PDF virus while browsing

Just letting you know that my computer was struck by a virus attempt twice in the last half hour while browsing the message boards. I may have accidentally clicked on an embedded ad the first time (I have a touchpad) while browsing “about this message board” but the second time I definitely did not click on an ad, it just happened on the main screen of “mspisms”.

The virus activated my Adobe PDF which opened and then closed. I went to task manager and shut down Abrobat.exe to stop it. Also, my antivirus software popped up saying that it had Quarantined something called “Bloodhound.PDF.18”

Something similar happened about a month ago but there was already a thread here on the topic. At that time I was less lucky, it basically crashed my computer and I had to use the System Restore function to get it back.

I’m sorry if this was posted in the wrong place - feel free to move/delete this message if needed.

Thanks so much for your attention.

PS - in case it matters, I was using Google Chrome.

Yep–same thing just happened to me, and I sent a report to Tubadiva. I suggest you do the same.

I’m copying what Ed had to say on this the last time – the same criteria still applies – we still need your help to get this resolved.

As you copy Ed please copy me as well (TubaDiva at aol dot com). Even though it is Christmas we’ll do what we can.

Ed said:

We’re not sure what’s up here. The ads that led to the previous round of problems have not resumed - this is something new. If an ad on the SDMB has given you problems, please provide the following info if possible:

  1. Time/date of occurrence.

  2. Screenshot of the questionable ad (on PCs you can do this with Alt-Print Screen, then copy into Word, Paint, etc.), or a description of the ad.

  3. Description of what happened. Did you click anything? If you were redirected, what URL were you directed to? Describe any related window or pop-up.

  4. What page or thread were you on when this happened? What was the URL of the thread?

Send to edzotti at aol.com.

Thanks. Sorry for any inconvenience.

FWIW, here’s some info on “Bloodhound.pdf.18”

http://en.securitylab.ru/viruses/388048.php

And a possible fix:

http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-112319-2356-99&tabid=3

To clarify:

  1. We had problems with an advertiser earlier this month and stopped his ads. The advertiser was cooperative and provided us with access to his ad server. We noticed some of his ads used nag screens. We said we would not resume running the ads until the nag screens were eliminated. The advertiser agreed to do so. While we were uncertain whether this was the source of all reported problems, nothing else appeared amiss. Since the initial complaints surfaced almost immediately after the campaign started, we decided we would resume the ads and monitor the situation. We did this around midday Tuesday. No issues had been reported by close of business Wednesday, leading us to think the situation had been resolved.

  2. We’ve had a couple reports of malware today. However, the problems appear to be different from those seen earlier. We’ve learned of malware issues in connection with Google AdSense ads, which we also run and which are separate from the ads above. See:

http://www.google.com/support/forum/p/AdSense/thread?tid=598c832266ba516b&hl=en

These problems were reported a couple weeks ago, roughly around the time of our initial round of complaints. Our offices are closed and I have virtually no tech resources reachable at the moment due to the holiday. I don’t have the ability to stop ads myself. If you have problems, please report them here in detail. I’ll try to keep an eye on things given the very limited time I have and if things really go south will try to raise someone. I apologize for any inconvenience.

But hey, the ads are for virus and trojan removers. How lucky!

What ads?

At least we are not alone: