1. Please take 30 seconds to register your free account to remove most ads, post topics, make friends, earn reward points at our store, and more!  

TalkBass PC Threat?

Discussion in 'Forum Usage Help' started by mrjim123, Apr 25, 2010.


  1. standupright

    standupright

    Jul 7, 2006
    Phoenix, AZ
    Brownchicken Browncow
    I'm getting the Bloodhound.PDF!gen every day while on talkbass, with only talkbass open in a browser.


    edit : I run Symantec with autoprotect (which is what catches it), I also run malwarebytes. Neither one finds any infection when full scans are performed.
     
  2. Joshua

    Joshua WJWJr Staff Member Gold Supporting Member

    Aug 23, 2000
    Connecticut
    This happened to me last night too. I believe I had just clicked on The Family Guy thread in the lobby (first new post which I believe led me to the second page). I'm at work now and don't want to risk the infection if something is there (or I'll have to clean it up!) or I'd post the url...
     
  3. TheVoiceless

    TheVoiceless

    Jun 11, 2008
    New Jersey
    On 4/25/10 my computer received a trojan from Talkbass. I was away from my PC when it happened
     
  4. PhatBasstard

    PhatBasstard Spector Dissector Supporting Member

    Feb 3, 2002
    Las Vegas, NV.
    :eek:
     
  5. ryco

    ryco

    Apr 24, 2005
    97465
    

    ;)
     
  6. +1 :smug:
     
  7. Hey! Ain't no one writing viruses for the Amiga either.:smug:
     
  8. paul

    paul Staff Member Founder Administrator

    Jul 20, 2000
    Texas
    Ok, found the source of all the "trojans"... Google Adsense. We use google adsense (as do many many other internet sites) to fill unsold ad inventory. Some antivirus software reports google's javascript as a trojan. This is not the case, as the antivirus companies are now reporting it was a 'false positive':

    http://www.google.com/support/forum/p/orkut/thread?tid=41620f433ecdb326&hl=en

    http://support.kaspersky.com/kis2010/error?qid=208281219

    Quote from the company: "Update: To fix Trojan.JS.Redirector.ar (false alarm ) update your Kaspersky virus database and it should fix the problem."
     
  9. standupright

    standupright

    Jul 7, 2006
    Phoenix, AZ
    Brownchicken Browncow
    were you able to find anything on the bloodhound threat?
     
  10. Thanks, Paul.
     
  11. MIJ-VI

    MIJ-VI Banned Supporting Member

    Jan 12, 2009
    http://www.symantec.com/security_response/writeup.jsp?docid=2010-031521-1825-99

    Bloodhound.PDF!gen
    Risk Level 1: Very Low

    Discovered: March 15, 2010
    Updated: March 15, 2010 10:04:49 PM
    Type: Trojan
    Systems Affected: :eek: Linux, Solaris, Windows 2000, Windows 95, Windows 98, Windows NT, Windows Server 2003, Windows Vista, Windows XP

    Bloodhound.PDF!gen is a heuristic detection of potentially malicious files, which may exploit vulnerabilities in Adobe Reader in order to perform further malicious actions.

    Antivirus Protection Dates

    * Initial Rapid Release version March 15, 2010 revision 034
    * Latest Rapid Release version March 15, 2010 revision 034
    * Initial Daily Certified version March 15, 2010 revision 040
    * Latest Daily Certified version March 15, 2010 revision 040
    * Initial Weekly Certified release date March 17, 2010

    Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
    Threat Assessment
    Wild

    * Wild Level: Low
    * Number of Infections: 0 - 49
    * Number of Sites: 0 - 2
    * Geographical Distribution: Low
    * Threat Containment: Easy
    * Removal: Easy

    Damage

    * Damage Level: Low

    Distribution

    * Distribution Level: Low

    So much for basking in an Ubuntu install: Linux malware
     
  12. paul

    paul Staff Member Founder Administrator

    Jul 20, 2000
    Texas
    The only thing that I can think of is Google Adsense. Recently Google started sub-contracting with other ad networks, allowing "Google Certified 3rd Party Ad Networks" to display ads on the Adsense platform. Google maintains that each network is QC'ed and verified, but with over 100 3rd party ad networks putting ads through, I bet a few bad apples make it through.

    I've set our Adsense account to disable all 3rd party ad networks, so only campaigns originated through Google Adwords will show on TalkBass (plus ads that we sell and verify in-house).

    Let me know if you get any further alerts, and if so, as much detail as you can provide would be great (specific URL's etc).

    Thanks!
     
  13. i tried opening this link
    https://www.talkbass.com/forum/showthread.php?p=875583

    and got this warning by firefox
    am able to browse tb pages otherwise though
     
  14. MIJ-VI

    MIJ-VI Banned Supporting Member

    Jan 12, 2009
    I just got the same Firefox warning from that first link.
     
  15. PhatBasstard

    PhatBasstard Spector Dissector Supporting Member

    Feb 3, 2002
    Las Vegas, NV.
    From IE8:
    Problem with the website's security certificate.
    Navigation blocked.
     
  16. admin guys, is it with the possible links in this thread or there is some security issue with tb pages now and then? is there a real threat? :eek:

     
  17. paul

    paul Staff Member Founder Administrator

    Jul 20, 2000
    Texas
    The URL of that link is incorrect - TalkBass needs to be accessed with http://www.talkbass.com/....etc and NOT https://www.talkbass.com/etc/etc

    You're telling your browser to access TalkBass via secure encrypted connection when you use https (which you always want to do when submitting your credit card info, SS#, or any other info to any website), but for board posts it's unnecessary. And so we don't pay the $$$$ for a signed certificate, and therefore your browser gives you that warning when you use https.
     
  18. MIJ-VI

    MIJ-VI Banned Supporting Member

    Jan 12, 2009
    I just learned something new. ^ :)
     

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.