Just got a bad Virus from priuschat.com

kicker for the pats?

 

I haven't tried it personally, so I can't say. However, people whose opinions I trust say it's great (I'm happy with Avira for now).

 

One of the last straws for me four years ago that caused me to switch to mac is when I was running firefox and went to a 'bad' web page from a search result. It caused IE to load even though it was not the default browser (it must have been from an obscure mime-type) and attempt to load the bad code and infect my machine.

 

Yep on the above, but there are definitely many other classes of security vulnerabilities beyond buffer overflows.

Although I avoid IE and primarily use Firefox, you also need to make sure the browser, OS and ancillary add-ons/plugins/players are up to date.

Please see Security Advisories for Firefox 3.6 and Security Advisories for Firefox 4, for example. There have been exploits of Firefox vulnerabilities such as Mozilla patches Firefox zero-day bug in 48 hours - Computerworld.

Chrome is unique in that they have a sandbox architecture (Chromium Blog: A new approach to browser security: the Google Chrome Sandbox) but even it is not impenetrable (Google Chrome hacked with sophisticated exploit | ZDNet).

Examples of Adobe Flash exploits:
Update: Attackers exploit critical bug in Adobe's Flash, Reader - Computerworld
Adobe - Security Advisories: APSA10-03 - Security Advisory for Flash Player
Adobe - Security Advisories: APSA11-01 - Security Advisory for Adobe Flash Player, Adobe Reader and Acrobat

 

As long as he keeps his protection up to date, he shouldn't get any viruses. Still, you have to be careful where you play.

 

That was just an example for the uninitiated. As for me, I've never had any trouble with malware on Priidgly pt smuyjomh r;dr t;rs;domh yp yjod doyr

lmn

 

don't be so quick (some of you) to say PC is safe. I've been infected three different times in the past -- oh -- 45 days -- FROM PriusChat, while using the latest and greatest FireFox edition.

As, someone, mentioned, driveby infects can happen. I have the latest security updates. The last time I had to go through a multi-stage process to assure I was free of the beasties.

I only ended up here today by accident. I swore off the site after the last bout of infection.

Thank Heaven for MalwareBytes, Avast and SuperAntiSpyware, which, at least kept the problem undercontrol.

 

rest of your machine?

By "latest and greatest FireFox", how long are you waiting between when they're released and updating to them? Take a look at the security fixes to the 3.6.x branch at http://www.mozilla.org/security/known-vulnerabilities/firefox36.html.

How about the rest of your machine? Assuming you're using Windows, are you having Windows picking up all the critical updates? It's best just set to Windows Update to automatic.

How about add-ons to Firefox? They can potentially be additional attack surface.

How about plugins such as Flash or Shockwave or commonly used apps such as Adobe Reader? See Microsoft plugs 34 holes; Adobe fixes Flash Player bug | InSecurity Complex - CNET News about recently released critical updates.

Prior to the above patches, Adobe released a fix for vulnerability that had already been exploited in the wild (Adobe issues fix for Flash hole being used in attacks | InSecurity Complex - CNET News).

For all we know, any of the above could be the victim of vulnerability for which there is no fix yet (or even worse, where the vendor is unaware of it).

 

Well, that sucks. You're certain it's here that's the problem? I haven't heard of anyone else having such difficulty.

 

Thought I would give a quick update to this. I have had Malwarebytes block ip addresses twice in the last 6 weeks when clicking links from Google to PC.

15:03:26 MACHINE IP-BLOCK 91.226.78.18 (Type: outgoing)

Both times it happened as soon as I clicked on the link in Google. This has not happened to me when going to any other site. I'm confident that I don't have a virus and almost as confident that PC has something that only presents randomly, possibly only on first entry for the day / month whatever, so the administrators can't track it down.

Good Luck all, I don't think I will be coming back.
G

 

I assume you'll come back after you learn how to bookmark a site.

 

I don't know if anyone is noticing any more malware coming from this site

My anti-virus just detected and removed something and the only thing I was doing at the time was browsing this site.

Also please let me know if a "Learn More" popup, when you highlight some text, is showing up for anyone else.

 

No malware here, but I do get the Apture learn more popup when you swipe a word or phrase to copy it, etc. I personally find it annoying. Here's their info. About Apture

Since I don't have it as a Firefox extension, I'm guessing it's been added to the PC site. I've been getting it for some time now.

 

I've been using PC fairly frequently over the past two years and zero malware to report here.

Something I've noticed from fixing many (other peoples) malware infections is that they do often attribute the infection to the wrong source.

Often an attack (typically a "drive-by") will infect a computer at some point in time, but the malware program will not gain full control until the next reboot. So many times it's after a restart and while visiting a completely legitimate site (and sometimes even a different user in the case of a family computer) that the malware is actually noticed.

 

I've gotten a few warnings from AVAST in the last couple of weeks on priuschat and only in priuschat. Not google searches, not other sites, actual threads in priuschat.

Since I browse with a modified hosts file, adblock plus, and antivirus running I don't generally worry about infected threads but since I saw this thread was active I'll toss my two cents in and say there is something in this.

Could be a member's signature
Could be ad server
Could be in individual posts.

Since viewing the same thread twice didn't show the virus a 2nd time I'm assuming it isn't presented on every view or that a moderator cleaned the thread manually between refreshes.

 

I noticed earlier in the month that a java virus seemed tied to banner ads. It hasn't happened since Optima began its site sponsorship last week.

 

Just the other day when I clicked on Forums, MSE popped up saying it stopped something. Until I saw this thread, I didn't think much of it.

 

I would say no need to explain or apologize. It's the nature of the beast. You can't run a site this large without having this issue sooner or later.

I don't think twice about it as an IT professional I've cleaned and prevented more viruses than most.

If I can give you good info the next time I will but doing so might require turning off the AV so I can see the offending code and that takes time and effort so I may just report it so at least someone can look at the logs to see what ads where served around that time.

 

In my case, it had something to do with Java.