Avast WEBforum
Other => Viruses and worms => Topic started by: mrapi on January 16, 2012, 05:44:45 PM
-
Hi,please reanalyze the file attached,Avira Lab report for it shows that is clean,but Avast detect it as JS:Pdfka-gen [Expl]
https://www.virustotal.com/file/05128fb49caaeb3a49f19d1c674239395f42403257e741dc55d9bcbad545c2e1/analysis/1326731619/ (https://www.virustotal.com/file/05128fb49caaeb3a49f19d1c674239395f42403257e741dc55d9bcbad545c2e1/analysis/1326731619/)
Avira Lab report:
Dear Sir or Madam,
Thank you for your email to Avira's virus lab.
Tracking number: INC00947588.
We received the following archive files:
File ID Filename Size (Byte) Result
26496057 S1001_nr2_121211.zip 146.37 KB OK
A listing of files contained inside archives alongside their results can be found below:
File ID Filename Size (Byte) Result
26496058 S1001_nr2_121211.pdf 156.62 KB CLEAN
Please find a detailed report concerning each individual sample below:
Filename Result
S1001_nr2_121211.pdf CLEAN
Thanks!
-
Maybe you already were infected by this malware, but did not have the Adobe file installed for it yet to wake up the malcode for it to become active. It is a detection for exploit code, in order for the exploit to work it has to be able to exploit a vulnerability in your PDF reader. First trick is that it tries to have you open it, and apparently you did.
Maybe you have to wait for essexboy here to have a look. It could well that some adware brought this malware along. Well wait for him to have a look. With 6 on VT alerting this it sure is no FP,
polonus
-
Posting a VT scan wont help unless you also send the file to avast lab.....
-
Sample file sent with topic link.
Thanks !
-
Hi Pondus,you sent me a personal message but I'm not allowed to reply to you,
I got : An Error Has Occurred! You are not allowed to send personal messages.
So I answered mailing again to virus@... (link topic in subject)
Thanks
-
Hi mrapi,
Welcome to the forums. Stay with us and when you have reached 20 postings the PM function will be available to you also. Stay safe and secure,
polonus
-
k,thanks for clarifications,file sent to Pondus mailbox
-
Sophos lab
SophosLabs has analyzed the submitted file(s) and determined they are not malicious and can safely be authorized.
S1001_nr2_121211.pdf -- can be authorised
Norman lab
S1001_nr2_121211.pdf : Clean!
-
What about Avast lab?
Sophos lab
SophosLabs has analyzed the submitted file(s) and determined they are not malicious and can safely be authorized.
S1001_nr2_121211.pdf -- can be authorised
-
Hello,
it will be fixed in next VPS.
-
So was it my upload that did it....or ;D
EDIT: guess it was....just got the mail ;)
-
Hello,good news,thanks !
Hello,
it will be fixed in next VPS.
-
Fixed after today update !
Thanks!