Hi Everyone,

My PC is infected with a Trojan Exploit.JS.Pdfka. and unfortunately Avast is unable to detect it.
I am though very much happy with the Avast Performance.My sincere thanks to each and everyone who is behind this product.

The problem is whenever i click the text “+++++++++++++++++++++++” appears on its own.The same happens when i press any of the key like “w”,“q” ,“a”,“t”.

I would be delighted if you can get me through this…

Regards,
Prashant Sharma
Intellectuals solve problems, geniuses prevent them. – Albert Einstein

Hello prashanth,

get malwarebytes antimalware(mbam) from here

update it.

do a quick scan, remove any infections found. reboot if asked to reboot.

then do a full scan. remove all found items, reboot if needed.

post both the logs here.(use additional options while posting and upload the file)

edit: how did you find out that you are infected?.
also, this is a forum open to public(anyone can see it). please remove your email id in the previous post by clicking modify.

you can try avast boot time scan(update to the latest definitions)

Hello nmb,

Thanks for the quick reply.
I have tried the following but none is working

1. Malware antibytes
2. Sophos Anti Virus
3. Super anti Spyware
4. Avira
5. Spyware Doctor
6. Combo Fix
7. Kaspersky
8. Pareto Anti Spyware
9. Bit Defender

But none has hepled me…

I do not know what is the reason but none of them are able to detect it…

Once again I would be delighted if you can get me through this…

Regards,
Prashant Sharma

Intellectuals solve problems, geniuses prevent them. – Albert Einstein

could you explain this a bit:(you say click it, where do you click it?. you say it appears on its own, where does it appear?.)

The problem is whenever i click the text "+++++++++++++++++++++++" appears on its own.The same happens when i press any of the key like "w","q" ,"a","t".

you need to answer the queries.

how did you find out that you are infected?. (was it an online scanner).
where was the file found (drive:\folder name\file-name.xxx).
is your avast database updated?.
you say that the file was detected, what did you do when it was detected? (deleted?- and so your system may be clean)

if you still have the file quarantined some where then you can consider uploading to virustotal.com and posting the link to the site here.

Hello nmb,

Question No:1
could you explain this a bit:(you say click it, where do you click it?. you say it appears on its own, where does it appear?.)

Answer No:1
By Clicking if i do a mouse click on any window say Notepad then the text “++++++++++++++++” appears of its own.The same happens in MS word etc.

Question No:2
how did you find out that you are infected?.

Answer No:2
avast event log entry.
9/5/2009 1:18:38 PM SYSTEM 1300 Sign of “JS:Pdfka-KB [Trj]” has been found in “http://da.mwtrust.net/pdfdoc/doc1.pdf” file.
One of my family member instead of moving it to Chest they ignored it…

Question No:3
is your avast database updated?.

Answer No:3
Yes

Question No:4
how did you find out that you are infected?. (was it an online scanner).

Answer No:4
One of the other Anti Virus installed on my PC reported an activity in the C:\WINDOWS\TEMP folder.
and the problem started.
Does avast creates a folder in temp labeled as “avast4” ?
I hope i have answered all your questions.

Once again thanks for the quick reply.

Regards,
Prashant Sharma

Intellectuals solve problems, geniuses prevent them. – Albert Einstein

prashanth,

good that you answered all. do the same again.

may we know the other antivirus and firewall you are using?

if its in the avast event log entry then it is removed hopefully.

yes, avast creates a folder avast4 temporarily to extract the files to scan. (please use one antivirus at a time. otherwise there will be such problems of interfering with each other.)

could you post a pic of the right click thing?.

One of the other Anti Virus installed on my PC reported an activity

Multiple Antivirus Apps on One PC?
http://tech.yahoo.com/blog/null/39904

Hello nmb,

Question No.1
may we know the other antivirus and firewall you are using?

Answer No.1:
Avira

I have attached the image of the right click thing along with this reply.

Awaiting your response.

Regards,
Prashant Sharma

Intellectuals solve problems, geniuses prevent them. – Albert Einstein

please, remove antiviruses other than avast. because it’ll conflict with each other.

according to you previous posts, you have scanned with almost all the possible anti malwares. i think your system is clean.

regarding the right click thing, wait for someone else to post.

welcome to the forums.

Hello nmb,

Some Information about Trojan Exploit.JS.Pdfka.

Check the link below

https://www.paretologic.com/resources/definitions.aspx?remove=Js%20Pdfka%20Trojan

The information mentioned about the trojan worries me…

Awaiting your response.

Regards,
Prashant Sharma

Intellectuals solve problems, geniuses prevent them. – Albert Einstein

i think both problems may be related to running two antivirus programs

The result could be a catastrophic failure of both applications (leaving you without any protection), or just general instability in Windows.

check this : http://www.mywot.com/en/scorecard/paretologic.com

edit : get the avira registry cleaner here (to remove the registry entries of antivir) : http://dlpro.antivir.com/down/windows/registrycleaner_en.zip

Hello nmb,

The overall ratings on http://www.mywot.com/en/scorecard/paretologic.com
suggests that Pareto logic is okay and thats it…

Can you just suggest me anything else which i can try …

I believe in trying bcoz it brings you closer to achieving something .

So let me know if you can suggest me something.
By the way i only have Avast installed on my system as of now as the only antivirus.

Awaiting your response.

Regards,
Prashant Sharma

Intellectuals solve problems, geniuses prevent them. – Albert Einstein

I think you have done what ever you could do to scan your system.(am I missing something?)

you can wait for others to post.

okay sounds good

Check:
http://hosts-file.net/default.asp?s=paretologic.com <== FSA - sites engaged in the selling or distribution of bogus or fraudulent applications

want more? :

http://www.google.com/safebrowsing/diagnostic?site=www.paretologic.com

go to this site : http://www.finjan.com/Content.aspx?id=574

and enter : http://www.paretologic.com and click analyse. see what it tells. (DIY)

edit: yes the malware(Trojan Exploit.JS.Pdfka.) might be a harmful one. but i think its removed. nothing to worry. don’t simply scan using anything you find in the internet.

Quote from: pondus on Today at 05:58:17 PM i think both problems may be related to running two antivirus programs Posted on: Today at 06:14:17 PMPosted by: prashant_sharma1984

i see you quote me kenny, but no coment?

I did:
i think both problems may be related to running two antivirus programs

I am trying the trial version of ESET NOD32 Antivirus software and it caught JS/Exploit.Pdfka and safely quarantined it. I’m shock, yet pleased!