diff --git a/htdocs/api/class/api_documents.class.php b/htdocs/api/class/api_documents.class.php
index 9e508985c2f..9100e194c96 100644
--- a/htdocs/api/class/api_documents.class.php
+++ b/htdocs/api/class/api_documents.class.php
@@ -870,7 +870,7 @@ class Documents extends DolibarrApi
 		// Security:
 		// If we need to make a virus scan
 		if (empty($disablevirusscan) && file_exists($src_file)) {
-			$checkvirusarray = dolCheckVirus($src_file);
+			$checkvirusarray = dolCheckVirus($src_file, $dest_file);
 			if (count($checkvirusarray)) {
 				dol_syslog('Files.lib::dol_move_uploaded_file File "'.$src_file.'" (target name "'.$dest_file.'") KO with antivirus: errors='.join(',', $checkvirusarray), LOG_WARNING);
 				throw new RestException(500, 'ErrorFileIsInfectedWithAVirus: '.join(',', $checkvirusarray));
diff --git a/htdocs/core/class/antivir.class.php b/htdocs/core/class/antivir.class.php
index 1a5607de3f1..f5c38a55820 100644
--- a/htdocs/core/class/antivir.class.php
+++ b/htdocs/core/class/antivir.class.php
@@ -73,8 +73,6 @@ class AntiVir
 		// phpcs:enable
 		global $conf;
 
-		$return = 0;
-
 		if (preg_match('/\.virus$/i', $file)) {
 			$this->errors[] = 'File has an extension saying file is a virus';
 			return -97;
@@ -130,8 +128,6 @@ class AntiVir
 	 */
 	public function getCliCommand($file)
 	{
-		global $conf;
-
 		$maxreclevel = 5; // maximal recursion level
 		$maxfiles = 1000; // maximal number of files to be scanned within archive
 		$maxratio = 200; // maximal compression ratio
@@ -148,7 +144,7 @@ class AntiVir
 		$param = preg_replace('/%maxfilesize/', $maxfilesize, $param);
 		$param = preg_replace('/%file/', trim($file), $param);
 
-		if (!preg_match('/%file/', $conf->global->MAIN_ANTIVIRUS_PARAM)) {
+		if (!preg_match('/%file/', getDolGlobalString('MAIN_ANTIVIRUS_PARAM'))) {
 			$param = $param." ".escapeshellarg(trim($file));
 		}
 
diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php
index e90dd1f19e5..f9543a35498 100644
--- a/htdocs/core/lib/files.lib.php
+++ b/htdocs/core/lib/files.lib.php
@@ -717,7 +717,7 @@ function dolReplaceInFile($srcfile, $arrayreplacement, $destfile = '', $newmask
  */
 function dol_copy($srcfile, $destfile, $newmask = 0, $overwriteifexists = 1, $testvirus = 0, $indexdatabase = 0)
 {
-	global $conf, $db, $user;
+	global $db, $user;
 
 	dol_syslog("files.lib.php::dol_copy srcfile=".$srcfile." destfile=".$destfile." newmask=".$newmask." overwriteifexists=".$overwriteifexists);
 
@@ -746,7 +746,7 @@ function dol_copy($srcfile, $destfile, $newmask = 0, $overwriteifexists = 1, $te
 	// Check virus
 	$testvirusarray = array();
 	if ($testvirus) {
-		$testvirusarray = dolCheckVirus($srcfile);
+		$testvirusarray = dolCheckVirus($srcfile, $destfile);
 		if (count($testvirusarray)) {
 			dol_syslog("files.lib.php::dol_copy canceled because a virus was found into source file. we ignore the copy request.", LOG_WARNING);
 			return -3;
@@ -967,7 +967,7 @@ function dol_move($srcfile, $destfile, $newmask = 0, $overwriteifexists = 1, $te
 		// Check virus
 		$testvirusarray = array();
 		if ($testvirus) {
-			$testvirusarray = dolCheckVirus($newpathofsrcfile);
+			$testvirusarray = dolCheckVirus($newpathofsrcfile, $newpathofdestfile);
 			if (count($testvirusarray)) {
 				dol_syslog("files.lib.php::dol_move canceled because a virus was found into source file. we ignore the move request.", LOG_WARNING);
 				return false;
@@ -1176,11 +1176,22 @@ function dol_unescapefile($filename)
  * Check virus into a file
  *
  * @param   string      $src_file       Source file to check
- * @return  array                       Array of errors or empty array if not virus found
+ * @param   string      $dest_file      Destination file name (to know the expected type)
+ * @return  array                       Array of errors, or empty array if not virus found
  */
-function dolCheckVirus($src_file)
+function dolCheckVirus($src_file, $dest_file = '')
 {
-	global $conf, $db;
+	global $db;
+
+	if (preg_match('/\.pdf$/i', $dest_file)) {
+		dol_syslog("dolCheckVirus Check pdf does not contains js file");
+		if (!getDolGlobalString('MAIN_ANTIVIRUS_ALLOW_JS_IN_PDF')) {
+			$tmp = file_get_contents(trim($src_file));
+			if (preg_match('/[\n\s]+\/JavaScript[\n\s]+/m', $tmp)) {
+				return array('File is a PDF with javascript inside');
+			}
+		}
+	}
 
 	if (getDolGlobalString('MAIN_ANTIVIRUS_COMMAND')) {
 		if (!class_exists('AntiVir')) {
@@ -1257,7 +1268,7 @@ function dol_move_uploaded_file($src_file, $dest_file, $allowoverwrite, $disable
 		// Security:
 		// If we need to make a virus scan
 		if (empty($disablevirusscan) && file_exists($src_file)) {
-			$checkvirusarray = dolCheckVirus($src_file);
+			$checkvirusarray = dolCheckVirus($src_file, $dest_file);
 			if (count($checkvirusarray)) {
 				dol_syslog('Files.lib::dol_move_uploaded_file File "'.$src_file.'" (target name "'.$dest_file.'") KO with antivirus: errors='.join(',', $checkvirusarray), LOG_WARNING);
 				return 'ErrorFileIsInfectedWithAVirus: '.join(',', $checkvirusarray);
@@ -1885,10 +1896,14 @@ function dol_add_file_process($upload_dir, $allowoverwrite = 0, $donotupdatesess
 					$nbok++;
 				} else {
 					$langs->load("errors");
-					if ($resupload < 0) {	// Unknown error
+					if (is_numeric($resupload) && $resupload < 0) {	// Unknown error
 						setEventMessages($langs->trans("ErrorFileNotUploaded"), null, 'errors');
 					} elseif (preg_match('/ErrorFileIsInfectedWithAVirus/', $resupload)) {	// Files infected by a virus
-						setEventMessages($langs->trans("ErrorFileIsInfectedWithAVirus"), null, 'errors');
+						if (preg_match('/File is a PDF with javascript inside/', $resupload)) {
+							setEventMessages($langs->trans("ErrorFileIsAnInfectedPDFWithJSInside"), null, 'errors');
+						} else {
+							setEventMessages($langs->trans("ErrorFileIsInfectedWithAVirus"), null, 'errors');
+						}
 					} else { // Known error
 						setEventMessages($langs->trans($resupload), null, 'errors');
 					}
diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php
index d6891090202..76af618a070 100644
--- a/htdocs/core/lib/security.lib.php
+++ b/htdocs/core/lib/security.lib.php
@@ -1254,9 +1254,8 @@ function accessforbidden($message = '', $printheader = 1, $printfooter = 1, $sho
  */
 function getMaxFileSizeArray()
 {
-	global $conf;
-
 	$max = getDolGlobalString('MAIN_UPLOAD_DOC'); // In Kb
+
 	$maxphp = @ini_get('upload_max_filesize'); // In unknown
 	if (preg_match('/k$/i', $maxphp)) {
 		$maxphp = preg_replace('/k$/i', '', $maxphp);
diff --git a/htdocs/langs/en_US/errors.lang b/htdocs/langs/en_US/errors.lang
index 5a31ea22505..5f3e4d633dc 100644
--- a/htdocs/langs/en_US/errors.lang
+++ b/htdocs/langs/en_US/errors.lang
@@ -102,6 +102,7 @@ ErrorFieldRefNotIn=Field <b>%s</b>: '<b>%s</b>' is not a <b>%s</b> existing ref
 ErrorMultipleRecordFoundFromRef=Several record found when searching from ref <b>%s</b>. No way to know which ID to use.
 ErrorsOnXLines=%s errors found
 ErrorFileIsInfectedWithAVirus=The antivirus program was not able to validate the file (file might be infected by a virus)
+ErrorFileIsAnInfectedPDFWithJSInside=The file is a PDF infected by some Javascript inside
 ErrorNumRefModel=A reference exists into database (%s) and is not compatible with this numbering rule. Remove record or renamed reference to activate this module.
 ErrorQtyTooLowForThisSupplier=Quantity too low for this vendor or no price defined on this product for this vendor
 ErrorOrdersNotCreatedQtyTooLow=Some orders haven't been created because of too-low quantities