdfjsc.PC and VIRtool:JS/Obfuscator.BN

[fartbubble]

Are you trying to repair two computers at once?
If everything is ok with the computer we're working on, I'd like to do some cleanup. After that we'll have to take a look at the second computer.

I do have two towers, but this one, the Dell Dimension B110 is the tower I am presently commnicating from. It is the 'Ole Faithful
in my household. The AMD tower is the tower I recently purchased, that you have assistied me with.
Let us proceed then with the task at hand. Just tell me what it is that you require. I am using a Belkin KVM switch, which both units use but are kept seperated and are not presently sharing files or functioning togeter as a network group. Please advise as to how you wish to proceed. It isn't over until it's over.

[SuperDave]

I've finished running scans on that computer. If there are no other issues, we can do some cleanup. Please let me know and we can do the cleanup.

[fartbubble]

If everything is ok with the computer we're working on, I'd like to do some cleanup. After that we'll have to take a look at the second computer.

I would be glad to have your continued support. Do you still feel that the other tower should be looked at as well? I would feel better knowing that both systems are absolutely infestation free; prior to networking the two together and sharing files. I will check back here tomorrow assuming that you would like to proceed. Thank you for your time and patience on my behalf.

[SuperDave]

Do you still feel that the other tower should be looked at as well?

If you're having problems with it, please start a new thread.
Ok. Let's do some cleanup on this one.

To uninstall ComboFix

• Click the Start button. Click Run. For Vista: type in Run in the Start search, and click on Run in the results pane.
  
• In the field, type in ComboFix /uninstall
  

(Note: Make sure there's a space between the word ComboFix and the forward-slash.)

• Then, press Enter, or click OK.
  
• This will uninstall ComboFix, delete its folders and files, hides System files and folders, and resets System Restore.
  

*******************************************
Clean out your temporary internet files and temp files.

Download TFC by OldTimer to your desktop.

Double-click TFC.exe to run it.

Note: If you are running on Vista, right-click on the file and choose Run As Administrator

TFC will close all programs when run, so make sure you have saved all your work before you begin.

* Click the Start button to begin the cleaning process.
* Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
* Please let TFC run uninterrupted until it is finished.

Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.
************************************************
Looking over your log it seems you don't have any evidence of a third party firewall.

Firewalls protect against hackers and malicious intruders. You need to download a free firewall from one of these reliable vendors.

Remember only install ONE firewall

1) Comodo Personal Firewall (Uncheck during installation "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage" and uncheck any HopSurf and/or Ask.com options if you choose this one)
2) Online Armor
3) Agnitum Outpost
4) PC Tools Firewall Plus

If you are using the built-in Windows XP firewall, it is not recommended as it does not block outgoing connections. This means that any malware on your computer is free to "phone home" for more instructions. Simply put, Windows XP contains a mediocre firewall. This firewall is NO replacement for a dedicated software solution. Remember to use only one firewall at the same time.
***********************************************
Use the Secunia Software Inspector to check for out of date software.

•Click Start Now

•Check the box next to Enable thorough system inspection.

•Click Start

•Allow the scan to finish and scroll down to see if any updates are needed.
•Update anything listed.
.
----------

Go to Microsoft Windows Update and get all critical updates.

----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
Safe Surfing!

[fartbubble]

I initiated the process that you provided for the final cleanup. The temporary internet files and temp files that were "cleaned out" were limited to only what the DISKCLEANUP in SYSTEM TOOLS offers in the menu of choice. I do not believe this fulfills the scope of your intentions for the final cleanup regarding these files/folders. I have 13 different temp folders; containing hundreds of files spread between 3 different directories that include the WINDOWS OS, and Program Files. In addition, it turns out that that they are case senitive; 6 are uppercase  and 5 are lowercase spellings of the same. Temporary internet files are relatively easy to assess, yet I have 3 of those as well in my "list" while not completely confident in which files  for sure are seperated then get the AX.  Long story short.....I am proceeding on the premise that i am not going to wipeout my system, because i didn't put all my eggs in one basket. I beleive there are file/folders that are directly relatedto some of the operations performed laft week. At any rate...I will send the info tomorrow.

Thank you,
Brent

[fartbubble]

I apologize for being away from this thread for so long. I have been swamped with summer terms workload and really have not had the time to devote to the final details.
OK. Where I am now is having run the uninstall on COMBOFIX, and did a clean-up of Temporary Internet Files (limited to what is flagged by Disk Cleanup in System Tools). I have not ran the program from old timer yet. I do HAVE A QUESTION... Should there be any folders or files left anywhere in my system that pertain to COMBOFIX? If the answer is no, then something isn't right, I sill have a directory folder in my directory tree titled COMBOFIX. This is after running the unistall as directed. I have not even ran the "problem child" after discovering this and my last post. I know I marked it as solved because I feel, Dave, that ultimately you helped me solve the problem at hand. But I could use just a little more direction on the details.  Can you assist? Or should I begin a new thread? Thanks in advance.

[SuperDave]

I have not ran the program from old timer yet. I do HAVE A QUESTION... Should there be any folders or files left anywhere in my system that pertain to COMBOFIX? If the answer is no, then something isn't right, I sill have a directory folder in my directory tree titled COMBOFIX. This is after running the unistall as directed.

After you run OTL cleanup it should be all gone.