Menu
What's New
By:
Filters

Currently getting Hack Attacked

I'm glad the forum is back to normal now.

I have had strange occurences this morning on my PC. After I visited the forum a few hours ago I kept getting the message that xxxxxx.exe had stopped responding (always 6 characters, seemingly random). I started to note the names down: fmlwms.exe, bgkbjh.exe, bdjvzt.exe, pktqfn.exe, glnbhr.exe. My first thought was some sort of malware/virus. I got no results googling the names.

The last one, glnbhr.exe kept on restarting when I killed it. I couldnt delete it, even with File Assassin. (Even more like a virus, I thought)

Nothing picked up with scans using Malwarebytes, Ad-aware, Sophos anti-rootkit, Microsoft Security Essentials and a couple of online scans using Trend Micro and Kaspersky.

Now, having tried everything I know to get rid of it without success, the file has disappeared on its own from the task lists and has also gone from the temp folder where it was located! At exactly the same time, I stopped getting the warning page with EF.

I'm not very technically able in these matters but it seems a strange coincidence :scratch2:
 
711 said:
Addressing a security issue that affects all members is indeed much more urgent than dealing with an account issue of someone that was banned for registering multiple accounts.

I have replied to your PM now.
Click to expand...

Of course it was !
Anyone thinking or suggesting otherwise would be a complete idiot.

Pitty this is what it took to make you respond.
 
Last edited:
SvenP said:
I'm glad the forum is back to normal now.

I have had strange occurences this morning on my PC. After I visited the forum a few hours ago I kept getting the message that xxxxxx.exe had stopped responding (always 6 characters, seemingly random). I started to note the names down: fmlwms.exe, bgkbjh.exe, bdjvzt.exe, pktqfn.exe, glnbhr.exe. My first thought was some sort of malware/virus. I got no results googling the names.

The last one, glnbhr.exe kept on restarting when I killed it. I couldnt delete it, even with File Assassin. (Even more like a virus, I thought)

Nothing picked up with scans using Malwarebytes, Ad-aware, Sophos anti-rootkit, Microsoft Security Essentials and a couple of online scans using Trend Micro and Kaspersky.

Now, having tried everything I know to get rid of it without success, the file has disappeared on its own from the task lists and has also gone from the temp folder where it was located! At exactly the same time, I stopped getting the warning page with EF.

I'm not very technically able in these matters but it seems a strange coincidence :scratch2:
Click to expand...

I think you should try again with some anti-virus program, the programs you mentioned are all for specific tasks and not really for viruses. The online scans are good, but not really as good as a virus scanner running on your maschine. The programs you entioned are all quite good, but when you know you had something and they do not find it, it is better to try some other solutions.

Avira has a good find rate and a very good free scanner.
Also maybe try out Spybot ( http://www.safer-networking.org), it is also good for blocking "bad sites".

The files that where downloaded was a trojan form 2007, quite possible the noob that did the attack did not make the scripts correctly and the files did not nest themselves, but allways be better on the sure side.
 
Yep - EF all better now :)

Another website I spend a bit of time on fantasticcontraption.com has also been affected, but not removed off the dodgy list yet.

So, I suspect a fair few other sites have also been subject to this OpenX messup.
 
garci said:
i don't have any antivirus, do i have to make a check with one then ?[/QUOTE

AVG Free Edition is one of a host of free AV programs available for download. Or the new Microsoft Security Essentials suite. If you don't use a AV program you are open and vulnerable. I'm sure many have told you before.
Click to expand...
 
711 said:
Since it appears many people are not actually reading the thread before posting, I will repeat the post I made earlier:
___________________________________________________

Those browser warnings are still happening because Firefox references Stopbadware.com's list of suspicious sites, which is not maintained in real-time.

The entropiaforum.com domain was listed in Stopbadware's database of problematic websites due to the issues that happened yesterday, and which were resolved quite a few hours ago.

EntropiaForum is scheduled for an updated review by Stopbadware, as can be seen here:
http://www.stopbadware.org/reports/7d25fbe2410ccaf8cc9f432274dfd69a

Stopbadware review of entropiaforum.com/ in progress as of Mar 21st 2010​


Also, I have submitted a similar review request to Google's Safe Browsing diagnostic tool (which is also one of Stopbadware's data suppliers).

Once those two reviews come back clean, I expect that the warnings appearing in Firefox will cease.

If you want a bit of reassurance that the EntropiaForum website is now once again completely safe, please feel free to test any EF page using McAfee's real-time SiteAdvisor tool, which scans the requested URL for malware or other harmful content each time the form is submitted:

http://siteadvisor.com/sites/entropiaforum.com
Click to expand...

Great and fast job mate, thanks for this :)
 
"Rill" said:
garci said:
i don't have any antivirus, do i have to make a check with one then ?[/QUOTE

AVG Free Edition is one of a host of free AV programs available for download. Or the new Microsoft Security Essentials suite. If you don't use a AV program you are open and vulnerable. I'm sure many have told you before.
Click to expand...

And one should really emphasise, that an anti-virus program is a _MUST-HAVE_ program that should allways run when the computer is on. Anything else is like driving in the middle of the night on a curvy road without lights on and without seatbelt.
Click to expand...
 
I got a warning.

I did not believe it.

Al it takes is a bit of "DOS" type work, and a safe site will get flagged "unsafe".

A bit like the way paediatrics gets confused with paedophilia.
Both start the seam, Pead...
 
Confirming no warnings this morning on FireFox. :yay:

Thanks 711 for all the explanations of what happened and the quick fixes! :wtg:

YOU ROCK! :)
 
Wow! Crazy what people will do huh..Do a port scan and see whats open. If you have some open that dont need to be then close the port. Update everything on your computer..Especially Adobe..If your using XP time to get 7..I dont use virus programs though since it can work against you and i dont have a firewall either..Im using truCrypt on my HD
 
Last edited:
Avast! Antivirus reports JS:Prontexi-AD [Trj] on EF

Not sure if this is a false positive, or if something is coming in on google ads.

Forum mods or admin, might want to check it out.

AG
 
It's back here.
I have EF asking to open Adobe again.
 
Is this a false positive or is something messed again?

Just got home from work and everytime I hit a page getting this popup from avast:

[br]Click to enlarge[/br]
 
Avast! Antivirus reports JS:prontexi-AD [Trj] on EF
Click to expand...

JS:Porntext-AD? :eek:



sry for the off-topic :ahh:


Not getting it, but several others have reported getting virus reports @ EF during the last 2-3 days :scratch2:
 
Yep, Rockchick just got a AVG Safething warning, but on a refresh not getting it now.
 
I'm getting the exact same thing. You can also see the "bad" url in the bottom left on internet explorer, but it goes by so fast I can't see it well.
 
I tried to go to whendone.net but its flaged.

I'm just gonna leave EF blocked with noscript for now.
 
Yep, I saw a similar warning about 20 mins ago. I aborted, then came back with no warning on my second connection to EF.

It was as a warning re: another site, likely being referenced in an add which I unfortunately did not record.
 
going to the EF home page seems to make the Java Platform to launch. I get the little icon popping up in the toolbar whenever I open EF now.
 
Just got a warning from Google about entropiaforum here a few minutes ago (like what was happening a few days ago).

I'm running Chrome.
 
safara said:
Yep, Rockchick just got a AVG Safething warning, but on a refresh not getting it now.
Click to expand...

Same here... THREAT! then no threat.....

Think my PC is stoned.



Hurrikane
 
Please check the front page again, the warnings should now be gone.
 
EF is fine and safe, content included from other sites is not.

firefox and noscript, problem solved.
 
geting this now as soon i enter EF

geting this now as soon i enter EF

it starts a adobe reader doc and Nod 32 kills it this is what it says

ip nr and so on


 
711 said:
Please check the front page again, the warnings should now be gone.
Click to expand...

Yeah the avast warning is gone, but the adobe pop up and parser error thing is back.
 
Also reporting avg block.

[br]Click to enlarge[/br]
 
Neo, it seems you still have a problem here. Get those adds off the site asap and fix them later. It is your responsibility to keep the people safe !!!!

OR

Get the site offline all together !!!!!!!
 
You must log in or register to reply here.
Back
Top