HuntingNut
HuntingNut
   Login or Register
HomeCommunity ForumsPhoto AlbumsRegister
     
 

User Info

Welcome Anonymous


Membership:
Latest: CapJones
New Today: 0
New Yesterday: 0
Overall: 12468

People Online:
Members: 0
Visitors: 48
BOT: 3
Total: 51
Who Is Where:
 Visitors:
01: Photo Albums
02: Forums
03: Forums
04: Forums
05: Forums
06: News
07: Forums
08: Forums
09: Forums
10: Forums
11: Forums
12: Forums
13: Forums
14: Forums
15: Photo Albums
16: Forums
17: Forums
18: Forums
19: News
20: Home
21: Forums
22: Forums
23: Forums
24: Forums
25: Forums
26: Forums
27: Forums
28: Forums
29: Forums
30: Forums
31: Forums
32: Forums
33: Forums
34: Home
35: Forums
36: Photo Albums
37: Forums
38: Forums
39: Your Account
40: Forums
41: Forums
42: Home
43: Forums
44: Forums
45: Forums
46: Forums
47: Forums
48: Forums
  BOT:
01: Forums
02: Forums
03: Photo Albums

Staff Online:

No staff members are online!
 

Coppermine Stats
Photo Albums
 Albums: 304
 Pictures: 2340
  · Views: 295998
  · Votes: 1302
  · Comments: 85
 

Support our Advertisers

Virus
Important Announcements regarding the website, hunting related announcements etc etc.
Go to page 1, 2  Next
Post new topic   Reply to topic   Printer Friendly Page    Forum Index » Important Announcements!

View previous topic :: View next topic  
Author Message
DallanC
Site Admin
Site Admin


Joined: Jan 18, 2005
Posts: 3151
Location: Utah

PostPosted: Tue May 28, 2013 9:23 pm    Post subject: Virus Reply with quote

I am getting reports from users about a virus when they attempt to access HuntingNut. I am talking to my webhost to see if this is valid, or it its a false positive.

Details to follow as I learn more.


-DallanC


Last edited by DallanC on Tue Dec 03, 2013 4:30 pm; edited 1 time in total
Back to top
View user's profile Photo Gallery
DallanC
Site Admin
Site Admin


Joined: Jan 18, 2005
Posts: 3151
Location: Utah

PostPosted: Tue May 28, 2013 9:48 pm    Post subject: Re: Virus Reply with quote

From my host:

Quote::
Hi,

I am sorry, but it look like a cached or false positive alarm on AVG. I have performed a full scan on your account and the result is just positive;

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
scan completed on /home/hunting/public_html: files 27482, malware hits 0, cleaned hits 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Also, checked the domain with other antivirus site like McAfee, Norton etc and those results showing there is no infections on your account.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
huntingnut.com

We tested this site and didn't find any significant problems.
Are you the owner of this site? Leave a comment
Contact information: Country Popularity

United States

Some users
Automated Web Safety Testing Results for huntingnut.com
E-MAIL TESTS FOR HUNTINGNUT.COM:
DOWNLOAD TESTS FOR HUNTINGNUT.COM:
Downloads we found on this site:
Download Analysis
PointBlankCRBSv18a.zip
PointBlankCRBSv18a.zip
PointBlankCRBSv18a.zip
PointBlankCRBSv18a.zip
PointBlankCRBSv18a.zip
6 total downloads. See more.
6 green downloads
In our tests, we found downloads on this site were free of adware, spyware, and other potentially unwanted programs.
View detailed analysis
Submit a download for analysis
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Thank you.
Regards,
--
Alex Spaford
Level 2 System Administrator
TotalChoiceHosting INC.


Still digging, into this!


-DallanC
Back to top
View user's profile Photo Gallery
DallanC
Site Admin
Site Admin


Joined: Jan 18, 2005
Posts: 3151
Location: Utah

PostPosted: Wed May 29, 2013 11:20 am    Post subject: Re: Virus Reply with quote

Ok I was able to track down the infection, it does indeed seem we got accessed somehow. I will continue to investigate how this happened, meanwhile the site appears "clean".

If anyone happens to notice any pages that trigger wierd behavior let me know. Apologies for the inconvience!


-DallanC
Back to top
View user's profile Photo Gallery
shrpshtrjoe
Super Red Neck Member
Super Red Neck Member


Joined: Jan 26, 2005
Posts: 2955
Location: Maryland

PostPosted: Wed May 29, 2013 1:36 pm    Post subject: Re: Virus Reply with quote

Cool Very Happy Thanks for your efforts Dallan...

_________________
"MOLON LABE"

P E T A
People Eating Tasty Animals
Back to top
View user's profile Photo Gallery
Dawgdad
Super Member
Super Member


Joined: Feb 08, 2006
Posts: 1045
Location: On the Prairie

PostPosted: Wed May 29, 2013 1:56 pm    Post subject: Re: Virus Reply with quote

I had posted a link to a photo hosted on Coppermine and some people said they got a "hack attempt has been recorded" alert when they tried to open it.

_________________
Alcohol, Tobacco and Firearms should be a convenience store, not a government agency...
Back to top
View user's profile Photo Gallery
DallanC
Site Admin
Site Admin


Joined: Jan 18, 2005
Posts: 3151
Location: Utah

PostPosted: Wed May 29, 2013 1:57 pm    Post subject: Re: Virus Reply with quote

Dawgdad wrote:
I had posted a link to a photo hosted on Coppermine and some people said they got a "hack attempt has been recorded" alert when they tried to open it.

Email me the link you used, I will look into it.


-DallanC
Back to top
View user's profile Photo Gallery
DallanC
Site Admin
Site Admin


Joined: Jan 18, 2005
Posts: 3151
Location: Utah

PostPosted: Wed May 29, 2013 2:00 pm    Post subject: Re: Virus Reply with quote

shrpshtrjoe wrote:
Cool Very Happy Thanks for your efforts Dallan...

Heh no problem. I had a site wide backup made on the 13th of this month, so I made a new backup with the virus, then ran some software I have that does file comparisons to show what changed from one version to the next. It quickly showed the 70'ish files that got modified. I manually restored them all and it seems fine.

As annoying as it is, it seems we are "big enough" that hackers feel we are worth the effort to access.


-DallanC
Back to top
View user's profile Photo Gallery
DallanC
Site Admin
Site Admin


Joined: Jan 18, 2005
Posts: 3151
Location: Utah

PostPosted: Wed May 29, 2013 2:02 pm    Post subject: Re: Virus Reply with quote

PS: the trojan really only seemed to affect the newest version of Internet Explorer (version 10), it would just try to redirect the user from HuntingNut to some silly dating site.


-DallanC
Back to top
View user's profile Photo Gallery
shrpshtrjoe
Super Red Neck Member
Super Red Neck Member


Joined: Jan 26, 2005
Posts: 2955
Location: Maryland

PostPosted: Wed May 29, 2013 2:27 pm    Post subject: Re: Virus Reply with quote

DallanC wrote:
PS: the trojan really only seemed to affect the newest version of Internet Explorer (version 10), it would just try to redirect the user from HuntingNut to some silly dating site.


-DallanC

That's what I have . No problems logging in now Very Happy .. My Norton antivirus wouldn't even let me log in earlier I guess it works Smile

_________________
"MOLON LABE"

P E T A
People Eating Tasty Animals
Back to top
View user's profile Photo Gallery
Ominivision1
Super Member
Super Member


Joined: Sep 20, 2010
Posts: 2985
Location: Iowa

PostPosted: Wed May 29, 2013 2:54 pm    Post subject: Re: Virus Reply with quote

One other thing to watch for is rogue certificates being installed on your web browser(s). If you get redirected to another website, shut down the browser and lock the firewall and open up FF or whatever you use) and go to advance settings (encryption, view certificates) and I found found a rogue sever security certificate installed who knows when (date).

_________________
Regards

Limitations are but boundaries created inside our minds.
Back to top
View user's profile Photo Gallery
gelandangan
Super Member
Super Member


Joined: May 07, 2006
Posts: 5735
Location: Sydney Australia

PostPosted: Wed May 29, 2013 3:10 pm    Post subject: Re: Virus Reply with quote

Good on you Dallan!
Thanks for the hard work, I am glad we are back.

_________________
A straight line is the shortest distance between two points.
A smile is the shortest distance between two people.

The government I trust .. is my .45-70 Government.

Do - Not try!


gelandangan.weebly.com/
Back to top
View user's profile Visit poster's website
Pumpkinslinger
Super Member
Super Member


Joined: Sep 22, 2007
Posts: 4401
Location: NC foothills

PostPosted: Wed May 29, 2013 4:19 pm    Post subject: Re: Virus Reply with quote

Yep, I was going through HuntingNut withdrawal! Norton blocked it at home and whatever they use at work did the same.

_________________
Mike

"I ain't no better than anyone else, and there ain't no one better than me!" Ma Kettle

Back to top
View user's profile AIM Address Yahoo Messenger Photo Gallery
Pumpkinslinger
Super Member
Super Member


Joined: Sep 22, 2007
Posts: 4401
Location: NC foothills

PostPosted: Wed May 29, 2013 10:58 pm    Post subject: Re: Virus Reply with quote

Hmmm, when I went to the photos here to put some in a post I got that same warning from Norton that I was getting on Tuesday. Here is some of the Norton information.

Category: Intrusion Prevention
An intrusion attempt by www.huntingnut.com was blocked.
Web Attack: Mass Injection Website 5, ,"www.huntingnut.com (208.76.80.141,80) ",www.huntingnut.com/modules/coppermine/scripts.js," Network traffic from www.huntingnut.com/mod...scripts.js matches the signature of a known attack. The attack was resulted from \DEVICE\HARDDISKVOLUME3\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE.

_________________
Mike

"I ain't no better than anyone else, and there ain't no one better than me!" Ma Kettle

Back to top
View user's profile AIM Address Yahoo Messenger Photo Gallery
Vince
Super Member
Super Member


Joined: May 25, 2005
Posts: 13124
Location: Brisbane AUSTRALIA

PostPosted: Wed May 29, 2013 11:36 pm    Post subject: Re: Virus Reply with quote

Well done Dallan. Once again your hard work saves our hunting community from a withdrawal meltdown and subsequent depression, anxiety and other psychological maladies mate.

I bow to your superior knowledge and abilities. Bow Bow

_________________
Cheers, Vince Cheers

Illegitimi non carborundum
(Never let the bastards grind you down)

Live simply. Love generously. Care deeply. Speak kindly. Leave the rest to God.

"Nulla Si Fa Senza Volonta."
(Without Commitment, Nothing Gets Done)
Back to top
View user's profile AIM Address MSN Messenger Yahoo Messenger Photo Gallery
Elvis
Super Member
Super Member


Joined: Jul 27, 2008
Posts: 7012
Location: south island New Zealand

PostPosted: Thu May 30, 2013 12:26 am    Post subject: Re: Virus Reply with quote

good on you DallanC
YOU THE MAN

_________________
You shot it You pluck it !
Them who eats the most duck eats the most feathers!
Back to top
View user's profile
Display posts from previous:   
Post new topic   Reply to topic   Printer Friendly Page    Forum Index » Important Announcements!
Page 1 of 2
All times are GMT - 7 Hours
Go to page 1, 2  Next



Jump to:  


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Advertisements
 


Valid CSS! Valid HTML 4.01!
Click to check if this page is realy HTML 4.01 compliant for speed :)

All logos and trademarks in this site are property of HuntingNut.com.
The comments are property of their posters, all the rest © 2011 by HuntingNut.com
Interactive software released under GNU GPL, Code Credits, Privacy Policy

.: Upgraded to DragonFly 9.2 by Dizfunkshunal :.