Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

What is 'JS:Pdfka-gen'?

Started by ZedU54 , Mar 19 2011 09:57 AM

  • This topic is locked This topic is locked

#1
ZedU54
Posted 19 March 2011 - 09:57 AM

ZedU54

    Member

  • Member
  • PipPip
  • 96 posts
...This is not an actual infection, but appears to be an infection attempt. I got this e-mail yesterday:

From: 0rder ([email protected])
Sent: Fri 3/18/11 12:38 AM
To: [email protected]

Attachments: 1 attachment | Download all attachments (72.8 KB)
Doc-0344.pdf (72.8 KB) ,
Attachments, pictures and links in this message have been blocked for your safety.
Show content | Always show content from ([email protected])

Thank you for ordering from Bobijou Inc.

This message is to inform you that your order has been received
and is currently being processed.

Your order reference is 095973.
You will need this in all correspondence.

This receipt is NOT proof of purchase.
We will send a printed invoice by mail to your billing address.

You have chosen to pay by credit card.
Your card will be charged for the amount of 860.00 USD
and "Bobijou Inc." will appear next to the charge on your statement.

You will receive a separate email confirming your order has been despatched.


Your purchase and delivery information appears below in attached file.


Thanks again for shopping at Bobijou Inc.
___________________________________________


I don't know how I got it (the e-mail address it was sent to is not mine, so I don't know how it got into my inbox), but I have never made such a purchase, nor had I even heard of this company before. (I did a Google search on it; it seems to be a legitimate jewelry seller, but who knows these days?...) I went to download the attachment, shown as a .pdf file (MSN gives me the option to download it as a .zip file), WITHOUT OPENING IT, so I could let Avast, Malwarebytes, etc., check it out, but I never even got that far. Avast alerted on the above-named threat and blocked the download; that was enough for me. (Also, that 72.8kB file size looks to be rather large for a 'purchase and delivery information' document.) I immediately contacted my bank, advised them of the e-mail and that if a charge from the company named in the e-mail tried to post to my account, it is not legitimate. I suspect that won't happen because I didn't open the attachment. Sounds to me like a 'spoofing' email...
  • 0

Advertisements

#2
NeonFx
Posted 20 March 2011 - 09:57 PM

NeonFx

    Malware Removal Dude

  • Expert
  • 3,798 posts
Hi Zed,

It seems you did the right thing and avoided infecting your system. The naming convention used by your security program seems to imply it doesn't even know exactly what infection it is. All it's saying is that it is a javascript/pdf generic exploit/malware.

You should be good just deleting it and the email that contained it.

Please let me know if you have any questions, I would be glad to try to answer them for you.

NeonFx
  • 0

#3
ZedU54
Posted 21 March 2011 - 08:42 PM

ZedU54

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts
...I did delete it. And after this incident I ran Avast and Malwarebytes scans that came back clean. I wondered afterward if there was someone I could have forwarded/reported that e-mail to...

...Avast used to be very highly recommended on this site, but that was, well, two years ago...I got rid of Norton (which had been pre-installed on this computer) in favor of Avast back then (when Norton was still notorious as a 'resource hog') based on that recommendation and have used it ever since (now running 6.0); I have no complaints, and it seems to do its job adequately well...
  • 0

#4
NeonFx
Posted 21 March 2011 - 08:51 PM

NeonFx

    Malware Removal Dude

  • Expert
  • 3,798 posts
Avast is perfectly sufficient. You don't really need to report the email anywhere as there's really no central body that governs this kind of thing. You could submit samples to antivirus companies, but that won't do much good as they can already detect it anyway.

If you're worried about your passwords being stolen though you may consider changing your passwords elsewhere such as online bank accounts or other email accounts. This would ensure that if they were stolen they couldn't be used anyway.

Was there any thing else I could help you with?
  • 0

#5
ZedU54
Posted 22 March 2011 - 01:12 PM

ZedU54

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts
...no. But thank you very much for taking the time to respond. Consider this 'case closed'. :D
  • 0

#6
NeonFx
Posted 22 March 2011 - 06:44 PM

NeonFx

    Malware Removal Dude

  • Expert
  • 3,798 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :D

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP