Prius Chat Virus Warning

In my case, the windows media opens up, and Norton warns me of blocking some software. I thinkit was called bloodhound exploit.

 

I got the windows media player opening up too. But no virus warning. I just got ride of McAfee and now got AVG, now I wonder how good AVG is. Also yesterday and today I have to log in each time I visit Prius Chat.

 

Running Firefox 3.6.3 with NoScript enabled. Today, if I try to use the space bar to page down, or use the down arrow to move down a line, NoScript warns me of a Potential Clickjacking Attempt. This only happens on some PriusChat pages.

 

Aha, this answers a question for me. Have had Windows media player pop up a few times now.

 

I'm using Firefox, and a .pdf file opens periodically. Clearly an issue here.

 

I frequently (especially reading this thread, ironically) keep getting an alert in Firefox saying "Additional plugins are required to display all the media on this page."

I haven't got Windoze Media Player popping up for a while. I never let it play whatever it was trying to display.

 

Perhaps it's trying to play a video advert for the new Volt?

 

Whew. I was wondering what that was. I get the media player, javscript thing popping up. So is it a virus???

 

No problems on my mac or iphone.

 

I too am suddenly getting a warning message that IE is blocking this site from downloading software...

 

Here's what Norton says:

Norton Rating
CAUTION

Site Owner? Click here ​

priuschat.com
Summary
•Computer Threats:
2 •Identity Threats:
0 •Annoyance factors:
0


Total threats on this site:
2
•Community Reviews:
0

Facebook
Twitter
Google buzz
Email



Web sites rated "Caution" may have a small number of threats and annoyances, but are not considered dangerous enough to warrant a red "Warning". Proceed with caution.
The Norton rating is a result of Symantec's automated analysis system. Learn more.
The opinions of our users are reflected separately in the community rating on the right.


General Info
Web Site Location United States of America

Norton Safe Web has analyzed priuschat.com for safety and security problems. Below is a sample of the threats that were found.



Threat Report

Total threats found: 2

Drive-By Downloads (what's this?) Threats found: 2
Here is a complete list:
Threat Name: MSIE ADODB.Stream Object File Installation Weakness Location: http://priuschat.com/forums/newreply.php?do=newreply&p=1141023&nojs=1

Threat Name: Direct link to MSIE ADODB.Stream Object File Installation Weakness Location: http://priuschat.com/forums/newreply.php?do=newreply&p=1141023

 

I am getting norton antivirus warnings and help/support center flashing on and off.

 

Happening with this forum - any page. Not the chat forum.
Windows media opens with warning about "trusted content."
Bet it's an ad!!

 

I just got the media player pop up. I canceled it and then found this discussion. I
am running AVG on this computer, don't know why they haven't alerted on this.

 

I ran a scan on my entire compurt with McAffe and it didnt find anything.

 

I'm getting all the same variants as most of you as well. If you have media player 9 or below, upgrade to 10 and it will at least give you a prompt that you can cancel the script from running.

Don't let media player run.

I get this with both IE and Firefox.

(spaces inserted in URL's to prevent BBS hyperlink display)
My first pop-up tries to run http : / / bbbinvestigation.org/ks/40c71965f0fcb1eb7a5df2f164fb2e10.php?eid=746229&b=FireFox&sf=%2F

And then I get Unable to access jarfile \ \ 188.72.243.224 \ public\ks.jar

Cports.exe detects a connection to 188.72.243.224.vps.network.paylicense.net:80 while all of this is happening.

I allowed media player to execute the file on a test box and Microsoft Security Essentials grabbed, cleaned, and reported the Exploit:WIN32/CVE-2010-1885.A from the ks.jar file.

Here's the link to the Microsoft Malware page. http://www.microsoft.com/security/p...oit:Win32/CVE-2010-1885.A&threatid=2147634138


Note: Microsoft just listed this as of June 10th so if you have old definition files on your virus software they may not see this one.

I ran a full scan which found found:

Name: Exploit:WIN32/CVE-2010-1885.A

Alert Level: Severe

Category: Exploit

Description: This program is dangerous and exploits the computer on which it is run.

Recommendation: Remove this software immediately.

Items:
file:C:\Documents and Settings\zzzz\Local Settings\Temporary Internet Files\Content.IE5\N3M1PMQ4\40c71965f0fcb1eb7a5df2f164fb2e10[1].php

 

You can use your hosts file to block anything coming from bbbinvestigation.org.

 

Firefox + No Script = Virus/Spyware Smackdown