HuntingNut » Forums » Announcements » Important Announcements! » Virus
HuntingNut
HuntingNut
   Login or Register
HomeCommunity ForumsPhoto AlbumsRegister
     
 

User Info

Welcome Anonymous


Membership:
Latest: sandcrash
New Today: 0
New Yesterday: 0
Overall: 12582

People Online:
Members: 0
Visitors: 123
BOT: 3
Total: 126
Who Is Where:
 Visitors:
01: Your Account
02: Forums
03: Forums
04: Your Account
05: Forums
06: Your Account
07: Your Account
08: Forums
09: Forums
10: Forums
11: Your Account
12: Forums
13: Forums
14: Forums
15: Forums
16: Your Account
17: Your Account
18: Forums
19: Your Account
20: Your Account
21: Your Account
22: Home
23: Forums
24: Forums
25: Forums
26: Forums
27: Forums
28: Your Account
29: Forums
30: Your Account
31: Your Account
32: Forums
33: Forums
34: Forums
35: Forums
36: Your Account
37: Forums
38: Forums
39: Your Account
40: Your Account
41: Forums
42: Your Account
43: Your Account
44: Your Account
45: Forums
46: Forums
47: Your Account
48: Your Account
49: Forums
50: Photo Albums
51: Forums
52: Forums
53: Forums
54: Your Account
55: Home
56: Forums
57: Your Account
58: Forums
59: Forums
60: Your Account
61: Your Account
62: Your Account
63: Forums
64: Your Account
65: Forums
66: Home
67: Your Account
68: Forums
69: Forums
70: Your Account
71: Forums
72: Forums
73: Forums
74: Forums
75: Your Account
76: Your Account
77: Forums
78: Your Account
79: Your Account
80: Your Account
81: Your Account
82: Forums
83: Your Account
84: Forums
85: Your Account
86: Forums
87: Your Account
88: Forums
89: Your Account
90: Forums
91: Forums
92: Forums
93: Forums
94: Forums
95: Forums
96: Forums
97: Your Account
98: Forums
99: Your Account
100: Forums
101: Your Account
102: Your Account
103: Forums
104: Forums
105: Your Account
106: Forums
107: Your Account
108: Your Account
109: Forums
110: Forums
111: Your Account
112: Your Account
113: Forums
114: Your Account
115: Your Account
116: Home
117: Your Account
118: Forums
119: Your Account
120: Your Account
121: Forums
122: Forums
123: Forums
  BOT:
01: Forums
02: Your Account
03: Home

Staff Online:

No staff members are online!
 

Coppermine Stats
Photo Albums
 Albums: 305
 Pictures: 2358
  · Views: 372215
  · Votes: 1307
  · Comments: 85
 

Support our Advertisers

Virus
Important Announcements regarding the website, hunting related announcements etc etc.
Go to page 1, 2  Next
Post new topic   Reply to topic   Printer Friendly Page    Forum Index » Important Announcements!

View previous topic :: View next topic  
Author Message
DallanC
Site Admin
Site Admin


Joined: Jan 18, 2005
Posts: 3191
Location: Utah

PostPosted: Tue May 28, 2013 9:23 pm    Post subject: Virus Reply with quote

I am getting reports from users about a virus when they attempt to access HuntingNut. I am talking to my webhost to see if this is valid, or it its a false positive.

Details to follow as I learn more.


-DallanC


Last edited by DallanC on Tue Dec 03, 2013 5:30 pm; edited 1 time in total
Back to top
View user's profile Photo Gallery
DallanC
Site Admin
Site Admin


Joined: Jan 18, 2005
Posts: 3191
Location: Utah

PostPosted: Tue May 28, 2013 9:48 pm    Post subject: Re: Virus Reply with quote

From my host:

Quote::
Hi,

I am sorry, but it look like a cached or false positive alarm on AVG. I have performed a full scan on your account and the result is just positive;

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
scan completed on /home/hunting/public_html: files 27482, malware hits 0, cleaned hits 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Also, checked the domain with other antivirus site like McAfee, Norton etc and those results showing there is no infections on your account.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
huntingnut.com

We tested this site and didn't find any significant problems.
Are you the owner of this site? Leave a comment
Contact information: Country Popularity

United States

Some users
Automated Web Safety Testing Results for huntingnut.com
E-MAIL TESTS FOR HUNTINGNUT.COM:
DOWNLOAD TESTS FOR HUNTINGNUT.COM:
Downloads we found on this site:
Download Analysis
PointBlankCRBSv18a.zip
PointBlankCRBSv18a.zip
PointBlankCRBSv18a.zip
PointBlankCRBSv18a.zip
PointBlankCRBSv18a.zip
6 total downloads. See more.
6 green downloads
In our tests, we found downloads on this site were free of adware, spyware, and other potentially unwanted programs.
View detailed analysis
Submit a download for analysis
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Thank you.
Regards,
--
Alex Spaford
Level 2 System Administrator
TotalChoiceHosting INC.


Still digging, into this!


-DallanC
Back to top
View user's profile Photo Gallery
DallanC
Site Admin
Site Admin


Joined: Jan 18, 2005
Posts: 3191
Location: Utah

PostPosted: Wed May 29, 2013 11:20 am    Post subject: Re: Virus Reply with quote

Ok I was able to track down the infection, it does indeed seem we got accessed somehow. I will continue to investigate how this happened, meanwhile the site appears "clean".

If anyone happens to notice any pages that trigger wierd behavior let me know. Apologies for the inconvience!


-DallanC
Back to top
View user's profile Photo Gallery
shrpshtrjoe
Super Red Neck Member
Super Red Neck Member


Joined: Jan 26, 2005
Posts: 2955
Location: Maryland

PostPosted: Wed May 29, 2013 1:36 pm    Post subject: Re: Virus Reply with quote

Cool Very Happy Thanks for your efforts Dallan...

_________________
"MOLON LABE"

P E T A
People Eating Tasty Animals
Back to top
View user's profile Photo Gallery
Dawgdad
Super Member
Super Member


Joined: Feb 08, 2006
Posts: 1055
Location: On the Prairie

PostPosted: Wed May 29, 2013 1:56 pm    Post subject: Re: Virus Reply with quote

I had posted a link to a photo hosted on Coppermine and some people said they got a "hack attempt has been recorded" alert when they tried to open it.

_________________
Alcohol, Tobacco and Firearms should be a convenience store, not a government agency...
Back to top
View user's profile Photo Gallery
DallanC
Site Admin
Site Admin


Joined: Jan 18, 2005
Posts: 3191
Location: Utah

PostPosted: Wed May 29, 2013 1:57 pm    Post subject: Re: Virus Reply with quote

Dawgdad wrote:
I had posted a link to a photo hosted on Coppermine and some people said they got a "hack attempt has been recorded" alert when they tried to open it.

Email me the link you used, I will look into it.


-DallanC
Back to top
View user's profile Photo Gallery
DallanC
Site Admin
Site Admin


Joined: Jan 18, 2005
Posts: 3191
Location: Utah

PostPosted: Wed May 29, 2013 2:00 pm    Post subject: Re: Virus Reply with quote

shrpshtrjoe wrote:
Cool Very Happy Thanks for your efforts Dallan...

Heh no problem. I had a site wide backup made on the 13th of this month, so I made a new backup with the virus, then ran some software I have that does file comparisons to show what changed from one version to the next. It quickly showed the 70'ish files that got modified. I manually restored them all and it seems fine.

As annoying as it is, it seems we are "big enough" that hackers feel we are worth the effort to access.


-DallanC
Back to top
View user's profile Photo Gallery
DallanC
Site Admin
Site Admin


Joined: Jan 18, 2005
Posts: 3191
Location: Utah

PostPosted: Wed May 29, 2013 2:02 pm    Post subject: Re: Virus Reply with quote

PS: the trojan really only seemed to affect the newest version of Internet Explorer (version 10), it would just try to redirect the user from HuntingNut to some silly dating site.


-DallanC
Back to top
View user's profile Photo Gallery
shrpshtrjoe
Super Red Neck Member
Super Red Neck Member


Joined: Jan 26, 2005
Posts: 2955
Location: Maryland

PostPosted: Wed May 29, 2013 2:27 pm    Post subject: Re: Virus Reply with quote

DallanC wrote:
PS: the trojan really only seemed to affect the newest version of Internet Explorer (version 10), it would just try to redirect the user from HuntingNut to some silly dating site.


-DallanC

That's what I have . No problems logging in now Very Happy .. My Norton antivirus wouldn't even let me log in earlier I guess it works Smile

_________________
"MOLON LABE"

P E T A
People Eating Tasty Animals
Back to top
View user's profile Photo Gallery
Ominivision1
Super Member
Super Member


Joined: Sep 20, 2010
Posts: 2984
Location: Iowa

PostPosted: Wed May 29, 2013 2:54 pm    Post subject: Re: Virus Reply with quote

One other thing to watch for is rogue certificates being installed on your web browser(s). If you get redirected to another website, shut down the browser and lock the firewall and open up FF or whatever you use) and go to advance settings (encryption, view certificates) and I found found a rogue sever security certificate installed who knows when (date).

_________________
Regards

Limitations are but boundaries created inside our minds.
Back to top
View user's profile Photo Gallery
gelandangan
Super Member
Super Member


Joined: May 07, 2006
Posts: 5843
Location: Sydney Australia

PostPosted: Wed May 29, 2013 3:10 pm    Post subject: Re: Virus Reply with quote

Good on you Dallan!
Thanks for the hard work, I am glad we are back.

_________________
A straight line is the shortest distance between two points.
A smile is the shortest distance between two people.

The government I trust .. is my .45-70 Government.

Do - Not try!


gelandangan.weebly.com/
Back to top
View user's profile Visit poster's website
Pumpkinslinger
Super Member
Super Member


Joined: Sep 22, 2007
Posts: 4469
Location: NC foothills

PostPosted: Wed May 29, 2013 4:19 pm    Post subject: Re: Virus Reply with quote

Yep, I was going through HuntingNut withdrawal! Norton blocked it at home and whatever they use at work did the same.

_________________
Mike

"I ain't no better than anyone else, and there ain't no one better than me!" Ma Kettle

Back to top
View user's profile AIM Address Yahoo Messenger Photo Gallery
Pumpkinslinger
Super Member
Super Member


Joined: Sep 22, 2007
Posts: 4469
Location: NC foothills

PostPosted: Wed May 29, 2013 10:58 pm    Post subject: Re: Virus Reply with quote

Hmmm, when I went to the photos here to put some in a post I got that same warning from Norton that I was getting on Tuesday. Here is some of the Norton information.

Category: Intrusion Prevention
An intrusion attempt by www.huntingnut.com was blocked.
Web Attack: Mass Injection Website 5, ,"www.huntingnut.com (208.76.80.141,80) ",www.huntingnut.com/modules/coppermine/scripts.js," Network traffic from www.huntingnut.com/mod...scripts.js matches the signature of a known attack. The attack was resulted from \DEVICE\HARDDISKVOLUME3\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE.

_________________
Mike

"I ain't no better than anyone else, and there ain't no one better than me!" Ma Kettle

Back to top
View user's profile AIM Address Yahoo Messenger Photo Gallery
Vince
Super Member
Super Member


Joined: May 25, 2005
Posts: 13521
Location: Brisbane AUSTRALIA

PostPosted: Wed May 29, 2013 11:36 pm    Post subject: Re: Virus Reply with quote

Well done Dallan. Once again your hard work saves our hunting community from a withdrawal meltdown and subsequent depression, anxiety and other psychological maladies mate.

I bow to your superior knowledge and abilities. Bow Bow

_________________
Cheers, Vince Cheers

Illegitimi non carborundum
(Never let the bastards grind you down)

Live simply. Love generously. Care deeply. Speak kindly. Leave the rest to God.

"Nulla Si Fa Senza Volonta."
(Without Commitment, Nothing Gets Done)
Back to top
View user's profile AIM Address MSN Messenger Yahoo Messenger Photo Gallery
Elvis
Super Member
Super Member


Joined: Jul 27, 2008
Posts: 7419
Location: south island New Zealand

PostPosted: Thu May 30, 2013 12:26 am    Post subject: Re: Virus Reply with quote

good on you DallanC
YOU THE MAN

_________________
You shot it You pluck it !
Them who eats the most duck eats the most feathers!
Back to top
View user's profile
Display posts from previous:   
Post new topic   Reply to topic   Printer Friendly Page    Forum Index » Important Announcements!
Page 1 of 2
All times are GMT - 7 Hours
Go to page 1, 2  Next



Jump to:  


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Advertisements
 


Valid CSS! Valid HTML 4.01!
Click to check if this page is realy HTML 4.01 compliant for speed :)

All logos and trademarks in this site are property of HuntingNut.com.
The comments are property of their posters, all the rest © 2011 by HuntingNut.com
Interactive software released under GNU GPL, Code Credits, Privacy Policy

.: Upgraded to DragonFly 9.2 by Dizfunkshunal :.