HuntingNut
HuntingNut
   Login or Register
HomeCommunity ForumsPhoto AlbumsRegister
     
 

User Info

Welcome Anonymous


Membership:
Latest: RichardZ
New Today: 0
New Yesterday: 0
Overall: 13126

People Online:
Members: 0
Visitors: 214
BOT: 1
Total: 215
Who Is Where:
 Visitors:
01: Home
02: Forums
03: Forums
04: Forums
05: Photo Albums
06: Forums
07: Forums
08: Your Account
09: Forums
10: Home
11: Forums
12: Your Account
13: Forums
14: Forums
15: Forums
16: Your Account
17: Forums
18: Home
19: Forums
20: Forums
21: Forums
22: Forums
23: Home
24: Home
25: Photo Albums
26: Forums
27: Forums
28: Forums
29: Forums
30: Home
31: Home
32: Forums
33: Home
34: Forums
35: Forums
36: Photo Albums
37: Forums
38: Forums
39: Forums
40: Forums
41: Photo Albums
42: Your Account
43: Forums
44: Your Account
45: Home
46: Home
47: Forums
48: News
49: Forums
50: Forums
51: Your Account
52: Forums
53: Forums
54: Forums
55: Home
56: Home
57: Home
58: News
59: Forums
60: Your Account
61: Forums
62: Forums
63: Forums
64: Home
65: Forums
66: Forums
67: Forums
68: Forums
69: Photo Albums
70: Home
71: Forums
72: Photo Albums
73: Forums
74: Forums
75: Home
76: Forums
77: Forums
78: Forums
79: Home
80: Forums
81: Home
82: Your Account
83: Forums
84: Forums
85: Home
86: Home
87: Your Account
88: Forums
89: Forums
90: Forums
91: Forums
92: Forums
93: Forums
94: Forums
95: Forums
96: Forums
97: Photo Albums
98: Home
99: Home
100: Photo Albums
101: Forums
102: Forums
103: Forums
104: Forums
105: Home
106: Forums
107: Forums
108: Forums
109: Home
110: Your Account
111: Forums
112: Forums
113: Photo Albums
114: Forums
115: Forums
116: Forums
117: Forums
118: Your Account
119: Forums
120: Forums
121: Forums
122: Forums
123: Forums
124: Forums
125: Forums
126: Forums
127: Forums
128: Forums
129: Home
130: Home
131: Forums
132: Forums
133: Forums
134: Forums
135: Forums
136: Forums
137: Home
138: Forums
139: Home
140: Forums
141: Your Account
142: Forums
143: Forums
144: Forums
145: Forums
146: Home
147: Forums
148: Forums
149: Forums
150: Forums
151: Forums
152: Forums
153: Forums
154: Forums
155: Forums
156: Forums
157: Forums
158: Your Account
159: Your Account
160: Forums
161: Forums
162: Home
163: Photo Albums
164: Forums
165: Forums
166: Home
167: Forums
168: Forums
169: Forums
170: Forums
171: Forums
172: Forums
173: Your Account
174: Home
175: Forums
176: Photo Albums
177: Forums
178: Your Account
179: Forums
180: Forums
181: Forums
182: Forums
183: Home
184: Your Account
185: Forums
186: Forums
187: Your Account
188: Forums
189: Forums
190: Forums
191: Forums
192: Photo Albums
193: Forums
194: Your Account
195: Your Account
196: Forums
197: Your Account
198: Forums
199: Photo Albums
200: Forums
201: Photo Albums
202: Your Account
203: Home
204: Forums
205: Forums
206: Forums
207: Forums
208: Your Account
209: Home
210: Forums
211: Photo Albums
212: Forums
213: Photo Albums
214: Home
  BOT:
01: Statistics

Staff Online:

No staff members are online!
 

Coppermine Stats
Photo Albums
 Albums: 308
 Pictures: 2451
  · Views: 820725
  · Votes: 1316
  · Comments: 86
 

Virus
Important Announcements regarding the website, hunting related announcements etc etc.
Go to page 1, 2  Next
Post new topic   Reply to topic   Printer Friendly Page    Forum Index » Important Announcements!

View previous topic :: View next topic  
Author Message
DallanC
Site Admin
Site Admin


Joined: Jan 18, 2005
Posts: 3571
Location: Utah

PostPosted: Tue May 28, 2013 9:23 pm    Post subject: Virus Reply with quote

I am getting reports from users about a virus when they attempt to access HuntingNut. I am talking to my webhost to see if this is valid, or it its a false positive.

Details to follow as I learn more.


-DallanC


Last edited by DallanC on Tue Dec 03, 2013 5:30 pm; edited 1 time in total
Back to top
View user's profile Photo Gallery
DallanC
Site Admin
Site Admin


Joined: Jan 18, 2005
Posts: 3571
Location: Utah

PostPosted: Tue May 28, 2013 9:48 pm    Post subject: Re: Virus Reply with quote

From my host:

Quote::
Hi,

I am sorry, but it look like a cached or false positive alarm on AVG. I have performed a full scan on your account and the result is just positive;

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
scan completed on /home/hunting/public_html: files 27482, malware hits 0, cleaned hits 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Also, checked the domain with other antivirus site like McAfee, Norton etc and those results showing there is no infections on your account.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
huntingnut.com

We tested this site and didn't find any significant problems.
Are you the owner of this site? Leave a comment
Contact information: Country Popularity

United States

Some users
Automated Web Safety Testing Results for huntingnut.com
E-MAIL TESTS FOR HUNTINGNUT.COM:
DOWNLOAD TESTS FOR HUNTINGNUT.COM:
Downloads we found on this site:
Download Analysis
PointBlankCRBSv18a.zip
PointBlankCRBSv18a.zip
PointBlankCRBSv18a.zip
PointBlankCRBSv18a.zip
PointBlankCRBSv18a.zip
6 total downloads. See more.
6 green downloads
In our tests, we found downloads on this site were free of adware, spyware, and other potentially unwanted programs.
View detailed analysis
Submit a download for analysis
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Thank you.
Regards,
--
Alex Spaford
Level 2 System Administrator
TotalChoiceHosting INC.


Still digging, into this!


-DallanC
Back to top
View user's profile Photo Gallery
DallanC
Site Admin
Site Admin


Joined: Jan 18, 2005
Posts: 3571
Location: Utah

PostPosted: Wed May 29, 2013 11:20 am    Post subject: Re: Virus Reply with quote

Ok I was able to track down the infection, it does indeed seem we got accessed somehow. I will continue to investigate how this happened, meanwhile the site appears "clean".

If anyone happens to notice any pages that trigger wierd behavior let me know. Apologies for the inconvience!


-DallanC
Back to top
View user's profile Photo Gallery
shrpshtrjoe
Super Red Neck Member
Super Red Neck Member


Joined: Jan 26, 2005
Posts: 2965
Location: Maryland

PostPosted: Wed May 29, 2013 1:36 pm    Post subject: Re: Virus Reply with quote

Cool Very Happy Thanks for your efforts Dallan...

_________________
"MOLON LABE"

P E T A
People Eating Tasty Animals
Back to top
View user's profile Photo Gallery
Dawgdad
Super Member
Super Member


Joined: Feb 08, 2006
Posts: 1065
Location: On the Prairie

PostPosted: Wed May 29, 2013 1:56 pm    Post subject: Re: Virus Reply with quote

I had posted a link to a photo hosted on Coppermine and some people said they got a "hack attempt has been recorded" alert when they tried to open it.

_________________
Alcohol, Tobacco and Firearms should be a convenience store, not a government agency...
Back to top
View user's profile Photo Gallery
DallanC
Site Admin
Site Admin


Joined: Jan 18, 2005
Posts: 3571
Location: Utah

PostPosted: Wed May 29, 2013 1:57 pm    Post subject: Re: Virus Reply with quote

Dawgdad wrote:
I had posted a link to a photo hosted on Coppermine and some people said they got a "hack attempt has been recorded" alert when they tried to open it.

Email me the link you used, I will look into it.


-DallanC
Back to top
View user's profile Photo Gallery
DallanC
Site Admin
Site Admin


Joined: Jan 18, 2005
Posts: 3571
Location: Utah

PostPosted: Wed May 29, 2013 2:00 pm    Post subject: Re: Virus Reply with quote

shrpshtrjoe wrote:
Cool Very Happy Thanks for your efforts Dallan...

Heh no problem. I had a site wide backup made on the 13th of this month, so I made a new backup with the virus, then ran some software I have that does file comparisons to show what changed from one version to the next. It quickly showed the 70'ish files that got modified. I manually restored them all and it seems fine.

As annoying as it is, it seems we are "big enough" that hackers feel we are worth the effort to access.


-DallanC
Back to top
View user's profile Photo Gallery
DallanC
Site Admin
Site Admin


Joined: Jan 18, 2005
Posts: 3571
Location: Utah

PostPosted: Wed May 29, 2013 2:02 pm    Post subject: Re: Virus Reply with quote

PS: the trojan really only seemed to affect the newest version of Internet Explorer (version 10), it would just try to redirect the user from HuntingNut to some silly dating site.


-DallanC
Back to top
View user's profile Photo Gallery
shrpshtrjoe
Super Red Neck Member
Super Red Neck Member


Joined: Jan 26, 2005
Posts: 2965
Location: Maryland

PostPosted: Wed May 29, 2013 2:27 pm    Post subject: Re: Virus Reply with quote

DallanC wrote:
PS: the trojan really only seemed to affect the newest version of Internet Explorer (version 10), it would just try to redirect the user from HuntingNut to some silly dating site.


-DallanC

That's what I have . No problems logging in now Very Happy .. My Norton antivirus wouldn't even let me log in earlier I guess it works Smile

_________________
"MOLON LABE"

P E T A
People Eating Tasty Animals
Back to top
View user's profile Photo Gallery
Ominivision1
Super Member
Super Member


Joined: Sep 20, 2010
Posts: 2984
Location: Iowa

PostPosted: Wed May 29, 2013 2:54 pm    Post subject: Re: Virus Reply with quote

One other thing to watch for is rogue certificates being installed on your web browser(s). If you get redirected to another website, shut down the browser and lock the firewall and open up FF or whatever you use) and go to advance settings (encryption, view certificates) and I found found a rogue sever security certificate installed who knows when (date).

_________________
Regards

Limitations are but boundaries created inside our minds.
Back to top
View user's profile Photo Gallery
gelandangan
Super Member
Super Member


Joined: May 07, 2006
Posts: 6396
Location: Sydney Australia

PostPosted: Wed May 29, 2013 3:10 pm    Post subject: Re: Virus Reply with quote

Good on you Dallan!
Thanks for the hard work, I am glad we are back.

_________________
A straight line is the shortest distance between two points.
A smile is the shortest distance between two people.

Do - Not try!


gelandangan.weebly.com/
Back to top
View user's profile Visit poster's website
Pumpkinslinger
Super Member
Super Member


Joined: Sep 22, 2007
Posts: 5001
Location: NC foothills

PostPosted: Wed May 29, 2013 4:19 pm    Post subject: Re: Virus Reply with quote

Yep, I was going through HuntingNut withdrawal! Norton blocked it at home and whatever they use at work did the same.

_________________
Mike

"I ain't no better than anybody else, and there ain't nobody better than me!" Ma Kettle
Back to top
View user's profile AIM Address Yahoo Messenger Photo Gallery
Pumpkinslinger
Super Member
Super Member


Joined: Sep 22, 2007
Posts: 5001
Location: NC foothills

PostPosted: Wed May 29, 2013 10:58 pm    Post subject: Re: Virus Reply with quote

Hmmm, when I went to the photos here to put some in a post I got that same warning from Norton that I was getting on Tuesday. Here is some of the Norton information.

Category: Intrusion Prevention
An intrusion attempt by www.huntingnut.com was blocked.
Web Attack: Mass Injection Website 5, ,"www.huntingnut.com (208.76.80.141,80) ",www.huntingnut.com/modules/coppermine/scripts.js," Network traffic from www.huntingnut.com/mod...scripts.js matches the signature of a known attack. The attack was resulted from \DEVICE\HARDDISKVOLUME3\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE.

_________________
Mike

"I ain't no better than anybody else, and there ain't nobody better than me!" Ma Kettle
Back to top
View user's profile AIM Address Yahoo Messenger Photo Gallery
Vince
Site Admin
Site Admin


Joined: May 25, 2005
Posts: 15704
Location: Brisbane AUSTRALIA

PostPosted: Wed May 29, 2013 11:36 pm    Post subject: Re: Virus Reply with quote

Well done Dallan. Once again your hard work saves our hunting community from a withdrawal meltdown and subsequent depression, anxiety and other psychological maladies mate.

I bow to your superior knowledge and abilities. Bow Bow

_________________
Cheers, Vince Cheers

Illegitimi non carborundum
(Never let the bastards grind you down)

Live simply. Love generously. Care deeply. Speak kindly. Leave the rest to God.

"Nulla Si Fa Senza Volonta."
(Without Commitment, Nothing Gets Done)
Back to top
View user's profile AIM Address MSN Messenger Yahoo Messenger Photo Gallery
Elvis
Super Member
Super Member


Joined: Jul 27, 2008
Posts: 9239
Location: south island New Zealand

PostPosted: Thu May 30, 2013 12:26 am    Post subject: Re: Virus Reply with quote

good on you DallanC
YOU THE MAN

_________________
You shot it You pluck it !
Them who eats the most duck eats the most feathers!
Back to top
View user's profile
Display posts from previous:   
Post new topic   Reply to topic   Printer Friendly Page    Forum Index » Important Announcements!
Page 1 of 2
All times are GMT - 7 Hours
Go to page 1, 2  Next



Jump to:  


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Valid CSS! Valid HTML 4.01!
Click to check if this page is realy HTML 4.01 compliant for speed :)

All logos and trademarks in this site are property of HuntingNut.com.
The comments are property of their posters, all the rest © 2011 by HuntingNut.com
Interactive software released under GNU GPL, Code Credits, Privacy Policy

.: Upgraded to DragonFly 9.2 by *Dizfunkshunal* :.