Prius Chat Virus Warning

Discussion in 'PriusChat Website Questions' started by Judgeless, Jun 22, 2010.

  1. Judgeless

    Judgeless Senior Member

    Joined:
    Jun 30, 2009
    1,824
    249
    0
    Location:
    Cleveland, OH
    Vehicle:
    2010 Prius
    Model:
    IV
    I am getting a virus warning when going to pages on Prius Chat again. This happen a few monhts ago and was fixed. It is a differnt warning this time.
     
  2. oxnardprof

    oxnardprof Member

    Joined:
    Feb 27, 2004
    249
    17
    0
    Location:
    Oxnard, CA
    Vehicle:
    2004 Prius
    In my case, the windows media opens up, and Norton warns me of blocking some software. I thinkit was called bloodhound exploit.
     
  3. paprius4030

    paprius4030 My first Prius

    Joined:
    Aug 12, 2004
    2,075
    288
    0
    Location:
    Ormond Beach,Fl.
    Vehicle:
    2012 Prius
    Model:
    Two
    I got the windows media player opening up too. But no virus warning. I just got ride of McAfee and now got AVG, now I wonder how good AVG is. Also yesterday and today I have to log in each time I visit Prius Chat.
     
  4. LeadingEdgeBoomer

    Joined:
    Aug 8, 2009
    292
    28
    0
    Location:
    New Mexico
    Vehicle:
    2010 Prius
    Model:
    V
    Running Firefox 3.6.3 with NoScript enabled. Today, if I try to use the space bar to page down, or use the down arrow to move down a line, NoScript warns me of a Potential Clickjacking Attempt. This only happens on some PriusChat pages.
     
  5. GrumpyCabbie

    GrumpyCabbie Senior Member

    Joined:
    Dec 14, 2009
    6,723
    2,115
    45
    Location:
    North Yorkshire, UK
    Vehicle:
    2010 Prius
    Model:
    III
    Aha, this answers a question for me. Have had Windows media player pop up a few times now.

    :(
     
  6. Judgeless

    Judgeless Senior Member

    Joined:
    Jun 30, 2009
    1,824
    249
    0
    Location:
    Cleveland, OH
    Vehicle:
    2010 Prius
    Model:
    IV
    I bet it has some thing to do with the banner ads. It is still happening.
     
  7. stream

    stream Senior Member

    Joined:
    May 12, 2008
    2,977
    451
    14
    Location:
    Long Island, NY
    Vehicle:
    2010 Prius
    Model:
    V
    I'm using Firefox, and a .pdf file opens periodically. Clearly an issue here.
     
  8. mbartley

    mbartley Junior Member

    Joined:
    Jun 9, 2010
    47
    5
    0
    Location:
    LA County, CA
    Vehicle:
    2010 Prius
    Model:
    III
    I frequently (especially reading this thread, ironically) keep getting an alert in Firefox saying "Additional plugins are required to display all the media on this page."

    I haven't got Windoze Media Player popping up for a while. I never let it play whatever it was trying to display.
     
  9. GrumpyCabbie

    GrumpyCabbie Senior Member

    Joined:
    Dec 14, 2009
    6,723
    2,115
    45
    Location:
    North Yorkshire, UK
    Vehicle:
    2010 Prius
    Model:
    III
    Perhaps it's trying to play a video advert for the new Volt? :D
     
  10. Smirv

    Smirv AkA: Ryan

    Joined:
    Apr 6, 2010
    212
    18
    0
    Location:
    Illinois
    Vehicle:
    2010 Prius
    Model:
    III
    Whew. I was wondering what that was. I get the media player, javscript thing popping up. So is it a virus???
     
  11. macmaster05

    macmaster05 Senor Member

    Joined:
    Sep 27, 2009
    4,020
    708
    5
    Location:
    USA
    Vehicle:
    2010 Prius
    Model:
    Two
    No problems on my mac or iphone.
     
  12. GWhizzer

    GWhizzer not so Senior Member

    Joined:
    Mar 27, 2010
    120
    24
    0
    Location:
    Winnipeg, Manitoba
    Vehicle:
    2010 Prius
    Model:
    N/A
    I too am suddenly getting a warning message that IE is blocking this site from downloading software...
     
  13. stream

    stream Senior Member

    Joined:
    May 12, 2008
    2,977
    451
    14
    Location:
    Long Island, NY
    Vehicle:
    2010 Prius
    Model:
    V
    Here's what Norton says:

    Norton Rating
    CAUTION



    priuschat.com
    Summary
    •Computer Threats:
    2 •Identity Threats:
    0 •Annoyance factors:
    0


    Total threats on this site:
    2
    •Community Reviews:
    0


    [​IMG] [​IMG] Facebook
    [​IMG] Twitter
    [​IMG] Google buzz
    [​IMG] Email



    Web sites rated "Caution" may have a small number of threats and annoyances, but are not considered dangerous enough to warrant a red "Warning". Proceed with caution.
    The Norton rating is a result of Symantec's automated analysis system. Learn more.
    The opinions of our users are reflected separately in the community rating on the right.


    General Info
    Web Site Location [​IMG] United States of America

    Norton Safe Web has analyzed priuschat.com for safety and security problems. Below is a sample of the threats that were found.
    [​IMG]


    Threat Report

    Total threats found: 2

    [​IMG] Drive-By Downloads (what's this?) Threats found: 2
    Here is a complete list:
    Threat Name: MSIE ADODB.Stream Object File Installation Weakness Location: http://priuschat.com/forums/newreply.php?do=newreply&p=1141023&nojs=1

    Threat Name: Direct link to MSIE ADODB.Stream Object File Installation Weakness Location: http://priuschat.com/forums/newreply.php?do=newreply&p=1141023
     
    1 person likes this.
  14. bisco

    bisco cookie crumbler

    Joined:
    May 11, 2005
    85,530
    37,709
    0
    Location:
    boston
    Vehicle:
    2012 Prius Plug-in
    Model:
    Plug-in Base
    I am getting norton antivirus warnings and help/support center flashing on and off.:(
     
  15. Downrange

    Downrange Member

    Joined:
    Apr 15, 2010
    170
    27
    0
    Location:
    VA
    Vehicle:
    2010 Prius
    Model:
    II
    Happening with this forum - any page. Not the chat forum.
    Windows media opens with warning about "trusted content."
    Bet it's an ad!!
     
  16. tickmark40

    tickmark40 New Member

    Joined:
    May 5, 2010
    62
    1
    3
    Location:
    Brownwood, TX
    Vehicle:
    2010 Prius
    Model:
    IV
    I just got the media player pop up. I canceled it and then found this discussion. I
    am running AVG on this computer, don't know why they haven't alerted on this.
     
  17. Smirv

    Smirv AkA: Ryan

    Joined:
    Apr 6, 2010
    212
    18
    0
    Location:
    Illinois
    Vehicle:
    2010 Prius
    Model:
    III
    I ran a scan on my entire compurt with McAffe and it didnt find anything.
     
  18. Mark57

    Mark57 Senior Member

    Joined:
    Aug 14, 2009
    2,608
    2,164
    0
    Location:
    Oklahoma City, OK
    Vehicle:
    2017 Prius Prime
    Model:
    Prime Advanced
    I'm getting all the same variants as most of you as well. If you have media player 9 or below, upgrade to 10 and it will at least give you a prompt that you can cancel the script from running.

    Don't let media player run.

    I get this with both IE and Firefox.

    (spaces inserted in URL's to prevent BBS hyperlink display)
    My first pop-up tries to run http : / / bbbinvestigation.org/ks/40c71965f0fcb1eb7a5df2f164fb2e10.php?eid=746229&b=FireFox&sf=%2F

    And then I get Unable to access jarfile \ \ 188.72.243.224 \ public\ks.jar

    Cports.exe detects a connection to 188.72.243.224.vps.network.paylicense.net:80 while all of this is happening.

    I allowed media player to execute the file on a test box and Microsoft Security Essentials grabbed, cleaned, and reported the Exploit:WIN32/CVE-2010-1885.A from the ks.jar file.

    Here's the link to the Microsoft Malware page. http://www.microsoft.com/security/p...oit:Win32/CVE-2010-1885.A&threatid=2147634138


    Note: Microsoft just listed this as of June 10th so if you have old definition files on your virus software they may not see this one.

    I ran a full scan which found found:

    Name: Exploit:WIN32/CVE-2010-1885.A

    Alert Level: Severe

    Category: Exploit

    Description: This program is dangerous and exploits the computer on which it is run.

    Recommendation: Remove this software immediately.

    Items:
    file:C:\Documents and Settings\zzzz\Local Settings\Temporary Internet Files\Content.IE5\N3M1PMQ4\40c71965f0fcb1eb7a5df2f164fb2e10[1].php
     
  19. Bob64

    Bob64 Sapphire of the Blue Sky

    Joined:
    Apr 9, 2007
    1,540
    84
    0
    Location:
    Virginia
    Vehicle:
    2007 Prius
    Model:
    N/A
    You can use your hosts file to block anything coming from bbbinvestigation.org.
     
    1 person likes this.
  20. jsmithy

    jsmithy Hypermiler and Freedom Lover

    Joined:
    Sep 19, 2007
    75
    15
    0
    Location:
    MO
    Vehicle:
    2010 Prius
    Model:
    II
    Firefox + No Script = Virus/Spyware Smackdown
     
Loading...