Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

microsft secrty essent finds exploit win32/Pdfjsc.Q but cant remove


  • Please log in to reply
3 replies to this topic

#1 gaveupontv

gaveupontv

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:19 AM

Posted 01 June 2015 - 04:33 AM

Hi,
I've found (or microsoft security essentials) "exploit:Win32/Pdfjsc.Q", but everytime I click 'remove', the software takes 20-30 minutes, and one the one hand tells me it achieves sucess, but notes something about space at bottom. I've got 2 hard drives, my E: has all kinds of room (I'm using less than 10%) but my C: drive only has a little less than 5 gigs of about 475 gigs. I've run the program twice, back to back, (it's running the second time now)
Does anybody have some pointers?
Thanks a lot!!


From what I've read it's a worm and has to do with pdf files. I've got Adobe reader 11, so it a pretty new version of Reader.

Edited by Budapest, 01 June 2015 - 05:17 AM.
Moved from Win7 ~Budapest


BC AdBot (Login to Remove)

 


m

#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:19 PM

Posted 01 June 2015 - 07:33 AM

Hello -

From what I have read, a simple scan with Malwarebytes Anti-Malware and a few other simple scans are not enough to fully remove this, regardless of what is written.

Do not download Spyhunter or other similar programs as listed on the internet, but wait for the Experts to guide you.

 

Please follow the instructions in the Malware Removal and Log Section Preparation Guide .

  • If you cannot complete a step, then skip it and continue with the next.
  • In Step 6 there are instructions for downloading and running "FRST" which will create two logs.

When you have done that, Post your logs (as directed) in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team.

Start a new topic, give it a relevant title and post your log(s) along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. If you cannot produce any of the required logs , then still start the new topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happened when you tried to create them.
A member of the Malware Removal Team will walk you through, step by step, on how to clean your computer.

After doing this, please reply back in this thread with a link to the new topic so we can close this one, to prevent others answering incorrectly.

 

Thank You -



#3 gaveupontv

gaveupontv
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:19 AM

Posted 01 June 2015 - 01:19 PM

Thank you! I will do as you say, and then report back. Just curious though, will backing up also include the malware?

I know that you are very busy, so this isn't worth a reply, I'll maybe ask it later.



#4 gaveupontv

gaveupontv
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:19 AM

Posted 01 June 2015 - 01:30 PM

Also, I've been disconnecting after downloading anti virus (in general, but I'm not perfect in this regard). A special concern of mine is that I have some btc on my computer. In your opinion, is it safe to encrypt or move addresses of btc right now (with this malware present) or should I not concentrate on anything else? I understand that this exploit is a way to introduce other malware, and I've been running scans (Malwarebytes removed several PUP's a couple of days ago) perhaps (hopefully?) there isn't the actual malware there to do keylogging or remove/alter/copy data?

As I mentioned this isn't worth replying right now, I will go ahead and do the btc changes and make sure I save the wallat.dat in a place not accessable to malware (usb drives)

I'll go ahead and start the backups-I have plenty of room on another drive on this computer (2 hard drives).

Thank you to you and bleeping computer-it's amazing that people/organizations donate their time to help people with computer problems.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users