Exploit.pdf-js.gen

Does any one knows how to get rid of


Exploit.PDF-JS.Gen ?


Thanks for any suggestion


Raul <_<

Comments

  • rootkit
    rootkit ✭✭✭

    Post here a complete scan log.

  • Post here a complete scan log.


    ====================


    here it is


    =======================


    BitDefender Log File !!!!!


    Product : BitDefender Antivirus 2008


    Version : BitDefender UIScanner v.11


    Log date : 08:08:18 12/10/2008


    Log path : C:\Documents and Settings\All Users\Application Data\BitDefender\Desktop\Profiles\Logs\deep_scan\1223813298_1_02.xml


    Scan Paths:Path0000: C:\


    Path0001: E:\


    Scan Options:Scan for viruses : Yes


    Scan for adware : Yes


    Scan for spyware : Yes


    Scan for applications : Yes


    Scan for dialers : Yes


    Scan for rootkits : Yes


    Target selection options:Scan registry keys : Yes


    Scan cookies : Yes


    Scan boot sectors : Yes


    Scan memory processes : Yes


    Scan archives : Yes


    Scan runtime packers : Yes


    Scan emails : Yes


    Scan all files : Yes


    Heuristic Scan : Yes


    Scanned extensions :


    Excluded extensions :


    Target ProcessingDefault action for infected objects : Disinfect


    Default action for suspicious objects : None


    Default action for hidden objects : None


    Scan engines summaryNumber of virus signatures : 1864781


    Archive plugins : 43


    Email plugins : 6


    Scan plugins : 12


    Archive plugins : 43


    System plugins : 5


    Unpack plugins : 7


    Overall scan summaryScanned items : 767358


    Infected items : 0


    Suspicious items : 2


    Resolved items : 0


    Individual viruses found : 0


    Scanned directories : 17296


    Scanned boot sectors : 2


    Scanned archives : 60996


    Input-output errors : 138


    Scan time : 00:02:25:35


    Files per second : 87


    Scanned processes summaryScanned : 84


    Infected : 0


    Scanned registry keys summaryScanned : 1501


    Infected : 0


    Scanned cookies summaryScanned : 0


    Infected : 0


    Remaining issues:Object Name Threat Name Final Status


    C:\Program Files\MiKTeX 2.6\doc\latex\ecards\ecards-doc.cab=]eCardsman.pdf=](JAVASCRIPT) Exploit.PDF-JS.Gen Suspect (no action was possible, file was in an archive)


    C:\Program Files\MiKTeX 2.6\doc\latex\ecards\ecards-doc.cab=]eCardstst.pdf=](JAVASCRIPT) Exploit.PDF-JS.Gen Suspect (no action was possible, file was in an archive)


    Resolved issues:Object Name Threat Name Final Status


    Objects that were not scanned:Object Name Reason Final Status


    C:\Program Files\Adobe\Acrobat 7.0\Setup Files\AcroPro\ENU\data1.cab=]WebSearchENU.pdf Password-Protected No action was possible


    C:\Program Files\Exterminate It!\Undo\IconDrop.zip=]Registry.reg Password-Protected No action was possible

  • rootkit
    rootkit ✭✭✭
    edited October 2008

    Please upload the file(s) in an archive, protected with the password infected.


    Attach the archive in your next post here.


    C:\Program Files\MiKTeX 2.6\doc\latex\ecards\ecards-doc.cab


    If it's to big, upload it on www.rapidshare.com and post here the download link :)

  • Hello Manasevich,


    You should also be sure that all your third party software has the latest updates installed. In your case you should install the latest version of Adobe Acrobat Reader. You are using an out of date Adobe Acrobat Reader version that is vulnerable. You can use this site to let your pc check on vulnerabilities. If you just delete ecards-doc.cab you should get rid of it. Reboot your pc into safe mode by just rebooting your pc and keep pressing F8 before the windows splash screen choose safe mode. Log in with your account. You can also extract the .cab file just right click on it and choose extract it and only delete eCardsman.pdf.


    Kind regards,


    Niels

  • My most recent system scan also brought up this Exploit.pdf-js.gen virus. But I'm not sure what do do to get rid of it. Can anyone help? Where do I begin?


    Thanks


    David

  • 8bit
    edited November 2008

    I have Exploit.PDF-JS.Gen, too. It's in a folder C:\RECYCLER\S-1-5-21-4065321718-2634800828-222249543-1006\Dc21 . . . , etc. I tried disinfect, but got the message, "No action is possible." I considered manually deleting the offending file, but I can't get the file name to show up in "My Computer." Anyway, I did a complete reinstall of my OS only last week, so I hesitate simply to monkey around with the root directory chasing this bug.


    Q: How much damage does this thing do an XP machine if it is ignored? Will it infect a CD-ROM to which I burn only word processing files? :blink:


    8bit

  • I have Exploit.PDF-JS.Gen.Look to the attach file for more information.How can I get rid of ' Exploit.PDF-JS.Gen'?

    /applications/core/interface/file/attachment.php?id=4067" data-fileid="4067" rel="">scanare.txt

  • ionut_catalin
    edited November 2008

    Rezultate:


    C:\Documents and Settings\Ionut\Local Settings\Temporary Internet Files\Content.IE5\Q1TMF29O\1[1].pdf=>(gzip)=>(JAVASCRIPT) Suspect Exploit.PDF-JS.Gen


    C:\Documents and Settings\Ionut\Local Settings\Temporary Internet Files\Content.IE5\Q1TMF29O\1[1].pdf=>(gzip)=>(JAVASCRIPT) Dezinfectarea nu s-a putut realiza


    C:\Documents and Settings\Ionut\Local Settings\Temporary Internet Files\Content.IE5\Q1TMF29O\1[1].pdf=>(gzip)=>(JAVASCRIPT) Sters


    C:\Documents and Settings\Ionut\Local Settings\Temporary Internet Files\Content.IE5\Q1TMF29O\1[1].pdf=>(gzip) Actualizarea nu s-a putut realiza


    C:\Documents and Settings\Ionut\Local Settings\Temporary Internet Files\Content.IE5\Q1TMF29O\1[2].pdf=>(JAVASCRIPT) Suspect Exploit.PDF-JS.Gen


    C:\Documents and Settings\Ionut\Local Settings\Temporary Internet Files\Content.IE5\Q1TMF29O\1[2].pdf=>(JAVASCRIPT) Dezinfectarea nu s-a putut realiza


    C:\Documents and Settings\Ionut\Local Settings\Temporary Internet Files\Content.IE5\Q1TMF29O\1[2].pdf=>(JAVASCRIPT) Sters


    C:\Documents and Settings\Ionut\Local Settings\Temporary Internet Files\Content.IE5\Q1TMF29O\1[2].pdf Actualizarea nu s-a putut realiza

  • @ Ionut_bic



    Download ATF (Atribune Temp File) Cleaner© by Atribune to your desktop.


    http://www.atribune.org/ccount/click.php?id=1


    Double-click ATF Cleaner.exe to open it


    Under Main choose: Select all


    Then click the Empty Selected button.


    pic1atf.gif


    If you use Firefox:


    Click Firefox at the top and choose: Select All


    Click the Empty Selected button.


    NOTE: If you would like to keep your saved passwords, please click NO at the prompt.


    If you use Opera:


    Click Opera at the top and choose: Select All


    Click the Empty Selected button.


    NOTE: If you would like to keep your saved passwords, please click NO at the prompt.


    Click Exit on the Main menu to close the program.

  • I have an alert after a scan that BitDefender found Exploit.PDF-JS.Gen.C03 on my pc. I could not quarantine or delete. I am posting the log below and would appreciate if someone could help me with instruction on how to remove this. Thanks so much.


    BitDefender Log File !!!!!


    Product : BitDefender Total Security 2008


    Version : BitDefender UIScanner v.11


    Log date : 19:07:40 11/01/2009


    Log path : C:\ProgramData\BitDefender\Desktop\Profiles\Logs\full_scan\1231718860_1_02.xml


    Scan Paths:Path0000: C:\


    Path0001: D:\


    Scan Options:Scan for viruses : Yes


    Scan for adware : Yes


    Scan for spyware : Yes


    Scan for applications : Yes


    Scan for dialers : Yes


    Scan for rootkits : Yes


    Target selection options:Scan registry keys : Yes


    Scan cookies : Yes


    Scan boot sectors : Yes


    Scan memory processes : Yes


    Scan archives : Yes


    Scan runtime packers : Yes


    Scan emails : Yes


    Scan all files : Yes


    Heuristic Scan : Yes


    Scanned extensions :


    Excluded extensions :


    Target ProcessingDefault action for infected objects : Disinfect


    Default action for suspicious objects : Disinfect


    Default action for hidden objects : None


    Scan engines summaryNumber of virus signatures : 2433890


    Archive plugins : 45


    Email plugins : 6


    Scan plugins : 13


    Archive plugins : 45


    System plugins : 5


    Unpack plugins : 7


    Overall scan summaryScanned items : 190387


    Infected items : 0


    Suspicious items : 1


    Resolved items : 0


    Individual viruses found : 0


    Scanned directories : 27029


    Scanned boot sectors : 8


    Scanned archives : 2758


    Input-output errors : 57


    Scan time : 00:01:04:53


    Files per second : 48


    Scanned processes summaryScanned : 70


    Infected : 0


    Scanned registry keys summaryScanned : 1459


    Infected : 0


    Scanned cookies summaryScanned : 1


    Infected : 0


    Remaining issues:Object Name Threat Name Final Status


    C:\Users\Marie\AppData\Local\Temp\AcrBAED.tmp=](JAVASCRIPT) Exploit.PDF-JS.Gen.C03 Delete Failed (file was in an archive)


    Resolved issues:Object Name Threat Name Final Status


    Objects that were not scanned:Object Name Reason Final Status