|
Log in to post
|
Print Thread |
|
|
|
|
|
Off-Topic
|
Joined: May 2003
Posts: 8,021
Veteran
|
Veteran
Joined: May 2003
Posts: 8,021 |
This is what it is/was
7/6/2009 11:24:42 AM SYSTEM 312 Sign of "JS:Pdfka-JV [Expl]" has been found in "http://microsotf.cn/img/pfqd.php" file.
It is an infected PDF file. I use Firefox with Nitro PDF tool. The minute Avast flagged this Nitor opened and asked what to do with this file.
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: May 2000
Posts: 15,944
PG Music Staff
|
|
PG Music Staff
Joined: May 2000
Posts: 15,944 |
Yes, it looks like a line of code got injected to our web page from somewhere external on the Internet (via a vulnerability in the system that has since been fixed), that was wanting to download a PDF file. (reportedly PDF files can be malicious if you have an older version of your PDF reader) Apparently these things hunt the internet looking for specific vulnerabilities. This has been removed fron the web page, and things should be back to normal now. From a google search, if the PDF was downloaded, and managed to infect, it most likely would be delivering unwanted popup ads and possibly other things. You should do a adware/virus scan to make sure things are OK. There are many good spyware/virus programs, including free scanners (e.g. http://www.kaspersky.com/virusscanner) I apologize for this inconvenience.
Have Fun!
Peter Gannon
PG Music Inc.
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: May 2000
Posts: 22,539
Veteran
|
|
Veteran
Joined: May 2000
Posts: 22,539 |
Thanks Peter, it's good to hear its handled
I do not work here, but the benefits are still awesome
Make your sound your own!
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: Jan 2002
Posts: 10,199
Veteran
|
|
Veteran
Joined: Jan 2002
Posts: 10,199 |
Peter,
It bothers me that you have to apologize for the inconvenience, since you are doing nothing more than running your business. The people who write these things should be found, prosecuted, and then punished for the harm they cause.
While this may have not been anything other than an infected .pdf file, it may have caused loss of business, loss of time for customers, loss of revenue for customers, loss of time for your employees and such.
In a sense, these individuals are no better than the terrorists and pirates populating our world today. And, at some point, they are going to become just as deadly.
Thanks for getting it cleared up, Peter.
Gary
I'm blessed watching God do what He does best. I've had a few rough years, and I'm still not back to where I want to be, but I'm on the way and things are looking far better now than what they were!
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: Dec 2003
Posts: 8,987
Veteran
|
|
Veteran
Joined: Dec 2003
Posts: 8,987 |
Quote:
In a sense, these individuals are no better than the terrorists and pirates populating our world today. And, at some point, they are going to become just as deadly.
the millions or possibly billions of dollars in lost man-hours alone probably far exceeds all other forms of 'piracy' already. to bad someone couldn't come up with a plan to root these people out then prosecute them to the fullest extent of the law. microsoft puts a bounty on their heads but i don't know how affective that has been. maybe a portion of software sales should go into a fund dedicated to exposing these 'terrorists.' the money and effort we all spend on av software would be a good start toward the fund.
just 2 cents from a victim of a trojan that put me out of business with band in a box.
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: May 2005
Posts: 222
Apprentice
|
|
Apprentice
Joined: May 2005
Posts: 222 |
Bob,
The file that popped up when I viewed the PG home page was actually named 955.pdf. Instead of viewing it, I downloaded the file. When I opened it in the Open Office reader, it was blank. However, viewing the file in a hex editor listed more details. Probably like Peter said, it is a specially crafted pdf designed to take advantage of a Window's vulnerability.
JBlatz
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: Sep 2003
Posts: 8,333
Veteran
|
|
Veteran
Joined: Sep 2003
Posts: 8,333 |
According to Adobe:
Platform: Windows XP or Windows 2003 (Vista users are not affected) with Internet Explorer 7 installed
Affected software versions: Adobe Reader 8.1 and earlier, Adobe Reader 7.0.9 and earlier
Adobe Acrobat Professional, 3D and Standard 8.1 and earlier versions, Adobe Acrobat Professional, Standard, 3D and Elements 7.0.9 and earlier
Anyone with the above are in danger of the pdf file using the mail to capacity in adobe to forward information to a 3rd party. I recall using this feature when designing test papers for the fire department, on completion of the test the answers and the users name, date, and badge number were emailed to the Training Office. I'm a little muddy as to how this works in the instance of the webpage, unless it's loading itself as a TSR type piece of software and sending information from forms to another site.
I will not use IE7, and only use that browser if forced to by Microsoft.
John Conley
Musica est vita
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: May 2000
Posts: 22,539
Veteran
|
|
Veteran
Joined: May 2000
Posts: 22,539 |
Strange, I thought I intentionally used the Firefox browser when I went there..
Using the form feature and mailto feature make sense to me. Anytime you fill out a form, it gets mailed to some guy in China; (think username, password type forms boxes)
Some would call that a keylogger, I certainly would, it is a selective keylogger that only mails out keystrokes entered in forms (probably secure forms). Sounds just about like Spybot decribed it. They claim it is logging any form information and sending it to a remote system. Now if they know the system it is getting sent to... seems like it would be an easy shot for the right 'forensic inspector'.
Yeah, I know, they can hijack innocent computers and use those as stoops.. but it would be a start.
I do not work here, but the benefits are still awesome
Make your sound your own!
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: Sep 2003
Posts: 8,333
Veteran
|
|
Veteran
Joined: Sep 2003
Posts: 8,333 |
I have links right to the forum, don't go to the homepage. So do you assume that if you go to order something on-line from PG's store that the info ended up going out to Tim-buck-two?
John Conley
Musica est vita
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: May 2000
Posts: 22,539
Veteran
|
|
Veteran
Joined: May 2000
Posts: 22,539 |
I don't assume anything
I believe PGMusic would have by design any orders going through a seperate secure server.
A secure server will be much harder to infiltrate than a basic webpage server.. although accidental infection is surely possible from admin access.
Since the forum seemed to stay safe during the issue, I believe they have the different components on seperate servers or server partitions. I don't know of any trojan that can jump partitions or domains on a server. Otherwise I would be battling about 15 infected sites right now. One of the infected sites I listed above is still infected after two months (recurring issue) and is on a server that also contains a website I administor. This is how I knew about it to begin with; the guy called us to make sure we knew about his issue and to make sure it hadn't affected our sites, since all sites he administered on that server were getting infected.
I told him it was a sign that he was the one with crap on his shoes and everytime he went in to check his sites he was smearing a little around.
We know exactly what to look for and have seen no sign on our sites.
I do not work here, but the benefits are still awesome
Make your sound your own!
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: May 2000
Posts: 38,502
Veteran
|
|
Veteran
Joined: May 2000
Posts: 38,502 |
What rharv said.
Stay cool, no panic, no rumors please.
--Mac
|
|
|
|
|
|
|
|
|
|
|
|
Ask sales and support questions about Band-in-a-Box using natural language.
ChatPG's knowledge base includes the full Band-in-a-Box User Manual and sales information from the website.
|
|
|
|
|
|
|
|
|
|
|
Band-in-a-Box® 2025 for Mac® users: Build 904 now available!
If you're already using Band-in-a-Box® 2025 for Mac®, make sure to grab the latest update! Build 904 is now available for download and includes the newest additions and enhancements from our team.
Band-in-a-Box® 2026 for Windows® users: Build 1237 is now available!
Already a Band-in-a-Box 2026 for Windows user? Stay up to date and download the build 1237 to get all the latest additions and enhancements.
PowerTracks Pro 2026 for Windows is Here!
PowerTracks 2026 is here—bringing powerful new enhancements designed to make your production workflow faster, smoother, and more intuitive than ever.
The enhanced Mixer now shows Track Type and Instrument icons for instant track recognition, while a new grid option simplifies editing views. Non-floating windows adopt a modern title bar style, replacing the legacy blue bar.
The Master Volume is now applied at the end of the audio chain for consistent levels and full-signal master effects.
Tablature now includes a “Save bends when saving XML” option for improved compatibility with PG Music tools. Plus, you can instantly match all track heights with a simple Ctrl-release after resizing, and Add2 chords from MGU/SGU files are now fully supported... and more!
Get started today—first-time packages start at just $49.
Already using PowerTracks Pro Audio? Upgrade for as little as $29 and enjoy the latest improvements!
Order now!
Band-in-a-Box 2026 for Windows Special Offers End Tomorrow (January 15th, 2026) at 11:59 PM PST!
Time really is running out! Save up to 50% on Band-in-a-Box® 2026 for Windows® upgrades and receive a FREE Bonus PAK—only when you order by 11:59 PM PST on Thursday, January 15, 2026!
We've added many major new features and new content in a redesigned Band-in-a-Box® 2026 for Windows®!
Version 2026 introduces a modernized GUI redesign across the program, with updated toolbars, refreshed windows, smoother workflows, and a new Dark Mode option. There’s also a new side toolbar for quicker access to commonly used windows, and the new Multi-View feature lets you arrange multiple windows as layered panels without overlap, making it easier to customize your workspace.
Another exciting new addition is the new AI-Notes feature, which can transcribe polyphonic audio into MIDI. You can view the results in notation or play them back as MIDI, and choose whether to process an entire track or focus on specific parts like drums, bass, guitars/piano, or vocals. There's over 100 new features in Band-in-a-Box® 2026 for Windows®.
There's an amazing collection of new content too, including 202 RealTracks, new RealStyles, MIDI SuperTracks, Instrumental Studies, “Songs with Vocals” Artist Performance Sets, Playable RealTracks Set 5, two RealDrums Stems sets, XPro Styles PAK 10, Xtra Styles PAK 21, and much more!
Upgrade your Band-in-a-Box for Windows to save up to 50% on most Band-in-a-Box® 2026 upgrade packages!
Plus, when you order your Band-in-a-Box® 2026 upgrade during our special, you'll receive a Free Bonus PAK of exciting new add-ons.
If you need any help deciding which package is the best option for you, just let us know. We are here to help!
Band-in-a-Box® 2026 for Windows® Special Offers Extended Until January 15, 2026!
Good news! You still have time to upgrade to the latest version of Band-in-a-Box® for Windows® and save. Our Band-in-a-Box® 2026 for Windows® special now runs through January 15, 2025!
We've packed Band-in-a-Box® 2026 with major new features, enhancements, and an incredible lineup of new content! The program now sports a sleek, modern GUI redesign across the entire interface, including updated toolbars, refreshed windows, smoother workflows, a new dark mode option, and more. The brand-new side toolbar provides quicker access to key windows, while the new Multi-View feature lets you arrange multiple windows as layered panels without overlap, creating a flexible, clutter-free workspace. We have an amazing new “AI-Notes” feature. This transcribes polyphonic audio into MIDI so you can view it in notation or play it back as MIDI. You can process an entire track (all pitched instruments and drums) or focus on individual parts like drums, bass, guitars/piano, or vocals. There's an amazing collection of new content too, including 202 RealTracks, new RealStyles, MIDI SuperTracks, Instrumental Studies, “Songs with Vocals” Artist Performance Sets, Playable RealTracks Set 5, two RealDrums Stems sets, XPro Styles PAK 10, Xtra Styles PAK 21, and much more!
There are over 100 new features in Band-in-a-Box® 2026 for Windows®.
When you order purchase Band-in-a-Box® 2026 before 11:59 PM PST on January 15th, you'll also receive a Free Bonus PAK packed with exciting new add-ons.
Upgrade to Band-in-a-Box® 2026 for Windows® today! Check out the Band-in-a-Box® packages page for all the purchase options available.
Happy New Year!
Thank you for being part of the Band-in-a-Box® community.
Wishing you and yours a very happy 2026—Happy New Year from all of us at PG Music!
Season's Greetings!
Wishing everyone a happy, healthy holiday season—thanks for being part of our community!
The office will be closed for Christmas Day, but we will be back on Boxing Day (Dec 26th) at 6:00am PST.
Team PG
|
|
|
|
|
|
|
|
|
|
|
|
Forums57
Topics86,049
Posts799,377
Members40,018
| |
Most Online44,367
Mar 4th, 2026
|
|
|
|
|
|
|
|
|
Dansk
Deutsch - Windows
Español
Français - Windows
Italiano - Windows
Nederlands
Polski
Português
Svenskt
русский
Japanese
Simplified Chinese
Traditional Chinese
Korean