Hello… Have a slight issue, or maybe not… not sure whether to freak out yet or not ;D I visited a website last night while trying to view an image through Google that took me to one of those sites that popped up with a pop up saying that my computer was infected and i should scan with [insertfake anivirushere]. I closed the box and it looked like it was doing a scan of some sort within the page so I immediately shut my browser. (I have my browser set to delete history, cache and temp files on closer). I figured I would run scans this morning before doing anything productive just to be on the safe side. I ran superantivirus first and it found the regular cookies and I removed them. Then I moved onto Avast and started a quick scan, and was curious as to what I had set my scheduled scans to so started looking around. I looked at the scan log and saw that it had been detecting JS:pdfak-ALV[expl] for sometime… but not moving it to the chest… this… I can only blame on myself as looking into the options I had not set “chest it” as the automatic action. I assumed in my air head that it did this automatically. Needless to say… It is now in my virus chest… But im not sure how worried I should be that it has been sat on my computer for a couple of months. Information as follows:-

OS: XP Home Edition
FW: Windows Firewall

Original Name: info[1].pdf
Original Location: Temporary Internet Files\content.IE5\DSG7HXCP
Last Change: 08/12/2010
Transfer Time: 11/12/2010
Virus: JS:pdfak-ALV[expl]

It also found Virus:-

Original Name: Index[1].htm. And Index[2].htm. Virus: HTML:lframe.inf (also located in temp internet files)

I very rarely use Internet explorer, Have been using FF for many years. Pretty much only use IE when using windows update. I understand that JS:pdfak-ALV[expl] is related to Acrobat and Acrobat reader, both of which I very rarely use but keep up to date when one is available. I see lots of information on other “strains” of this virus but can not find anything on this particular extension. I see some sites stating that some versions are key loggers.

I guess my question is… Should I be worried and start changing all my passwords?

Sorry bout the long read and thanks for your time.

I think you should have a firewall like outpost or ashampoo"since XP firewall only protect incoming connections or prevent incoming connection to be accurate"
You can download dr.web cure it to ensure you are free of malwares
MBAM scan will be good also

Thanks for the reply. I have MBAM and SUPERantispyware. MBAM comes up clean and I don’t believe my PC is infected right now. Was mainly worried about any effect have JS:pdfak-ALV[expl]may of had over the duration of it being on my machine, being as tho I cant seem to find any direct information on that exact file name. Being as tho it was sitting in my TEMP file I’m led to believe the file was not executed but I am not knowledgeable in this area.

Thanks for the advice on the firewall. Will take a look into those you mentioned.

The exploit target a specific program"in very specific way"so if you dont open it"and you dont since avast block it from running as i understand"no need to be panic.

I have the same problem too! I used Avast (the free edition) to do a full scan on my laptop and avast found this virus. The status of this virus is “Threat: JS:pdfka-AOR [Expl]”. I clicked on repair, but the result was "Error: the file was not repaired. (42060). Greatly appreciated if somebody can help me!!

Do an avast scan for your flash drive then choose move to chest then click apply.
If avast couldnt remove the file so check you flash drive for error by writing the following command into your command line

chkdsk flash letter: /f

AND DONT FORGET TO REPLACE FLASH DRIVE WITH THE LETTER OF YOUR FLASH DRIVE FOR EXAMPLE

chkdsk i: /f