1. Attachments are working again! Check out this thread for more details and to report any other bugs.

Just got a bad Virus from priuschat.com

Discussion in 'PriusChat Website Questions' started by GotInfectedHere, Jun 8, 2011.

  1. bisco

    bisco cookie crumbler

    Joined:
    May 11, 2005
    110,184
    50,070
    0
    Location:
    boston
    Vehicle:
    2012 Prius Plug-in
    Model:
    Plug-in Base
    kicker for the pats?
     
  2. Stev0

    Stev0 Honorary Hong Kong Cavalier

    Joined:
    Sep 23, 2006
    7,201
    1,073
    0
    Location:
    Northampton, MA
    Vehicle:
    2022 Prius Prime
    Model:
    Plug-in Base
    I haven't tried it personally, so I can't say. However, people whose opinions I trust say it's great (I'm happy with Avira for now).
     
  3. hampdenwireless

    hampdenwireless Active Member

    Joined:
    Aug 21, 2005
    1,104
    86
    0
    Location:
    Baltimore MD
    Vehicle:
    Other Non-Hybrid
    One of the last straws for me four years ago that caused me to switch to mac is when I was running firefox and went to a 'bad' web page from a search result. It caused IE to load even though it was not the default browser (it must have been from an obscure mime-type) and attempt to load the bad code and infect my machine.
     
  4. cwerdna

    cwerdna Senior Member

    Joined:
    Sep 4, 2005
    12,544
    2,123
    1
    Location:
    SF Bay Area, CA
    Vehicle:
    2006 Prius
    Yep on the above, but there are definitely many other classes of security vulnerabilities beyond buffer overflows.

    Although I avoid IE and primarily use Firefox, you also need to make sure the browser, OS and ancillary add-ons/plugins/players are up to date.

    Please see Security Advisories for Firefox 3.6 and Security Advisories for Firefox 4, for example. There have been exploits of Firefox vulnerabilities such as Mozilla patches Firefox zero-day bug in 48 hours - Computerworld.

    Chrome is unique in that they have a sandbox architecture (Chromium Blog: A new approach to browser security: the Google Chrome Sandbox) but even it is not impenetrable (Google Chrome hacked with sophisticated exploit | ZDNet).

    Examples of Adobe Flash exploits:
    Update: Attackers exploit critical bug in Adobe's Flash, Reader - Computerworld
    Adobe - Security Advisories: APSA10-03 - Security Advisory for Flash Player
    Adobe - Security Advisories: APSA11-01 - Security Advisory for Adobe Flash Player, Adobe Reader and Acrobat
     
    1 person likes this.
  5. hyo silver

    hyo silver Awaaaaay

    Joined:
    Mar 2, 2005
    15,232
    1,563
    0
    Location:
    off into the sunset
    Vehicle:
    2004 Prius
    Model:
    N/A
    As long as he keeps his protection up to date, he shouldn't get any viruses. Still, you have to be careful where you play. :rolleyes:
     
  6. qbee42

    qbee42 My other car is a boat

    Joined:
    Mar 2, 2006
    18,058
    3,075
    7
    Location:
    Northern Michigan
    Vehicle:
    2006 Prius
    That was just an example for the uninitiated. As for me, I've never had any trouble with malware on Priidgly pt smuyjomh r;dr t;rs;domh yp yjod doyr

    lmn
     
  7. cyberpriusII

    cyberpriusII Prodigyplace says I'm Super Kris

    Joined:
    Oct 1, 2009
    1,139
    1,611
    0
    Location:
    Iowa
    Vehicle:
    2008 Prius
    Model:
    N/A
    don't be so quick (some of you) to say PC is safe. I've been infected three different times in the past -- oh -- 45 days -- FROM PriusChat, while using the latest and greatest FireFox edition.

    As, someone, mentioned, driveby infects can happen. I have the latest security updates. The last time I had to go through a multi-stage process to assure I was free of the beasties.

    I only ended up here today by accident. I swore off the site after the last bout of infection.

    Thank Heaven for MalwareBytes, Avast and SuperAntiSpyware, which, at least kept the problem undercontrol.
     
  8. cwerdna

    cwerdna Senior Member

    Joined:
    Sep 4, 2005
    12,544
    2,123
    1
    Location:
    SF Bay Area, CA
    Vehicle:
    2006 Prius
    rest of your machine?

    By "latest and greatest FireFox", how long are you waiting between when they're released and updating to them? Take a look at the security fixes to the 3.6.x branch at http://www.mozilla.org/security/known-vulnerabilities/firefox36.html.

    How about the rest of your machine? Assuming you're using Windows, are you having Windows picking up all the critical updates? It's best just set to Windows Update to automatic.

    How about add-ons to Firefox? They can potentially be additional attack surface.

    How about plugins such as Flash or Shockwave or commonly used apps such as Adobe Reader? See Microsoft plugs 34 holes; Adobe fixes Flash Player bug | InSecurity Complex - CNET News about recently released critical updates.

    Prior to the above patches, Adobe released a fix for vulnerability that had already been exploited in the wild (Adobe issues fix for Flash hole being used in attacks | InSecurity Complex - CNET News).

    For all we know, any of the above could be the victim of vulnerability for which there is no fix yet (or even worse, where the vendor is unaware of it).
     
  9. hyo silver

    hyo silver Awaaaaay

    Joined:
    Mar 2, 2005
    15,232
    1,563
    0
    Location:
    off into the sunset
    Vehicle:
    2004 Prius
    Model:
    N/A
    Well, that sucks. You're certain it's here that's the problem? I haven't heard of anyone else having such difficulty.
     
    1 person likes this.
  10. greylar

    greylar New Member

    Joined:
    May 15, 2008
    283
    38
    0
    Location:
    Montana
    Vehicle:
    2010 Prius
    Model:
    III
    Thought I would give a quick update to this. I have had Malwarebytes block ip addresses twice in the last 6 weeks when clicking links from Google to PC.

    15:03:26 MACHINE IP-BLOCK 91.226.78.18 (Type: outgoing)

    Both times it happened as soon as I clicked on the link in Google. This has not happened to me when going to any other site. I'm confident that I don't have a virus and almost as confident that PC has something that only presents randomly, possibly only on first entry for the day / month whatever, so the administrators can't track it down.

    Good Luck all, I don't think I will be coming back.
    G
     
  11. Stev0

    Stev0 Honorary Hong Kong Cavalier

    Joined:
    Sep 23, 2006
    7,201
    1,073
    0
    Location:
    Northampton, MA
    Vehicle:
    2022 Prius Prime
    Model:
    Plug-in Base
    I assume you'll come back after you learn how to bookmark a site.
     
  12. sipnfuel

    sipnfuel New Member

    Joined:
    Jan 21, 2011
    1,080
    174
    0
    Location:
    So. Cal.
    Vehicle:
    2010 Prius
    Model:
    II
    I don't know if anyone is noticing any more malware coming from this site

    My anti-virus just detected and removed something and the only thing I was doing at the time was browsing this site.

    Also please let me know if a "Learn More" popup, when you highlight some text, is showing up for anyone else.
     
  13. Mark57

    Mark57 2021 Tesla Model 3 LR AWD

    Joined:
    Aug 14, 2009
    2,945
    2,737
    0
    Location:
    OK
    Vehicle:
    Other Electric Vehicle
    Model:
    N/A
    No malware here, but I do get the Apture learn more popup when you swipe a word or phrase to copy it, etc. I personally find it annoying. Here's their info. About Apture

    Since I don't have it as a Firefox extension, I'm guessing it's been added to the PC site. I've been getting it for some time now.
     
  14. uart

    uart Senior Member

    Joined:
    Sep 7, 2009
    4,215
    1,202
    0
    Location:
    Australia
    Vehicle:
    2005 Prius
    I've been using PC fairly frequently over the past two years and zero malware to report here.

    Something I've noticed from fixing many (other peoples) malware infections is that they do often attribute the infection to the wrong source.

    Often an attack (typically a "drive-by") will infect a computer at some point in time, but the malware program will not gain full control until the next reboot. So many times it's after a restart and while visiting a completely legitimate site (and sometimes even a different user in the case of a family computer) that the malware is actually noticed.
     
  15. dhanson865

    dhanson865 Expert and Devil's advocate

    Joined:
    May 24, 2011
    851
    188
    0
    Location:
    TN, USA
    Vehicle:
    2005 Prius
    I've gotten a few warnings from AVAST in the last couple of weeks on priuschat and only in priuschat. Not google searches, not other sites, actual threads in priuschat.

    Since I browse with a modified hosts file, adblock plus, and antivirus running I don't generally worry about infected threads but since I saw this thread was active I'll toss my two cents in and say there is something in this.

    Could be a member's signature
    Could be ad server
    Could be in individual posts.

    Since viewing the same thread twice didn't show the virus a 2nd time I'm assuming it isn't presented on every view or that a moderator cleaned the thread manually between refreshes.
     
  16. seilerts

    seilerts Battery Curmudgeon

    Joined:
    Mar 7, 2010
    3,326
    1,513
    38
    Location:
    Santa Fe, NM
    Vehicle:
    2005 Prius
    I noticed earlier in the month that a java virus seemed tied to banner ads. It hasn't happened since Optima began its site sponsorship last week.
     
  17. El Dobro

    El Dobro A Member

    Joined:
    Jul 12, 2011
    7,033
    3,242
    1
    Location:
    NJ
    Vehicle:
    Other Electric Vehicle
    Model:
    N/A
    Just the other day when I clicked on Forums, MSE popped up saying it stopped something. Until I saw this thread, I didn't think much of it.
     
  18. TonyPSchaefer

    TonyPSchaefer Your Friendly Moderator
    Staff Member

    Joined:
    May 11, 2004
    14,816
    2,498
    66
    Location:
    Far-North Chicagoland
    Vehicle:
    2017 Prius Prime
    Model:
    Prime Advanced
    Allow me to reiterate that Priuschat is a privately owned forum. Unless things have changed, it is not Danny's intention to distribute viruses and infect members' computers. We take notices like this very seriously.

    I'll email Danny to take another look at the advertisers to see if someone might be throwing in some code that might trigger a reaction.

    Moving forward, please report threads that give you issues. It doesn't matter which post you report as long as you type a note something like "I got a virus warning on this thread.". That way we'll know you're reporting the thread not the individual post. We'll probably follow up with you asking about OS, browser, settings, etc.

    As a Mod, I suppose I should apologize on behalf of Priuschat for any inconvenience.
     
  19. dhanson865

    dhanson865 Expert and Devil's advocate

    Joined:
    May 24, 2011
    851
    188
    0
    Location:
    TN, USA
    Vehicle:
    2005 Prius
    I would say no need to explain or apologize. It's the nature of the beast. You can't run a site this large without having this issue sooner or later.

    I don't think twice about it as an IT professional I've cleaned and prevented more viruses than most.

    If I can give you good info the next time I will but doing so might require turning off the AV so I can see the offending code and that takes time and effort so I may just report it so at least someone can look at the logs to see what ads where served around that time.
     
  20. El Dobro

    El Dobro A Member

    Joined:
    Jul 12, 2011
    7,033
    3,242
    1
    Location:
    NJ
    Vehicle:
    Other Electric Vehicle
    Model:
    N/A
    In my case, it had something to do with Java.