Exploit.pdf-js.gen

dariusp

BD 2009 Deep Scan informs me that it detected: "C:\Users\Administrator.Darius-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DR0KWDS8\Who_next[1].pdf=](JAVASCRIPT) Exploit.PDF-JS.Gen Delete Failed (file was in an archive)"

Trouble is that there isn't "Temporary Internet Files" folder in C:\Users\Administrator.Darius-PC\AppData\Local\Microsoft\Windows\

Yes, "Show hidden files and folders" option was on and I am using Vista.

BTW searching system for "Who_next[1].pdf=](JAVASCRIPT)" or "DR0KWDS8" also leads nowhere....

Any ideas?

Alex Stanciu

Hello dariusp,

Please try to remove these files using a special tool called GMER. Here is what you have to do :

1. Disable the BitDefender real-time protection and/or any other active security solution(s) that you are using;

2. Save the GMER tool (and then extract it if needed) to a location of your choice:

RECOMMENDED: http://www.gmer.net/download.php

alternative: http://www.bitdefender.com/files/KnowledgeBase/file/gmr.zip

3. Make sure you close all active applications and then run the tool;

4. Allow the tool a few moments to load up and perform the initial scan;

5. In the upper left of the GMER window, you will see the tab "Rootkit/Malware" and ">>>"; Please click on ">>>"; Next click on the tab "Files";

6. Use the tree list on the left to browse and the list on the right to locate the infected file(s);

7. Once you located the file select it with one click (in the list on the right), then press the button "Delete"; A new window will open asking you to confirm (choose "Yes");

8. Close the tool once this operation is completed;

9. Reboot the computer.

In order to check whether the virus removal procedure has succeeded, we recommend another complete scan of your computer with BitDefender.

Thank you .

dariusp

I have done what you have advised Alex but GMER didn't detect anything suspicious. Strange, since it's the second time that BD gave me warning about Exploit.PDF-JS.Gen in non existing folder....

Alex Stanciu

Hello dariusp,

We would like to have a look on the Deep System Scan report . In order to retrieve us please follow the next steps :

1. Open BitDefender, click on the Switch to Advanced View button, then select the Antivirus module.

2. Click on the Virus Scan tab, right click on the Deep System Scan task and choose "View Logs" .

3. Here look after the latest scan, select it then click on "Show" .

4. In the upper left side, click on File, choose Save As then proceed and save the report on your desktop.

5. Upload it on http://www.sendspace.com/ then post here the download link.

Thank you .

dariusp

There you are Alex: http://www.sendspace.com/file/srv7lk

Alex Stanciu

Hello dariusp,

We have analyzed the data you have sent us which shows that no threats are now present on your computer.

In order to be sure that there are no traces left of this malware on your system, please follow the instructions from the next article and post here the download links for the Avis and the Gmer logs for further analysis .

Thank you .

dariusp

Hi Alex

I have GMER downladed and ready to go but AVIS link doesn't work for me (Internet Explorer cannot display the webpage). Do you have an alternative link?

Alex Stanciu

Hello dariusp,

I have uploaded the Avis tool here:http://www.sendspace.com/file/gt54p3 . Let us know if we can help you with anything else .

Thank you .