Jump to content


Photo

Js.obfuscated.gen


  • Please log in to reply
No replies to this topic

#1 mcostigan

mcostigan

    Newbie

  • Members
  • 1 posts

Posted 26 January 2009 - 03:55 PM

BD has detected this Trojan in 3 separate pdf files that I created using simple Word docs (no macros-text only...docs created by me) and existing pdf files downloaded form my local Realtor MLS site. When viewing the files in Adobe Acrobat Pro it always pauses at some point saying "there is an error in the file, etc..." then you click "ok" and it works just fine. Is it possible to remove this code from these files and is it ACTUALLY Malware or a virus or could it be that Obfuscated code is being used by Adobe to prevent others from copying. NOTE: The pdf files used as part of this new pdf (combo of pdf files and Word docs) were originally pdf files with "form" fields that could be completed by on-line users (ie: the Realtors could fill in prices, etc. in the blank fields and then print them. This may or may not have any relevancy-just very puzzled here.)

Log File

Product : BitDefender Internet Security 2009
Version : BitDefender UIScanner v.12
Scanning task : Deep System Scan
Log date : 09:26:32 26/01/2009
Log path : C:\Documents and Settings\All Users\Application Data\Bitdefender\Desktop\Profiles\Logs\deep_scan\1232979992_1_02.xml

Scan Paths:Path 0000: C:\
Path 0001: D:\
Path 0002: E:\
Path 0003: H:\
Path 0004: I:\
Path 0005: G:\

Scan Options:Scan for viruses : Yes
Scan for adware : Yes
Scan for spyware : Yes
Scan for applications : Yes
Scan for dialers : Yes
Scan for rootkits : Yes

Target Selection Options:Scan registry keys : Yes
Scan cookies : Yes
Scan boot sectors : Yes
Scan memory processes : Yes
Scan archives : Yes
Scan runtime packers : Yes
Scan emails : No
Scan all files : Yes
Heuristic Scan : Yes
Scanned extensions :
Excluded extensions :

Target Processing:Default action for infected objects : Disinfect
Default action for suspicious objects : None
Default action for hidden objects : None

Scan engines summaryNumber of virus signatures : 2607065
Archive plugins : 45
Email plugins : 6
Scan plugins : 13
System plugins : 5
Unpack plugins : 7

Overall scan summaryScanned items : 293158
Infected items : 14
Suspicious items : 0
Resolved items : 0
Unresolved items : 18
Password-protected items : 4
Individual viruses found : 1
Scanned directories : 10298
Scanned boot sectors : 11
Scanned archives : 3234
Input-output errors : 38
Scan time : 00:32:36
Files per second : 149

Scanned processes summaryScanned : 46
Infected : 0

Scanned registry keys summaryScanned : 1107
Infected : 0

Scanned cookies summaryScanned : 1107
Infected : 0

Remaining issues:Object Name Threat Name Final Status
D:\CG\REO\Contract Documents\Contract Info\Contract Instructions Atlas.pdf=](JAVASCRIPT) JS.Obfuscated.Gen Delete Failed (file was in an archive)
D:\CG\REO\Contract Documents\Contract Info\Contract Instructions Brighton.pdf=](JAVASCRIPT) JS.Obfuscated.Gen Delete Failed (file was in an archive)
D:\CG\REO\Contract Documents\Contract Info\Contract Instructions Fannie Mae.pdf=](JAVASCRIPT) JS.Obfuscated.Gen Delete Failed (file was in an archive)
D:\CG\REO\Contract Documents\Contract Info\Contract Instructions Pkg\Contract-2008.pdf=](JAVASCRIPT) JS.Obfuscated.Gen Delete Failed (file was in an archive)
D:\CG\REO\Contract Documents\Contract Info\Contract_Instructions.pdf=](JAVASCRIPT) JS.Obfuscated.Gen Delete Failed (file was in an archive)
D:\CG\REO\Contract Documents\Contract-2008.pdf=](JAVASCRIPT) JS.Obfuscated.Gen Delete Failed (file was in an archive)
D:\CG\REO\Contract Documents\Contract_Instructions.pdf=](JAVASCRIPT) JS.Obfuscated.Gen Delete Failed (file was in an archive)
D:\CG\Retail\Rebate\contract.pdf=](JAVASCRIPT) JS.Obfuscated.Gen Delete Failed (file was in an archive)
D:\RECYCLER\S-1-5-21-1292428093-2025429265-839522115-1003\Dd105.pdf=](JAVASCRIPT) JS.Obfuscated.Gen Delete Failed (file was in an archive)
D:\RECYCLER\S-1-5-21-1292428093-2025429265-839522115-1003\Dd129.pdf=](JAVASCRIPT) JS.Obfuscated.Gen Delete Failed (file was in an archive)
D:\RECYCLER\S-1-5-21-1292428093-2025429265-839522115-1003\Dd131.pdf=](JAVASCRIPT) JS.Obfuscated.Gen Delete Failed (file was in an archive)
D:\RECYCLER\S-1-5-21-1292428093-2025429265-839522115-1003\Dd132.pdf=](JAVASCRIPT) JS.Obfuscated.Gen Delete Failed (file was in an archive)
D:\UREOS\Contract Info\Contract Instructions Fannie Mae.pdf=](JAVASCRIPT) JS.Obfuscated.Gen Delete Failed (file was in an archive)
D:\UREOS\Contract Info\Contract_Instructions.pdf=](JAVASCRIPT) JS.Obfuscated.Gen Delete Failed (file was in an archive)


Objects that were not scanned:Object Name Reason Final Status
C:\Documents and Settings\Owner\Local Settings\Temp\GLB57D.tmp=](Dropped 0) Overcompressed No action was possible
C:\Documents and Settings\Owner\Local Settings\Temp\GLB586.tmp=](Dropped 0) Overcompressed No action was possible
C:\Documents and Settings\Owner\Local Settings\Temp\GLB935.tmp=](Dropped 0) Overcompressed No action was possible
C:\Documents and Settings\Owner\Local Settings\Temp\GLBF3C.tmp=](Dropped 0) Overcompressed No action was possible



Edited by mcostigan, 26 January 2009 - 04:27 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users