Solved

Virus Exploit:Win32/Pdfjsc.AEI

Posted on 2013-12-24
10
431 Views
Last Modified: 2013-12-24
Downloaded and scanned with MS Safety Scanner and it said that it partially removed the following exploit.  What does partially mean?  Any ideas.  Ran the quick scan and it came back clean.  Computer was running Malwarebytes Pro, that scan came back clean as well.

---------------------------------------------------------------------------------------------------------------------------
---------------------------------------------------------------------------------------

Microsoft Safety Scanner v1.0, (build 1.165.538.0)
Started On Mon Dec 23 22:05:44 2013

Extended Scan Results
----------------
->Scan ERROR: resource file://C:\pagefile.sys (code 0x00000020 (32))
->Scan ERROR: resource file://C:\pagefile.sys (code 0x0000054F (1359))
->Scan ERROR: resource file://C:\pagefile.sys (code 0x00000020 (32))
->Scan ERROR: resource file://\\SERVER\WPDATA~1 (code 0x0000054F (1359))
Threat detected: Exploit:Win32/Pdfjsc.AEI
    containerfile://C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.Outlook\MX4H1RNN\282244.pdf
        SHA1:   470C0FFA41185D920502904E9CA04BEE4EBEB032
    file://C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.Outlook\MX4H1RNN\282244.pdf->(pdf0002:)
        SigSeq: 0x00000E287E53DD1D
        SHA1:   022D7BE468A0DF363965C377E5FC58787030CCBD

Extended Scan Removal Results
----------------
Start 'remove' for file://\\?\C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.Outlook\MX4H1RNN\282244.pdf->(pdf0002:)
Operation failed (code=0x8026), please use a full antivirus product ! !

Start 'remove' for containerfile://\\?\C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.Outlook\MX4H1RNN\282244.pdf
Operation failed (code=0x8026), please use a full antivirus product ! !


Results Summary:
----------------
Found Exploit:Win32/Pdfjsc.AEI, partially removed.
Microsoft Safety Scanner Finished On Tue Dec 24 06:44:10 2013


Return code: 7 (0x7)

---------------------------------------------------------------------------------------

Microsoft Safety Scanner v1.0, (build 1.165.566.0)
Started On Tue Dec 24 06:50:55 2013
->Scan ERROR: resource file://C:\pagefile.sys (code 0x00000020 (32))
->Scan ERROR: resource file://C:\pagefile.sys (code 0x0000054F (1359))
0
Comment
Question by:mmitcni
  • 4
  • 4
  • 2
10 Comments
 
LVL 11

Assisted Solution

by:Miftaul
Miftaul earned 250 total points
ID: 39738104
Its a vulnerability in PDF, please update the adobe reader to latest version.
0
 
LVL 18

Expert Comment

by:awawada
ID: 39738164
0
 

Author Comment

by:mmitcni
ID: 39738182
Thank you.  I opened the PDF reader and went to help>check updates.  
Said that it had the latest version.
0
 
LVL 18

Expert Comment

by:awawada
ID: 39738221
Do you use Adobe Reader?
If yes which version do you have?
0
 

Author Comment

by:mmitcni
ID: 39738234
Adobe Reader 10.1.8
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 18

Accepted Solution

by:
awawada earned 250 total points
ID: 39738237
You must have 11.0.05.
Get it from http://get.adobe.com/reader

After run an update to get 11.0.05 .
0
 

Author Comment

by:mmitcni
ID: 39738258
Done.  11.0.05
0
 
LVL 18

Expert Comment

by:awawada
ID: 39738264
Now you are up-to-date :)
Happy Xmas.
0
 

Author Comment

by:mmitcni
ID: 39738294
Thanks, to you as well:)
0
 
LVL 11

Expert Comment

by:Miftaul
ID: 39738328
Please mark answers as accepted.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
I've been an avid user and supporter of Malwarebytes Premium Version 2.x for years. It's an excellent product that runs alongside just about any Anti-Virus application without issues. It seems to have an uncanny ability to pick up many things that A…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now