|
Log in to post
|
Print Thread |
|
|
|
|
|
Off-Topic
|
Joined: May 2003
Posts: 8,021
Veteran
|
Veteran
Joined: May 2003
Posts: 8,021 |
This is what it is/was
7/6/2009 11:24:42 AM SYSTEM 312 Sign of "JS:Pdfka-JV [Expl]" has been found in "http://microsotf.cn/img/pfqd.php" file.
It is an infected PDF file. I use Firefox with Nitro PDF tool. The minute Avast flagged this Nitor opened and asked what to do with this file.
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: May 2000
Posts: 15,614
PG Music Staff
|
|
PG Music Staff
Joined: May 2000
Posts: 15,614 |
Yes, it looks like a line of code got injected to our web page from somewhere external on the Internet (via a vulnerability in the system that has since been fixed), that was wanting to download a PDF file. (reportedly PDF files can be malicious if you have an older version of your PDF reader) Apparently these things hunt the internet looking for specific vulnerabilities. This has been removed fron the web page, and things should be back to normal now. From a google search, if the PDF was downloaded, and managed to infect, it most likely would be delivering unwanted popup ads and possibly other things. You should do a adware/virus scan to make sure things are OK. There are many good spyware/virus programs, including free scanners (e.g. http://www.kaspersky.com/virusscanner) I apologize for this inconvenience.
Have Fun!
Peter Gannon
PG Music Inc.
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: May 2000
Posts: 21,666
Veteran
|
|
Veteran
Joined: May 2000
Posts: 21,666 |
Thanks Peter, it's good to hear its handled
Make your sound your own!
.. I do not work here, but the benefits are still awesome
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: Jan 2002
Posts: 10,153
Veteran
|
|
Veteran
Joined: Jan 2002
Posts: 10,153 |
Peter,
It bothers me that you have to apologize for the inconvenience, since you are doing nothing more than running your business. The people who write these things should be found, prosecuted, and then punished for the harm they cause.
While this may have not been anything other than an infected .pdf file, it may have caused loss of business, loss of time for customers, loss of revenue for customers, loss of time for your employees and such.
In a sense, these individuals are no better than the terrorists and pirates populating our world today. And, at some point, they are going to become just as deadly.
Thanks for getting it cleared up, Peter.
Gary
I'm blessed watching God do what He does best. I've had a few rough years, and I'm still not back to where I want to be, but I'm on the way and things are looking far better now than what they were!
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: Dec 2003
Posts: 8,987
Veteran
|
|
Veteran
Joined: Dec 2003
Posts: 8,987 |
Quote:
In a sense, these individuals are no better than the terrorists and pirates populating our world today. And, at some point, they are going to become just as deadly.
the millions or possibly billions of dollars in lost man-hours alone probably far exceeds all other forms of 'piracy' already. to bad someone couldn't come up with a plan to root these people out then prosecute them to the fullest extent of the law. microsoft puts a bounty on their heads but i don't know how affective that has been. maybe a portion of software sales should go into a fund dedicated to exposing these 'terrorists.' the money and effort we all spend on av software would be a good start toward the fund.
just 2 cents from a victim of a trojan that put me out of business with band in a box.
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: May 2005
Posts: 222
Apprentice
|
|
Apprentice
Joined: May 2005
Posts: 222 |
Bob,
The file that popped up when I viewed the PG home page was actually named 955.pdf. Instead of viewing it, I downloaded the file. When I opened it in the Open Office reader, it was blank. However, viewing the file in a hex editor listed more details. Probably like Peter said, it is a specially crafted pdf designed to take advantage of a Window's vulnerability.
JBlatz
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: Sep 2003
Posts: 8,333
Veteran
|
|
Veteran
Joined: Sep 2003
Posts: 8,333 |
According to Adobe:
Platform: Windows XP or Windows 2003 (Vista users are not affected) with Internet Explorer 7 installed
Affected software versions: Adobe Reader 8.1 and earlier, Adobe Reader 7.0.9 and earlier
Adobe Acrobat Professional, 3D and Standard 8.1 and earlier versions, Adobe Acrobat Professional, Standard, 3D and Elements 7.0.9 and earlier
Anyone with the above are in danger of the pdf file using the mail to capacity in adobe to forward information to a 3rd party. I recall using this feature when designing test papers for the fire department, on completion of the test the answers and the users name, date, and badge number were emailed to the Training Office. I'm a little muddy as to how this works in the instance of the webpage, unless it's loading itself as a TSR type piece of software and sending information from forms to another site.
I will not use IE7, and only use that browser if forced to by Microsoft.
John Conley
Musica est vita
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: May 2000
Posts: 21,666
Veteran
|
|
Veteran
Joined: May 2000
Posts: 21,666 |
Strange, I thought I intentionally used the Firefox browser when I went there..
Using the form feature and mailto feature make sense to me. Anytime you fill out a form, it gets mailed to some guy in China; (think username, password type forms boxes)
Some would call that a keylogger, I certainly would, it is a selective keylogger that only mails out keystrokes entered in forms (probably secure forms). Sounds just about like Spybot decribed it. They claim it is logging any form information and sending it to a remote system. Now if they know the system it is getting sent to... seems like it would be an easy shot for the right 'forensic inspector'.
Yeah, I know, they can hijack innocent computers and use those as stoops.. but it would be a start.
Make your sound your own!
.. I do not work here, but the benefits are still awesome
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: Sep 2003
Posts: 8,333
Veteran
|
|
Veteran
Joined: Sep 2003
Posts: 8,333 |
I have links right to the forum, don't go to the homepage. So do you assume that if you go to order something on-line from PG's store that the info ended up going out to Tim-buck-two?
John Conley
Musica est vita
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: May 2000
Posts: 21,666
Veteran
|
|
Veteran
Joined: May 2000
Posts: 21,666 |
I don't assume anything
I believe PGMusic would have by design any orders going through a seperate secure server.
A secure server will be much harder to infiltrate than a basic webpage server.. although accidental infection is surely possible from admin access.
Since the forum seemed to stay safe during the issue, I believe they have the different components on seperate servers or server partitions. I don't know of any trojan that can jump partitions or domains on a server. Otherwise I would be battling about 15 infected sites right now. One of the infected sites I listed above is still infected after two months (recurring issue) and is on a server that also contains a website I administor. This is how I knew about it to begin with; the guy called us to make sure we knew about his issue and to make sure it hadn't affected our sites, since all sites he administered on that server were getting infected.
I told him it was a sign that he was the one with crap on his shoes and everytime he went in to check his sites he was smearing a little around.
We know exactly what to look for and have seen no sign on our sites.
Make your sound your own!
.. I do not work here, but the benefits are still awesome
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: May 2000
Posts: 38,502
Veteran
|
|
Veteran
Joined: May 2000
Posts: 38,502 |
What rharv said.
Stay cool, no panic, no rumors please.
--Mac
|
|
|
|
|
|
|
|
|
|
|
|
Ask sales and support questions about Band-in-a-Box using natural language.
ChatPG's knowledge base includes the full Band-in-a-Box User Manual and sales information from the website.
|
|
|
|
|
|
|
|
|
|
|
User Video: Band-in-a-Box® + ChatGPT = Impressed the BOSS!
Band-in-a-Box User Video Tutorials!
If you've reviewed our Support page, you've probably noticed the Videos page, which separates our Band-in-a-Box® tutorial videos by category: Overview, VST DAW Plugin, Setup, Beginner, Intermediate, Advanced, and there's even an Archive category to go down memory lane... (You'll also find these videos on our YouTube Channel.)
It's always great to hear how other Band-in-a-Box® users create their songs, especially when they explain in detail what they're doing. Like Henry Clarke's YouTube Channel, Henry Clarke - Senior Musicians Unite! There you'll find his ALL Band-in-a-Box Tutorials playlist with over 50 videos! His top-three most watched videos include "How to Get Started with Band-in-a-Box," "How I use the Audio Chord Wizard in Band-in-a-Box," and "How to Create An Effective Solo Using Band-in-a-Box" - however he touches on many other topics and also demonstrates his own Band-in-a-Box® songs in the Band-in-a-Box Created Songs playlist!
You're guaranteed to find some helpful videos when you visit Henry Clarke's channel!
Band-in-a-Box® 2024 Italian for Windows is Here!
Ci siamo dati da fare e abbiamo aggiunto oltre 50 nuove funzionalità e una straordinaria raccolta di nuovi contenuti, tra cui 222 RealTracks, nuovi RealStyles, MIDI SuperTracks, Instrumental Studies, "Songs with Vocals" Artist Performance Sets, Playable RealTracks Set 3, Playable RealDrums Set 2, due nuovi set di "RealDrums Stems", XPro Styles PAK 6, Xtra Styles PAK 17 e altro ancora!
Tutti Pacchetti | Nuove Caratteristiche
Band-in-a-Box® 2024 French for Windows is Here!
Band-in-a-Box® 2024 apporte plus de 50 fonctions nouvelles ainsi qu'une importante de contenus nouveaux à savoir : 222 RealTracks, des RealStyles nouveaux, des SuperTracks MIDI, des Etudes d'Instruments, des Prestations d'Artistes, des "Morceaux avec Choeurs", un Set 3 de Tracks Jouables, un Set 2 de RealDrums Jouables, deux nouveaux Sets de "RealDrums Stems", des Styles XPro PAK 6, des Xtra Styles PAK 17 et bien plus encore!
Tous Packages | Nouvelles Fonctionnalités
Video: Making a Song with Band-in-a-Box®, ChatGPT, and Synth V
Take your Band-in-a-Box® project to a whole new level when you incorporate ChatGPT and Synth V to add lyrics and vocals to your song!
We wanted to demonstrate how this is done with our video, where we show you how to go from nothing to a finished "radio ready" modern pop song by combining the features of Band-in-a-Box®, ChatGPT, and Synth V!
Listen to the finished song, so you get a listen to the finished product: https://demos.pgmusic.com/misc/behindthefame.m4a
If you like it, watch the video. Either way, let's hear your comments!
Henry Clarke: Revolutionize Your Band-in-Box® Tracks with Regenerating Function
User Video: Convert MIDI Chords into AI Vocal Harmonies with ACE Studio and Band-in-a-Box®
|
|
|
|
|
|
|
|
|
|
|
|
Forums65
Topics81,961
Posts739,950
Members38,649
| |
Most Online2,537
Jan 19th, 2020
|
|
|
|
|
|
|
|
|
Dansk
Deutsch - Windows
Español
Français - Windows
Italiano - Windows
Nederlands
Polski
Português
Svenskt
русский
Japanese
Simplified Chinese
Traditional Chinese
Korean