FLApathy Posted December 9, 2005 Share Posted December 9, 2005 (edited) ok ok, this is weird you know how it says NPORA->General topics->WTF well look at it again, it says Flea->General topics->WTF or at least it does on mine and then where it says NPORA again on the same line that has the search bar it says "Naked Python O*** A*** S**" wtf is going on i havent be following up on the virus thread but i think that may have something to do with it, i really hope im not the only one who sees this edit: ok i see this was addresed in the virus thread but i figured id keep it here for ppl who havent been following that thread Edited December 9, 2005 by FLApathy Link to comment Share on other sites More sharing options...
Precise1 Posted December 9, 2005 Share Posted December 9, 2005 You are not the only one who sees it. I suspect someone found a back door to the site and is fooling around. So far it can be fixed, but not by me. Lets hope they had their fun and don't really trash things, it would be a shame to lose our database of information or be unable to access the site. We'll find out I suppose... :furious: B Link to comment Share on other sites More sharing options...
FLApathy Posted December 9, 2005 Author Share Posted December 9, 2005 yup, dang it Link to comment Share on other sites More sharing options...
Tx_Atty Posted December 9, 2005 Share Posted December 9, 2005 i hope someone is orchestrating a data backup! Link to comment Share on other sites More sharing options...
94extreme Posted December 9, 2005 Share Posted December 9, 2005 yeah. many of my other forii have gotten hacked in the last couple of month... just in case see you guys here: http://wd21forums.damagedreality.com/phpbb/index.php Link to comment Share on other sites More sharing options...
Precise1 Posted December 9, 2005 Share Posted December 9, 2005 Ok, did some poking on my comp and came up with this... http://127.0.0.1:1027/js.cgi?pca&r=26969 js[1] HTTP/1.0 200 OK Content-type: application/x-javascript I believe thats what JS.Wonka puts in your index.dat file in Content.IE5 (IE6 or IE7 if thats your version ?) folder on your computer. that IP just comes up as 'localhost'. Anyone know anything more ?? B Link to comment Share on other sites More sharing options...
Vsicks Pathy Posted December 9, 2005 Share Posted December 9, 2005 You are not the only one who sees it. I suspect someone found a back door to the site and is fooling around. So far it can be fixed, but not by me. Lets hope they had their fun and don't really trash things, it would be a shame to lose our database of information or be unable to access the site. We'll find out I suppose... :furious: B Don't give the dickhead any ideas B. Jim will have to get this sorted out. Link to comment Share on other sites More sharing options...
vengeful Posted December 9, 2005 Share Posted December 9, 2005 Something similar happened to my forums...when I tried to alleviate it, the forum software disappeared off my host. However, the DB was still there. Had to reinstall the forum software and everything went back to normal. Now I've got added security on the host and on the forums... Link to comment Share on other sites More sharing options...
deadkennedys Posted December 10, 2005 Share Posted December 10, 2005 well isnt that lovely why do ppl even do this Link to comment Share on other sites More sharing options...
Harbinger Posted December 10, 2005 Share Posted December 10, 2005 Something is going on, I'm seeing the "Naked Python Oral A**l S*X", and "Fle" instead of NPORA. That and it looks like someone added a line to my sig. I may be floundering with PS but I don't care to advertise. Bastards. Link to comment Share on other sites More sharing options...
FLApathy Posted December 10, 2005 Author Share Posted December 10, 2005 lol, yeah we know about the python stuff Link to comment Share on other sites More sharing options...
DSM_guy Posted December 10, 2005 Share Posted December 10, 2005 oh noes! weve been haxored!!! this has happened to several forums (in the past) that im a member of. usually its nothing big...but other times they really wipe it out. lets hope they have had their fun and are moving on. im gonna :help: Link to comment Share on other sites More sharing options...
SC88Pathy Posted December 10, 2005 Share Posted December 10, 2005 You guys think my mac will be affected? Also i noticed that link B was posted yesterday, i posted about it in w00t 400 Link to comment Share on other sites More sharing options...
kmgar99 Posted December 10, 2005 Share Posted December 10, 2005 My McAfee popped up with a "Trojan Detected amd Cleaned" message as soon as I selected this site from my favorites....So far I don't see anything wierd at all! If you guys have any virus software then update it and run it. Also needs to be run on the host server since that's where it originated from. If you don't then follow the linky to a free one.. FREE VIRUS SCAN Link to comment Share on other sites More sharing options...
Mr. Pickles Posted December 10, 2005 Share Posted December 10, 2005 My McAfee popped up with a "Trojan Detected amd Cleaned" message as soon as I selected this site from my favorites....So far I don't see anything wierd at all! If you guys have any virus software then update it and run it. Also needs to be run on the host server since that's where it originated from. If you don't then follow the linky to a free one.. FREE VIRUS SCAN That's what I had too, McAfee popped up with the Trojan horse message earlier, but it said it was handled. I didn't even make the NPORA connection in my head, but I had just jumped onto the forum. I still saw the "flea" thing and though B was screwing around. Hopefully that is all, and we'll be ok from now on. Link to comment Share on other sites More sharing options...
94extreme Posted December 10, 2005 Share Posted December 10, 2005 looks like we made it through this one.. Link to comment Share on other sites More sharing options...
SC88Pathy Posted December 10, 2005 Share Posted December 10, 2005 No we are still hacked and we are still being redirected to something nasty every time you click a page. Specifically we are being redirected to: http://85.255.113.10/?to=nan24&from=in This needs to be removed ASAP! Link to comment Share on other sites More sharing options...
FLApathy Posted December 11, 2005 Author Share Posted December 11, 2005 i clicked on that and it said page cannot be displayed, i can clink on a page and what i clicked is what pops up Link to comment Share on other sites More sharing options...
Precise1 Posted December 11, 2005 Share Posted December 11, 2005 The JS.Wonka is still present, my firewall picks it up every time. Oddly enough, sometimes it can deal with it, other times not. I'm not sure why, but I am certain different computer security set ups get different effects. B Link to comment Share on other sites More sharing options...
94extreme Posted December 11, 2005 Share Posted December 11, 2005 hmmm??? everything looks good from here.. Link to comment Share on other sites More sharing options...
kmgar99 Posted December 11, 2005 Share Posted December 11, 2005 I get it every other time...I run Zone Alarm, and McAfee. Link to comment Share on other sites More sharing options...
vengeful Posted December 11, 2005 Share Posted December 11, 2005 Hmm....wierd....I run ZA and McAffee, too....I also run Anti-Spyware and Ad-Aware....haven't seen a damn thing unusual pop up from this site. Must be the triple firewall, and adaptive IP blocking we have set up.... Link to comment Share on other sites More sharing options...
Pezzy Posted December 11, 2005 Share Posted December 11, 2005 I aint seen sh*t! Firefox saves the day?? *hopes* Link to comment Share on other sites More sharing options...
DJ Dank Posted December 11, 2005 Share Posted December 11, 2005 I aint seen sh*t! Firefox saves the day?? *hopes* ditto Link to comment Share on other sites More sharing options...
DSM_guy Posted December 12, 2005 Share Posted December 12, 2005 firefox here as well. im about sick of microsoft products. if i could afford a halfway decent mac i would in a heartbeat. between windows, MSN messenger, and IE...iv about had it! but uh yeah..no worries here so far -bounce- Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now