Attention: AVG Virus alert on EEVblog.com!

[alm]

My money is on a trojan/virus collecting stored passwords that were stored unencrypted. I believe Dave was using FileZilla? Based on this bug report, I would never store important passwords there. Use a real password manager like KeePass.

I have handled a similar case a few years. A server of a client offering shared hosting was compromised. Malware was being uploaded to different customer accounts. My conclusion after examining the server was that this was because they had access to the FTP passwords, most likely harvested from the computer of owner of the company (who was the only one with access to all the different accounts). The owner disagreed and hired another expert, and ended up reinstalling his computer and installing a bunch of virus scanners. I believe he was also using FileZilla.

[Monkeh]

Yes, despite the excellence of Filezilla as a client, the author is most stubborn on this matter.

[Alana]

I'd check Dave's home computers with something like this http://www.safer-networking.org/mirrors16/
Boot to "safe mode with network acess", download, update, scan. From what was said here there may be a good chance there is a virus/trojan on one of those machines.
Spybot is good because it provides "immunize" tool that blocks all the usual malware servers on browser and hosts file level. For me first and quite reliable line of defense.

And for spybot - i'd not trust spybot2.0 yet - i dislike antiviruses or antimalware programs that use cloud computing. You do not know what is actually going on there...

[G7PSK]

Could it have done with a photo or a GIF that Dave has taken up recently or perhaps something else from an already compromised computer or net work.

[justanothercanuck]

I'd check Dave's home computers with something like this http://www.safer-networking.org/mirrors16/
Boot to "safe mode with network acess", download, update, scan. From what was said here there may be a good chance there is a virus/trojan on one of those machines.
Spybot is good because it provides "immunize" tool that blocks all the usual malware servers on browser and hosts file level. For me first and quite reliable line of defense.

And for spybot - i'd not trust spybot2.0 yet - i dislike antiviruses or antimalware programs that use cloud computing. You do not know what is actually going on there...

SSD and MBAM aren't as good as they used to be several years ago.  If the machine doesn't have MSE (or if something slips past it), I run MBAM, because it still picks up a few things.  After that, I try Microsoft's MRT (which is a stripped down MSE, go figure)...  If it still won't go away, I try Sophos Anti-Rootkit.  Failing all of those, just reinstall the thing, it's not worth the hassle of running all these programs, when a reinstall takes a few hours vs a few days of screwing around with removal tools. 

[vk6zgo]

Firefox decided it would be a lovely idea to present EEVblog in "huge" format.
I didn't ask it to do this--it just suddenly happened

[CTRL] + [ 0 ] to reset. 

Don't drink & Browse. LOL   

The interesting thing,Unc, was that only EEVblog got the "huge" treatment--everything else was OK!
Easy enough to fix,true,but still it looks like it was associated with the original happening.

[madires]

It seems to you that it's just html files.. but.. it isn't like that..

It is on eevblog.org
There is one index.html file, and one subdirectory with just video files in it.
Nothing else, no wordpress, no templates, no .htacess, nothing.

If you run several websites on the same server all can be compromised if only one has a security hole. There are solutions to prevent an intruder to access the other document directories, but they slow down the web performance and add complexity. Another problem is the dimissed save-mode feature of php. It allowed to lock down dangerous functions/features to protect a shared server (especially access to the filesystem outside the webspaces).

[Sionyn]

interesting article about software as service to sell crimeware and exploits to criminals to compromise websites for profits
unsurprisingly there is no honour amongst thieves

[SeanB]

Just look at the current issue of Security now, describes Dave's issues to a "T".

http://twit.tv/show/security-now/398

and listen/watch it