Discussion in 'Report Forum' started by Terryy, Mar 31, 2017.
Web Attack: Exploit toolkit Website 16
Don't see it on any of the other forums I frequent.
Apparently, Norton will on occasion report a banner ad as the "exploit toolkit" you mentioned. This seems to be unique to Norton. I personally think that Norton is far down the list of anti-virus software, so my first recommendation would be to get something else like Avast, McAfee or Kaspersky.
I've been using Notron AV products for almost 20 years now and have never had an issue with them. I don't know why they get such a bad rap. And yes .. I do IT for a living. I'd rather have my security suite report false positives than let something slip by. I am getting the warning as well.
well, there is a trade off between resource utilization and letting stuff through. I personally think Norton is a resource hog compared to what is needed (and compared to other good av software), but I am fully aware that many others have a different opinion.
symantec has been kicking me some warnings on my work computer as well.
Just to follow up on this here's what Norton says about this:
This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects attempts to download exploits from a malicious toolkit which may compromise a computer through various vendor vulnerabilities.
Malicious toolkits contain various exploits bundled into a single package.Victim on visiting the malicious server hosting exploit toolkit is attacked with several different exploits
exploiting different vulnerabilities one by one.Exploits may include MDAC,PDF,HCP etc.
No further action is required but you may wish to perform some of the following actions as a precautionary measure.
• Run the Norton Power Eraser. (home users)
• Run the Symantec Power Eraser. (business users)
• Update your product definitions and perform a full system scan.
• Submit suspicious files to Symantec for analysis.
If you believe that the signature is reported erroneously, please read the following:
• Report a potential false positive to Symantec.
I get the warning in both Edge and Chrome with the Norton extensions. I don't get it in Firefox, mostly because I don't have the Norton extensions running there, but I do have AdBlock Pro and NoScript running and they caught and blocked the psychskins.com ref as malicious so there might be something to this. I remember about 10 years ago when I was a very active member of a Lexus IS forum something similar to his. A banner ad that the site was running had become compromised with malware and caused all kinds of havok. My Norton was doing the exact same thing, alerting me to the issue.
My computer suddenly won't allow access, indicates site is compromised.
I dug into this, the site is definitely compromised.
Admin, if you're reading this, good luck sorting this all out.
My home computer get directed to a different website immediately after the Shoforum page comes up. There is a comment about the Domain has expired and go to your control panel, etc. The site works fine on my tablet and other computers.
Same here since yesterday. Desktop only. I have since updated the mcafee sw and am hoping it will stop the redirect.
I'm still not getting any warnings or any redirects. I'm browsing with Chrome with AdBlock Plus extension enabled and have Avast free antivirus. I just scanned my machine and nothing inappropriate showed up in any of the anti-malware software I use.
Since this is happening to some but not all users, that suggests it is one of the following:
1. a browser-related vulnerability
2. a anti-virus related vulnerability
3. a snippet vulnerability where only part of the "bad" code is on the site server, and another part must be present on your computer (that you picked up elsewhere)
4. a mirror issue (if the site has more than one host) where one of the mirrors is corrupted
If you are getting the redirect, I suggest you visit MajorGeeks.com and go to their "how to remove malware" section, and follow the instructions explicitly to get rid of anything you have on your own computer. My experience is those guys are among the best and are on top of the crap that is out there.
Hope this helps someone.
I have updated the software to see if that helps.
Sorry for late response. I was on my honeymoon.
Boy, any excuse at all!
well, we thought we were on a honeymoon too, the forum was doing so well Thanks for fixing, no warnings anymore, at least on my browsers!
On my work computer, I have consistent block notifications popping up for a couple of days now. It never did that before. Nothing on the home computer though
Hopefully anyone's warnings will go away as the security programs update that we are clean again...
If you wish to help keep SHOforum running,
please click the donation button below
Separate names with a comma.