Results 1 to 10 of 10

Thread: Exploit.JS.Pdfka quaratined but came back

  1. #1
    lili70 Guest

    Default Exploit.JS.Pdfka quaratined but came back

    Hi.

    I have Extreme security 9.0.114.000, Force Field 1.5.36.15.

    Manual scan showed Exploit.JS.Pdfka.bqp and quaratined.
    2 hours later another scan showed
    - Trojan.Downloade.SWF.Agent.cv
    - HEUR.Trojan.Script.Iframer
    - Exploit.JS.Pdfka.bov
    quaratined again.

    I don't know much but I have the feeling I am in trouble.
    What more can I do to get rid of this virus completely.

    Weird behaviors on PC:
    - no exe was running anymore from the icons (iexplore still running so I fixed the registries after the initial quarantine with this http://dougknox.com/xp/file_assoc.htm don't know what it is but works like a charm)
    - out of the blue pops-up a pdf file (one of mine)
    - slow speed

    I read a post from this forum about disabling the iframes and java scripts but couldn't understand how to .

    Please, help !
    L

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,291

    Default Re: Exploit.JS.Pdfka quaratined but came back

    Hi!
    Follow all steps as suggested here:
    http://forums.zonealarm.com/showthread.php?t=70448

    Clean your web cache and temp file with ccleaner:
    http://www.piriform.com/ccleaner/download/slim

    Your ZA is OLD, you need to updated it. See here below how to ensure optimal protection:
    http://forums.zonealarm.com/showthread.php?t=72918

    Cheers,
    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    lili70 Guest

    Default Re: Exploit.JS.Pdfka quaratined but came back

    Quote Originally Posted by fax View Post
    Hi!

    Your ZA is OLD, you need to updated it. See here below how to ensure optimal protection:
    http://forums.zonealarm.com/showthread.php?t=72918

    Cheers,
    Fax
    Hi and thank you.

    That's the other problem.
    It's something wrong with my ZA because it doesn't do this updates automaticaly.
    The settings scan-daily and update-automaticaly but I can see it doesn't do it (the grey writting shows a date in future that it's not the next day).
    I do it manualy every other day and it says system and anti-virus up to date.
    I also noticed that in the last 3 months I didn't get any "annoing" messages from ZA .... I thought it "learned" but ... none ?

    Please advice.
    I knew something is wrong ... but I am happy ZA detected it and it's not too late .... hope so.

    I forgot to tell you thet ZA was shut off when I got the weird behavior ... It just disapeared, I didn't turn it off.

    L

  4. #4
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,291

    Default Re: Exploit.JS.Pdfka quaratined but came back

    Hi!
    first you need to clean your system from malware. Run all the antimalware suggested here and if it is not enough post your logs to spywarehapper or bleeping computer to have your system cleaned by experts (last points of the same document).

    After you have followed ALL the suggestions in the link above. You can look here below on how to check your system and update your ZA.

    xyz was not detected. What I should do?

    Cheers,
    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  5. #5
    lili70 Guest

    Default Re: Exploit.JS.Pdfka quaratined but came back

    Quote Originally Posted by fax View Post
    Hi!
    first you need to clean your system from malware. Run all the antimalware suggested here and if it is not enough post your logs to spywarehapper or bleeping computer to have your system cleaned by experts (last points of the same document).

    After you have followed ALL the suggestions in the link above. You can look here below on how to check your system and update your ZA.

    xyz was not detected. What I should do?

    Cheers,
    Fax
    Hi.
    OK.
    The safemode and MBAM and a2 was the first thing I did (you taught me last year) but didn't show anything. Good for ZA that picked it up !
    Now I just updated manualy my ZA and proceed to ccclean ...
    Thank you, again.
    L

    PS: they should "sell" you as a package with ZA .... 'cause that's the best version

  6. #6
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,291

    Default Re: Exploit.JS.Pdfka quaratined but came back

    You're welcome!

    Cheers,
    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  7. #7
    lili70 Guest

    Default Re: Exploit.JS.Pdfka quaratined but came back

    Still troubles ... this time no virus found but ZA is not feeling well.

    I cannot run ZA antivirus in safe mode .
    I cannot connect ti Internet in safe mode.
    I fixed reg, did A2 but cannot make ZA antivirus work in safe mode.
    It show in the task as "protection up, initializing" but is dead .
    I think I still have a virus because the computer is veeeerrryyy slow.

    Advice please. First I would like to fix the ZA antivirus to work in safe mode.
    Strange in normal mode is working ...
    Please ...

    L

  8. #8
    Join Date
    Jun 2006
    Location
    The 3rd Coast - South Central Texas
    Posts
    10,470

    Smile Re: Exploit.JS.Pdfka quaratined but came back

    Quote Originally Posted by lili70 View Post
    Still troubles ... this time no virus found but ZA is not feeling well.

    I cannot run ZA antivirus in safe mode .
    I cannot connect ti Internet in safe mode.
    I fixed reg, did A2 but cannot make ZA antivirus work in safe mode.
    It show in the task as "protection up, initializing" but is dead .
    I think I still have a virus because the computer is veeeerrryyy slow.

    Advice please. First I would like to fix the ZA antivirus to work in safe mode.
    Strange in normal mode is working ...
    Please ...

    L

    IF ZA is not Feeling well, then you need to "RESET" the Database to make ZA feel better..

    To repair this problem, please follow the steps below. Please note that
    this will remove your program permission settings (so you may want to make note of them), but re-establishing them is a simple process.

    1.) Hold down the Ctrl and Shift keys together
    2.) Right click on the ZA icon near your clock in the system tray lower right corner
    3.) Choose 'Reset' from the box that comes up
    4.) Choose Yes on the Reset Settings dialog box
    5.) When prompted, choose OK to restart your system
    6.) Follow the on screen configuration prompts after reboot
    GeorgeV
    ZoneAlarm® Extreme Security


    Click here for ZA Support
    Monday-Saturday__ 6am to 10pm Central time
    Closed Sundays and Holidays

  9. #9
    lili70 Guest

    Default Re: Exploit.JS.Pdfka quaratined but came back

    x 10

    Thank you !
    Thank you George and Fax.
    It worked !
    I am scanning now in safe mode.

    ZA is feeling gooood now ....
    L

  10. #10
    Join Date
    Jun 2006
    Location
    The 3rd Coast - South Central Texas
    Posts
    10,470

    Default Re: Exploit.JS.Pdfka quaratined but came back

    Your Welcome Lili70..

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Exploit.JS.Pdfka.ec attacks frequently- urgent help needed please.
    By shakur in forum ZoneAlarm Anti-virus & Anti-spyware
    Replies: 9
    Last Post: February 4th, 2009, 11:11 PM
  2. Exploit.VBS.Phel.bl What's This??
    By skeezix in forum Malware Discussion
    Replies: 1
    Last Post: June 15th, 2007, 02:27 PM
  3. DcomRpc.exploit
    By hdater in forum Security Issues
    Replies: 6
    Last Post: November 25th, 2006, 08:11 AM
  4. guess its back since i updated back to 6.5 v
    By billybobby in forum General - Questions that don't fit any other category
    Replies: 0
    Last Post: June 20th, 2006, 06:31 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •