JS:Pdfka-gen [Expl] related problems

Hi there,

I’ve recently been alerted to a trojan called JS:Pdfka-gen [Expl] by avast! from surf the channel. avast! prompted me to “Abort the connection” which I did.

Since then I’ve noticed some strange behaviour in Internet Explorer (v. eight). Whenever I enter username and password details into websites (such as Hotmail, my university webmail, university VLE, etc.) I get returned to the login page without any error message. This doesn’t happen with Chrome.

Is it possible that there’s something sniffing for my passwords?

I’ve tried removing IE which was very hard. But when I rebooted Windows started doing some sort of upgrade. And then IE had been re-installed. I tried installing a fresh copy of IE before being able to remove it. (Maybe this failed installation completed after I rebooted?)

But even with this re-installed IE I still get the same problem with logging in to password protected websites.

Any ideas what’s going on here?

It’s possible that the malicious site threw a whole host of exploits at you when you visited and one slipped through undetected.

Try one or more of the the usual free adware/spyware scanners.

Spybot Search & Destroy
SUPERAntiSpyware Free
a-Squared Free
Malwarebytes’ Anti-Malware

Download, install and update the programs.
Always select the option to quarantine any malware found rather than delete it, then you will be able to restore files or registry entries wrongly identified as malware- a rare but not unknown event for any malware scanner.

Hi reoz,

Additionally with this infection check on your third party software, especially the current java version.
Secunia PSI from here: http://secunia.com/vulnerability_scanning/personal/
empty your temp folder using ATF cleaner: http://www.atribune.org/public-beta/ATF-Cleaner.exe

polonus