|
Log in to post
|
Print Thread |
|
|
|
|
|
Off-Topic
|
Joined: May 2003
Posts: 8,021
Veteran
|
Veteran
Joined: May 2003
Posts: 8,021 |
This is what it is/was
7/6/2009 11:24:42 AM SYSTEM 312 Sign of "JS:Pdfka-JV [Expl]" has been found in "http://microsotf.cn/img/pfqd.php" file.
It is an infected PDF file. I use Firefox with Nitro PDF tool. The minute Avast flagged this Nitor opened and asked what to do with this file.
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: May 2000
Posts: 15,975
PG Music Staff
|
|
PG Music Staff
Joined: May 2000
Posts: 15,975 |
Yes, it looks like a line of code got injected to our web page from somewhere external on the Internet (via a vulnerability in the system that has since been fixed), that was wanting to download a PDF file. (reportedly PDF files can be malicious if you have an older version of your PDF reader) Apparently these things hunt the internet looking for specific vulnerabilities. This has been removed fron the web page, and things should be back to normal now. From a google search, if the PDF was downloaded, and managed to infect, it most likely would be delivering unwanted popup ads and possibly other things. You should do a adware/virus scan to make sure things are OK. There are many good spyware/virus programs, including free scanners (e.g. http://www.kaspersky.com/virusscanner) I apologize for this inconvenience.
Have Fun!
Peter Gannon
PG Music Inc.
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: May 2000
Posts: 22,609
Veteran
|
|
Veteran
Joined: May 2000
Posts: 22,609 |
Thanks Peter, it's good to hear its handled
I do not work here, but the benefits are still awesome
Make your sound your own!
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: Jan 2002
Posts: 10,199
Veteran
|
|
Veteran
Joined: Jan 2002
Posts: 10,199 |
Peter,
It bothers me that you have to apologize for the inconvenience, since you are doing nothing more than running your business. The people who write these things should be found, prosecuted, and then punished for the harm they cause.
While this may have not been anything other than an infected .pdf file, it may have caused loss of business, loss of time for customers, loss of revenue for customers, loss of time for your employees and such.
In a sense, these individuals are no better than the terrorists and pirates populating our world today. And, at some point, they are going to become just as deadly.
Thanks for getting it cleared up, Peter.
Gary
I'm blessed watching God do what He does best. I've had a few rough years, and I'm still not back to where I want to be, but I'm on the way and things are looking far better now than what they were!
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: Dec 2003
Posts: 8,987
Veteran
|
|
Veteran
Joined: Dec 2003
Posts: 8,987 |
Quote:
In a sense, these individuals are no better than the terrorists and pirates populating our world today. And, at some point, they are going to become just as deadly.
the millions or possibly billions of dollars in lost man-hours alone probably far exceeds all other forms of 'piracy' already. to bad someone couldn't come up with a plan to root these people out then prosecute them to the fullest extent of the law. microsoft puts a bounty on their heads but i don't know how affective that has been. maybe a portion of software sales should go into a fund dedicated to exposing these 'terrorists.' the money and effort we all spend on av software would be a good start toward the fund.
just 2 cents from a victim of a trojan that put me out of business with band in a box.
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: May 2005
Posts: 222
Apprentice
|
|
Apprentice
Joined: May 2005
Posts: 222 |
Bob,
The file that popped up when I viewed the PG home page was actually named 955.pdf. Instead of viewing it, I downloaded the file. When I opened it in the Open Office reader, it was blank. However, viewing the file in a hex editor listed more details. Probably like Peter said, it is a specially crafted pdf designed to take advantage of a Window's vulnerability.
JBlatz
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: Sep 2003
Posts: 8,333
Veteran
|
|
Veteran
Joined: Sep 2003
Posts: 8,333 |
According to Adobe:
Platform: Windows XP or Windows 2003 (Vista users are not affected) with Internet Explorer 7 installed
Affected software versions: Adobe Reader 8.1 and earlier, Adobe Reader 7.0.9 and earlier
Adobe Acrobat Professional, 3D and Standard 8.1 and earlier versions, Adobe Acrobat Professional, Standard, 3D and Elements 7.0.9 and earlier
Anyone with the above are in danger of the pdf file using the mail to capacity in adobe to forward information to a 3rd party. I recall using this feature when designing test papers for the fire department, on completion of the test the answers and the users name, date, and badge number were emailed to the Training Office. I'm a little muddy as to how this works in the instance of the webpage, unless it's loading itself as a TSR type piece of software and sending information from forms to another site.
I will not use IE7, and only use that browser if forced to by Microsoft.
John Conley
Musica est vita
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: May 2000
Posts: 22,609
Veteran
|
|
Veteran
Joined: May 2000
Posts: 22,609 |
Strange, I thought I intentionally used the Firefox browser when I went there..
Using the form feature and mailto feature make sense to me. Anytime you fill out a form, it gets mailed to some guy in China; (think username, password type forms boxes)
Some would call that a keylogger, I certainly would, it is a selective keylogger that only mails out keystrokes entered in forms (probably secure forms). Sounds just about like Spybot decribed it. They claim it is logging any form information and sending it to a remote system. Now if they know the system it is getting sent to... seems like it would be an easy shot for the right 'forensic inspector'.
Yeah, I know, they can hijack innocent computers and use those as stoops.. but it would be a start.
I do not work here, but the benefits are still awesome
Make your sound your own!
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: Sep 2003
Posts: 8,333
Veteran
|
|
Veteran
Joined: Sep 2003
Posts: 8,333 |
I have links right to the forum, don't go to the homepage. So do you assume that if you go to order something on-line from PG's store that the info ended up going out to Tim-buck-two?
John Conley
Musica est vita
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: May 2000
Posts: 22,609
Veteran
|
|
Veteran
Joined: May 2000
Posts: 22,609 |
I don't assume anything
I believe PGMusic would have by design any orders going through a seperate secure server.
A secure server will be much harder to infiltrate than a basic webpage server.. although accidental infection is surely possible from admin access.
Since the forum seemed to stay safe during the issue, I believe they have the different components on seperate servers or server partitions. I don't know of any trojan that can jump partitions or domains on a server. Otherwise I would be battling about 15 infected sites right now. One of the infected sites I listed above is still infected after two months (recurring issue) and is on a server that also contains a website I administor. This is how I knew about it to begin with; the guy called us to make sure we knew about his issue and to make sure it hadn't affected our sites, since all sites he administered on that server were getting infected.
I told him it was a sign that he was the one with crap on his shoes and everytime he went in to check his sites he was smearing a little around.
We know exactly what to look for and have seen no sign on our sites.
I do not work here, but the benefits are still awesome
Make your sound your own!
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: May 2000
Posts: 38,502
Veteran
|
|
Veteran
Joined: May 2000
Posts: 38,502 |
What rharv said.
Stay cool, no panic, no rumors please.
--Mac
|
|
|
|
|
|
|
|
|
|
|
|
Ask sales and support questions about Band-in-a-Box using natural language.
ChatPG's knowledge base includes the full Band-in-a-Box User Manual and sales information from the website.
|
|
|
|
|
|
|
|
|
|
|
XPro & Xtra Styles PAK Sets On Sale Now - Until May 15, 2026!
All of our XPro Styles PAKs and Xtra Styles PAKs are on sale until May 15th, 2026!
It's the perfect time to expand your Band-in-a-Box® style library with XPro and Xtra Styles PAKs. These additional styles for Band-in-a-Box® offer a wide range of genres designed to fit seamlessly into your projects. Each style is professionally arranged and mixed, helping enhance your songs while saving you time.
What are XPro Styles and Xtra Styles PAKs?
XPro Styles PAKs are styles that work with any version (Pro, MegaPAK, UltraPAK, UltraPAK+, or Audiophile Edition) of Band-in-a-Box® 2025 (or higher). XPro Styles PAKS 1-10 includes 1,000 styles!
Xtra Styles PAKs are styles that work with the UltraPAK, UltraPAK+, or Audiophile Edition of Band-in-a-Box® 2025 (or higher). Xtra Styles PAKs 1-21 includes 3,700 styles (and 35 MIDI styles)!
The XPro & Xtra Styles PAKs are not included in any Band-in-a-Box® package.
The XPro Styles PAKs 1-10 are available for only $29 ea (reg. $49 ea), or get them all in the XPro Styles PAK Bundle for only $149 (reg. $299)! Listen to demos and order now! For Mac or for Windows.
The Xtra Styles PAKs 1-21 are available for only $29 ea (reg. $49 ea), or get them all in the Xtra Styles PAK Bundle for only $199 (reg. $349)! Listen to demos and order now! For Mac or for Windows.
Note: XPro Styles PAKs require Band-in-a-Box® 2025 or higher and are compatible with ANY package, including the Pro, MegaPAK, UltraPAK, UltraPAK+, and Audiophile Edition.
The Xtra Styles require the UltraPAK, UltraPAK+, or Audiophile Edition of Band-in-a-Box®. (Xtra Styles PAK 19 requires the 2025 or higher UltraPAK, UltraPAK+, or Audiophile Edition. They will not work with the Pro or MegaPAK version as they require the RealTracks included in the UltraPAK, UltraPAK+, or Audiophile Edition.
Supercharge your Band-in-a-Box today with XPro Styles PAKs and Xtra Styles PAK Sets!
Band-in-a-Box 2026 for Mac Videos
With the release of Band-in-a-Box® 2026 for Mac, we’re rolling out a collection of brand-new videos on our YouTube channel. We’ll keep this forum post updated so you can easily find all the latest videos in one convenient spot.
Whether you're exploring new features, checking out the latest RealTracks or Style PAKs, this is your go-to guide for Band-in-a-Box® 2026.
Check out this forum post for "One Stop Shopping" of our Band-in-a-Box® 2026 Mac Videos!
Band-in-a-Box 2026 for Mac is Here!
Band-in-a-Box® 2026 for Mac is here and it is packed with major new features! There’s a new modern look, a GUI redesign to all areas of the program including toolbars, windows, workflow and more. There’s a Multi-view layout for organizing multiple windows. A standout addition is the powerful AI-Notes feature, which uses AI neural-net technology to transcribe polyphonic audio into MIDI—entire mixes or individual instruments—making it easy to study, view, and play parts from any song. And that’s just the beginning—there are over 100 new features in this exciting release.
Along with version 2026, we've released an incredible lineup of new content! There's 202 new RealTracks, brand-new RealStyles, MIDI SuperTracks, Instrumental Studies, “Songs with Vocals” Artist Performance Sets, Playable RealTracks Set 5, two new RealDrums Stems sets, XPro Styles PAK 10, Xtra Styles PAK 21, and much more!
Special Offers
Upgrade to Band-in-a-Box® 2026 for Mac and save up to 50% on most upgrade packages during our special offer—available until May 15, 2026. Visit our Band-in-a-Box® packages page to explore all available upgrade options.
2026 Free Bonus PAK & 49-PAK Add-ons
Our Free Bonus PAK and 49-PAK are loaded with amazing add-ons! The Free Bonus PAK is included with most Band-in-a-Box® 2026 for Mac packages, but you can unlock even more—including 20 unreleased RealTracks—by upgrading to the 2026 49-PAK for just $49.
Holiday Weekend Hours
As we hop into the Easter weekend, here are our holiday hours:
April 3 (Good Friday): 8:00 AM – 4:00 PM PDT
April 4 (Saturday): Closed
April 5 (Easter Sunday): Closed
April 6 (Easter Monday): Open regular hours
Wishing you an egg-cellent weekend!
— Team PG
Update to Build 10 of RealBand® 2026 for Windows®!
If you're already using RealBand 2026 for Windows, download build 10 to get all the latest additions and enhancements.
Band-in-a-Box® 2025 for Mac® users: Build 904 now available!
If you're already using Band-in-a-Box® 2025 for Mac®, make sure to grab the latest update! Build 904 is now available for download and includes the newest additions and enhancements from our team.
Band-in-a-Box® 2026 for Windows® users: Build 1237 is now available!
Already a Band-in-a-Box 2026 for Windows user? Stay up to date and download the build 1237 to get all the latest additions and enhancements.
|
|
|
|
|
|
|
|
|
|
|
|
Forums57
Topics86,216
Posts802,016
Members40,070
| |
Most Online64,515
Apr 8th, 2026
|
|
|
|
|
|
|
|
|
Dansk
Deutsch - Windows
Español
Français - Windows
Italiano - Windows
Nederlands
Polski
Português
Svenskt
русский
Japanese
Simplified Chinese
Traditional Chinese
Korean