Malware warning

Amber Knightley

Prowler
Joined
Aug 4, 2010
Posts
1,443
Society
Sons of Anarchy
Avatar Name
Amber Blastie Knightley
I just visited Entropedia and Avast blocked some malicious shit.
Please stay alert!

No clue where it came from but right now I'm suspecting it might have come via EntropiaBay/PEAuction...
 
Nope, not paypal. It was a different URL.
 
I got it again today, looking up the A103 amp... (made the link unclickable intentionally)
http://www.entropiawiki.com/Info.as...y/files/3/8/6/8/5/entropediamalware.jpg[/IMG]
 
A good start is to stop using super exploitable firefox and switch to Internet Explorer or Chrome instead.

When I try firefox I get the exact same warning. When I use Internet Explorer or Chrome, everything is fine.

Firefox is the top #1 most insecure web browser currently with a record breaking 270 known security holes in year 2014.

Page 13 in secunia report:

https://secunia.com/?action=fetch&filename=secunia_vulnerability_review_2014.pdf
 
Last edited:
I use Firefox, but with BitDefender instead of Avast.
I'm not getting a warning on that page.

Is it only Avast? That antivirus has a history of false positives.

Virustotal.com for eg shows the url you gave as a 'clean site' for all listed anti-virus programs.
 
Using firefox is like asking for problem :D
 
A good start is to stop using super exploitable firefox and switch to Internet Explorer or Chrome instead.

When I try firefox I get the exact same warning. When I use Internet Explorer or Chrome, everything is fine.

Firefox is the top #1 most insecure web browser currently with a record breaking 270 known security holes in year 2014.

Page 13 in secunia report:

https://secunia.com/?action=fetch&filename=secunia_vulnerability_review_2014.pdf

Why suggest IE or Chrome?
Looking at the report you should have suggested Opera :)
 
Why suggest IE or Chrome?
Looking at the report you should have suggested Opera :)

Yes, but the problem with Opera is that it has many multimedia limitations. A "modern" user often experience that not everything is supported by this browser.
 
Please for the love of batman dont advice people using internet explorer.

Chrome and Opera are both awesome.
 
Please for the love of batman dont advice people using internet explorer.

Chrome and Opera are both awesome.

Internet Explorer is a far more superior to Firefox, which is the only reason I suggested them both. I use Chrome myself, even if it's ranked lower in security than Internet Explorer. There's really nothing wrong with a fully updated IE. It has great security.
 
Internet Explorer is a far more superior to Firefox.

Except for the fact the it's by far the slowest one, a memory whore and takes a dump on web standards everytime you use it.

Please don't use internet explorer.

Chrome = excellent browser, on that we agree.

PS: Anyway, read a bit of history. In the past IE had the absolute worst, and most critical holes any browser has ever had. I can still remember the activex attacks era :(

PS2: Actually, I'm gonna have to correct myself here. The latest versions of IE have adressed the memory problem. Still a disaster with standards and my previous PS still stands. I wouldnt recommend using IE to anybody :)
 
Last edited:
Except for the fact the it's by far the slowest one, a memory whore and takes a dump on web standards everytime you use it.

Please don't use internet explorer.

Chrome = excellent browser, on that we agree.

PS: Anyway, read a bit of history. In the past IE had the absolute worst, and most critical holes any browser has ever had. I can still remember the activex attacks era :(

Yes, IE is slower due to it's anti-malware sandbox technology. It's a trade off between speed and security. IE has a heavily tainted history, it is true, but looking at the past 5 years IE has actually been in the top 2 of most secure browsers.

Private I use Chrome because it is fastest and most convenient, at work we use IE as it is enterprise classified regarding to security, which Chrome is not.

Chrome is an excellent alternative to IE and a superior alternative to Firefox for home users.
 
Ahh, Secunia. They are for years known for their biased MS-loving reports.

However Internet Explorer has its uses - it's a great Chrome downloader on freshly installed systems.
 
Ahh, Secunia. They are for years known for their biased MS-loving reports.

However Internet Explorer has its uses - it's a great Chrome downloader on freshly installed systems.


Well the report is based on official statistics. You can download a similar report from Symantec and it's gonna be the same results.
 
I know why - Avast!

Windows Defender/Live Essentials :wtg::wtg:

McAfee - Literally a virus. This is the most pre-installed anti virus software out there. Common problems with this AV include the inability to access the internet through browsers, decreases in performance, especially browser performance if the McAfee extension is installed, and Operating System file corruption.

Norton - An AV good at detecting viruses with everything going against it. Norton is pretty good at scanning and removing viruses. The pros stop there. When norton expires, it deactivates it's real time web protection which also stops your internet from working. I have seen it use more than 50% of system resources when scanning and can idle at 10%. The uninstaller rarely works on systems that have had norton on them for a while. Comes with a lot of its own adware like useless password managers and backup software. The backup software will often back up your computer to itself filling your HDD.

AVG - not very good at protecting you from viruses. Huge startup impact. Uses a fair amount of system resources. Often requires removal tool to get rid of it. Corrupts system files often. Never wants to update itself.
Avast - Has a good basic virus scanner. For some reason, more blue screen issues are caused by avast than any other anti virus. If you're having BSOD issues or issues with drivers or programs that are unexplained, it's usually avast.

Hitman Pro - This AV (scan and remove only) has an insane detection and removal record. If no other anti virus can fix your computer, and you really don't want to reformat, Hitman Pro is the scanner to go with.
Malware Bytes - Very good at finding and removing browser malware and less serious malware and infections. Very good at cleaning out infections like Search Protect and Trovi. No the best at getting rid of more serious infections. Warning, this will usually delete all of your internet cookies.

Trend Micro - Causes weird issues with program installs and drivers. Real time protection can disable internet access if it screws up. If this av is causing problems it usually has to be removed with a removal tool. Not the best detection rates.

Kaspersky - Updates take forever. Huge startup impact. Very good detection with virus scanner. Pretty heavyweight and uses a lot of system resources. Worst password protector/manager ever created bundled with basic software.

Webroot - Extremely lightweight with very good detection. Uses at most 3% of your computer's resources. Probably the only AV that doesn't seem to cause OS or internet issues. Does not pop up asking you to buy things, doesnt come with any stupid addons. Probably my favorite AV for people who want a third party AV. Good for gamers and power users.

Windows Defender - All you really need. Since hitting "Yes" to install ShopFromHome and Search Protect on that youtube download installer will bypass any anti virus, there's really no reason to spend money on a third party antivirus if you're smart enough to not click on these things in the first place.

Avira - Fairly light weight AV. Probably the best free AV out there if you don't mind xing out of the add every day. I usually install this on family computers if they're prone to getting infections.
Editing some common questions down here...

For Macs - I would go with something lightweight since Macboook airs and the new Macbook don't have the system resources of your typical windows computer.

Microsoft Security Essentials - See Windows defender as they are closely related.

Source: https://np.reddit.com/r/buildapc/co...est_antivirus_to_go_on_a_new_computer/ctamthw
 
Could it be "entropiabay" that is the problem?

It seems that entropedia includes a picture from entropiabay, but entropiabay domain has expired so it's been taken over by a domain hogger that serves ads on it.

A suggestion is to remove all inline content linking from entropiabay.

by some quick looking it looks like p2.dntrax.com is an ad server possibly linking to bad content, and an url simular to what you wrote (as malware) leads to www,webseärchers,nët.

(Tried the website on a computer that needs to be reinstalled in 16 days anyway)

Code:
192.168.43.4 - - [04/Aug/2015:17:16:51 +0200] "GET http://www.entropiabay.com/digitalenvisionsandbox/MyGraph.aspx? HTTP/1.1" 302 283 "http://www.entropiawiki.com/Info.aspx?chart=Attachment&name=Omegaton_A103" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.125 Safari/537.36" TCP_MISS:HIER_DIRECT
:
192.168.43.4 - - [04/Aug/2015:17:16:52 +0200] "GET http://ww1.entropiabay.com/ HTTP/1.1" 200 9042 "http://www.entropiawiki.com/Info.aspx?chart=Attachment&name=Omegaton_A103" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.125 Safari/537.36" TCP_MISS:HIER_DIRECT
:
:
:
:
:


Lol what's this? "assets.sewanee.edu" (got it in a forum post here)

Code:
192.168.43.4 - - [04/Aug/2015:16:58:59 +0200] "GET http://assets.sewanee.edu/lib/ico/youtube-16x16.gif HTTP/1.1" 200 718 "https://www.planetcalypsoforum.com/forums/showthread.php?276281-Malware-warning&p=3400548" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.125 Safari/537.36" TCP_MISS:HIER_DIRECT
:
:
:

Edit
According to https://isc.sans.edu/forums/diary/How+Victims+Are+Redirected+to+IT+Support+Scareware +Sites/19487/ it seems to be some scheme, related to "scareware" or scamming websites, beloning to "Name Management Group".

Scareware scam:
 
Last edited:
Prolly due to peauction,even google flag it.

peauction.jpg


Problem with all this sites, entropedia included is that their owners gave up.
 
Thanks aia and xian for the input.
Finally some feedback that is on topic :D which also is with me on this one.

As for what you guys talk about, what I can see that isn't loading is indeed one of the pictures from these shut down sites.
Hopefully some dev can exclude them from Entropedia eventually, as well as links to these sites...
 
Back
Top