Need help? Ask the community or hire an expert.
Go to Avira Answers
Date discovered:23/10/2012
In the wild:Yes
Reported Infections:High
Distribution Potential:Low to medium
Damage Potential:Low to medium
Static file:No
File size:~13.000 Bytes
VDF version:
IVDF version:

 General Method of propagation:
   • By visiting infected websites

   •  Kaspersky: Exploit.JS.Pdfka.ggc
   •  Sophos: Troj/PDFJs-AAS
   •  Microsoft: Exploit:Win32/Pdfjsc.ADY
   •  Grisoft: Exploit_c.VRU
   •  Eset: JS/Exploit.Pdfka.PTS
   •  GData: Exploit.JS.PDF.FD
   •  Authentium: JS/Pdfka.HD
   •  DrWeb: Exploit.PDF.3048
   •  Norman: Trojan CVE_2010_0188.A

Platforms / OS:
   • Windows 2000
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7

Side effects:
   • Drive-by download
   • Makes use of software vulnerability

 Files It tries to download a file:

– The location is the following:
It is saved on the local hard drive under: %temporary internet files%\calc[1].exe Furthermore this file gets executed after it was fully downloaded. Further investigation pointed out that this file is malware, too. Detected as: TR/Agent.FQR

Description inserted by Alexander Bauer on Friday, October 26, 2012
Description updated by Alexander Bauer on Friday, October 26, 2012

Back . . . .