Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.



  • Please log in to reply
1 reply to this topic

#1 pappu32


  • Members
  • 2 posts
  • Local time:03:11 AM

Posted 14 June 2010 - 06:47 PM

I was recently infected with the AV Security Suite malware and removed it using the guide on this site. Afterwards, to make sure I was clean, I ran a few other scans. MalwareBytes came back clean, as does my Symantec antivirus and Spybot. The one scan that did not was the Microsoft Live OneCare Safety Scanner (http://onecare.live.com/site/en-us/default.htm), which returned the above issue. It was unable to remove the issue. I updated all my programs, including Adobe Reader, which this targets. Is there something more I can do to remove this Exploit? None of the other scanners detected anything so I'm not sure what to do.

Thanks a lot!!

BC AdBot (Login to Remove)


#2 quietman7


    Bleepin' Janitor

  • Global Moderator
  • 51,596 posts
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:11 AM

Posted 15 June 2010 - 07:39 AM

Exploit:Win32/Pdfjsc.DE is a detection for specially-crafted PDF files that target software vulnerabilities in Adobe Acrobat and Adobe Reader. Once the malformed PDF files are opened by vulnerable versions of Adobe Acrobat and Reader, the embedded JavaScript gets executed and loads the exploit. The exploit executes code to download and execute arbitrary files on the affected computer. These files may include additional malware.

These PDF files contain embedded, multi-level, obfuscated JavaScript that, when loaded (as when the files are opened in a vulnerable version of Adobe Acrobat or Adobe Reader) executes shellcode that exploits the vulnerability.

Files detected as Exploit:Win32/Pdfjsc.DE usually arrive in the system when the user visits a Web page that contains a malicious PDF file or opens an e-mail containing the PDF file as an attachment.

...Install the updates available from the vendor so that your software is no longer affected by these vulnerabilities. You can read more about these vulnerabilities in PDF documents, as well as where to download the software update from the following links:

* CVE-2009-1492
* Adobe Security Bulletin APSB09-06

Malware Protection Center Research Exploit:Win32/Pdfjsc.DE

In what location (full file path) on your system is OneCare still detecting the exploit?
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users