Just got a bad Virus from priuschat.com

If you can boot up in safe mode, try to then perform a system restore to a previous date. I got hit the same way a few months ago (on a different site) and this took care of it for me (after paying someone to do it for me as I did not think to boot in safe mode and the virus would not allow me to access the internet, the system restore function, the task manager, etc.).

Also, after fixing the problem, I downloaded avast! antivirus protection software for free and it has keot me safe (several times on this site, at least).

Good luck.

 

from p/c? no way harry!

 

You can't get a virus without downloading. You didn't get it from PriusChat.

 

How do you know it's because of that same page? It could be from something else. Usually viruses don't get on our computers without some sort of user involvement. That is, you can't really get a virus if the user isn't actively downloading and opening some weird file.

I just opened that link you posted and I'm completely fine. You sure you didn't open some attachment in an email recently? downloaded a file recently? installed some sort of program recently? etc?

If not. Then the only other possible explanation would be a direct attack on your computer by a hacker.

 

Another possibility is that you had a scheduled virus scan, or you were downloading a windows update and the computer decided to restart on its own (which is consistent with closing all your windows and running apps)

 

Of course you can. It happens due to flaws in windows and the web browsers. While macs have been problem free for a long time, there is now malware that can even download on a mac though it does not install automatically.

The virus probably did not come from PriusChat though.

 

that's because it's a mac. they don't require user involvement with their OS's security flaws. windows has been attacked so much that it rarely happens

 

Not necessarily, some require no user intervention.

See W32.Blaster.Worm Technical Details | Symantec or [ame="http://en.wikipedia.org/wiki/Code_Red_worm"]Code Red (computer worm) - Wikipedia, the free encyclopedia[/ame], for example.

For Code Red, on those versions of Windows, IIS was enabled by default and if memory serves, so was the vulnerable service. I remember some of my legitimate web servers at work seeing HTTP requests in the IIS logs from infected machines elsewhere on the network of the form:

Another example where just visiting a page is enough (on an unpatched machine): Unpatched Java hole exploited at lyrics site | InSecurity Complex - CNET News.

 

Then, before going back on line, go to Windows Update, Change Settings, and turn off Automatic Updates. Otherwise, that 'virus' is likely to reappear again very quickly, regardless of what websites you visit.

Microsoft did push out another Windows Defender definition update yesterday. This posting reminded me to fix my autoupdate setting, which somehow got corrupted recently.

 

yes... key word is usually. i can't imagine priuschat would be suspect without some sort of user intervention. it doesn't use java

 

I wouldn't be so confident in the word usually for that anymore. A lot of the virus, worms, malware, etc. exploits vulnerabilities in browsers and Flash. The only user interaction might be to visit a page. Priuschat is pulling in 3rd party content for the ads.

Glance thru all the critical vulnerabilities at Security Advisories for Firefox 3.6. I'm sure a good percentage could be exploited by specially crafting a page or the proper content and not have any sort of file download dialog come up.

Here's one that shouldn't require any user intervention other than visiting a malicious page: Microsoft warns IE flaw is being exploited | IT PRO.

 

Whenever I do a Google PriiusChat search I get a Win32Trojan virus that my Microsoft Security Essentials catches. It just happened to me again yesterday as I forgot to NOT USE Google search on PriusChat. I suspect the virus may lurk deep within my subdirectories and only manifest itself during this Google search. Also, a "Java Script" run wants to activate. Crazy, but it happens consistently.

 

I have had my software go haywire here several times, there can be a script in an ad that will jack you up.

I use adblock now.

 

don't browse web from account with admin privileges, if you don't create non-admin account
use NoScript plugin.

 

There are many ways to infect a computer without requiring explicit downloading. Some of these involve code inserted into images, others are scripts. The general term for this sort of method is called "drive by", since the infection occurs as the user drives by a page, or views it.

Many of these nasties work through buffer overflows. Think of a data structure in a program as a table. Most of them have a fixed length, so they can only store so many digits. A cleverly crafted image or other object can be made to overflow the table and spill into the next data structure, thereby inserting executable malware into a program. This is prevented by checking for data overflows, but much code is written without safeguards.

Tom

 

Firefox, Chrome, Opera, and just about every other browser has protection against drive-by viruses. There's only one that openly embraces them (Internet Explorer). If you're running a good Virus Protection package (if it came with your computer, and/or if it's McAfee or Norton, it's not good) and you're running a good browser (not IE), you should be safe.

 

What's your opinion of Kaspersky?