It is certainly a threat – I feel safer by disabling PDF viewing capability in my browsers, and using NoScript add-on with Firefox.
How Alwil will address this, I don’t know.
I am hoping the upcoming sandboxing capabilities of Adobe reader will help hxxp://www.zdnet.com/blog/security/adobe-adding-sandbox-to-pdf-reader-to-ward-off-hacker-attacks/6886
Well you could start by blocking those two IPs in your firewall (if you have one with that capability) or blocking using the HOSTS file.
However, that doesn’t get at what is trying to download them, so what else have you used to scan your system ?
Does avast alert on these pdf files when they are downloaded ?
Personally your crazy to even open them as by the comment “Jsunpacker and a host of other sites believe that it is part of an exploit kit…” the last thing you want to do is open a crafted pdf file if it is trying to exploit weaknesses in pdf readers, etc.
What pdf reader are you using ?
I too never read .pdf files via my browser, much safer if saved to disk, scanned and then opened in a more secure pdf reader (non-adobe pdf reader, which is a huge target, given its user base). Obviously this procedure only applies to pdf files that you legitimately elected to view.
Unfortunately my pdf plug-in was playing up, so I nominated the Acrobat and it opened automatically. I think I was on google when it happened, but had just visited a site in Tehran for middle-eastern instruments.
Anyway. Now I have a txt file of the gobblygook inside it, and have erased the files. Unfortunately my scanning software and malware programs probably wont know the consequences, so no more ebay for me.
If those nasty little Latvians can hack through my handheld keygen for online banking, then they probably deserve my cash.
Now Im tempting fate. Thanks for all the advice people- [B]NoScript[B] is a real gem!