1. Attention: We have put together a thread with tips and a tutorial video to help with using the new software. Please take a moment to check out the thread here: Trapshooters.com Tutorial & Help Video.
    Dismiss Notice

Virus / Rogue Script

Discussion in 'Off Topic Threads' started by whiz white, Jul 21, 2008.

Thread Status:
Not open for further replies.
  1. whiz white

    whiz white Strong Supporter of Trapshooting Banned

    Joined:
    Jan 29, 1998
    Messages:
    4,771
    Location:
    Rapid City SD
    David: Any way to identify to offender to give them some help... they may not even know they are contagious.

    Whiz
     
  2. david

    david Member

    Joined:
    Jan 29, 1998
    Messages:
    187
    I am still investigating it but may never know where it came from.

    I dont think it was a virus, I think it was a script that was probably going to popup a porn site.

    I am going to try the offending script on another computer and see what happens.

    David
     
  3. whiz white

    whiz white Strong Supporter of Trapshooting Banned

    Joined:
    Jan 29, 1998
    Messages:
    4,771
    Location:
    Rapid City SD
    David: Any way to identify to offender to give them some help... they may not even know they are contagious.

    Whiz
     
  4. david

    david Member

    Joined:
    Jan 29, 1998
    Messages:
    187
    I am still investigating it but may never know where it came from.

    I dont think it was a virus, I think it was a script that was probably going to popup a porn site.

    I am going to try the offending script on another computer and see what happens.

    David
     
  5. david

    david Member

    Joined:
    Jan 29, 1998
    Messages:
    187
    Well I tracked down what happened. A hacker in Australia and/or the Netherlands found a way to inject their little script in to the database. This has happened to many, many, sites over the last few days.

    I have programmed the site to try and prevent this from happening.

    David
     
  6. david

    david Member

    Joined:
    Jan 29, 1998
    Messages:
    187
    No this was called "verynx"

    David
     
  7. david

    david Member

    Joined:
    Jan 29, 1998
    Messages:
    187
    No I removed the other threads just now about virus/problems so people dont panic.

    David
     
  8. david

    david Member

    Joined:
    Jan 29, 1998
    Messages:
    187
    By the way the script infected the website url information in a thread. I had to clear out the information in that website field if it contained the offending script, a few posts might not have the website url in the post.

    David
     
  9. Jerry944t

    Jerry944t Well-Known Member

    Joined:
    Jan 29, 1998
    Messages:
    1,860
    Location:
    PA
    It seemed like it was a sql injection virus. McAfee picked it for me and when I checked the virus data base it was a Trojan that directed you to a gaming site. Not horribly dangerous but I bet you were not pleased David.

    Thanks for the quick response.

    Jerry Weger
     
  10. david

    david Member

    Joined:
    Jan 29, 1998
    Messages:
    187
    Jerry, do you have what virus your McAfee thought was? The Trojan name perhaps?

    No I wasnt happy, at least, it appears that it was just someone trying to redirect users to a website and not infiltrate a users computer.

    David
     
  11. Jerry944t

    Jerry944t Well-Known Member

    Joined:
    Jan 29, 1998
    Messages:
    1,860
    Location:
    PA
    David I have it on my work computer..maybe. My virus scan picked it up and deleted it. I may have it saved in my scan report. If so I'll let you know but it will be tomorrow.

    It did say it was redirecting to a game web site and the threat was "minimal."

    It's happening all over the net and many sites have been hit. It's not really a virus but a re direction Trojan. The trouble is in probably got into every record in your data base which is typical and is a nuisance to remove.

    As you know it's a SQL injection script and if it finds a vulnerable site it injects it's own code.

    I really hope that everyone who used TS.com today does a virus scan ASAP.

    Jerry
     
  12. whiz white

    whiz white Strong Supporter of Trapshooting Banned

    Joined:
    Jan 29, 1998
    Messages:
    4,771
    Location:
    Rapid City SD
    David: If you remember, just prior to the introduction of the new moderators I had come across many, many ficticious users from the Netherlands, and some from other countries.

    They are probably at it again.

    It would be nice to know the IPA and then we could do a search of IPA's that are close.

    WW
     
  13. david

    david Member

    Joined:
    Jan 29, 1998
    Messages:
    187
    I searched the ip addresses from where they tried to hack in from, it was a bunch so they are probably using someone elses etc. I found no matching ip addresses in the users table. I dont think it was a shooter, just a web site operator trying to drive traffic to their site is my guess.

    David
     
  14. crusha

    crusha TS Member

    Joined:
    Jan 29, 1998
    Messages:
    5,762
    MIA,

    When Nancy finds out you've been frequenting plumpers.com, you are d-e-a-d, dead.
     
  15. ec90t

    ec90t Guest

    I had a virus of some sort show up on my computer this evening. My anti-virus software caught it and has since been removed from my computer. I don't know where it came from, but it was probably in emails.

    ec90t
     
  16. traploader

    traploader Member

    Joined:
    Jan 29, 1998
    Messages:
    282
    David,

    This morning I was checking a post from the previous night and a program called wow.exe tried to load itself on my computer. I deleted my post. Hope this helps.

    Ian
     
Thread Status:
Not open for further replies.