Am getting this message " Nuclear Exploit Kit Re-direct 4" from my virus checker each time I log into this site. Anyone know what it is? Apparently it is serious, but why is this site giving it to me?
Desert Dweller said
07:26 PM Feb 21, 2016
We got the same message from Norton. It seems to have gone now thank goodness.
rockylizard said
07:35 PM Feb 21, 2016
Gday...
I experienced this twice earlier this arvo whenever I returned to 'main page' after viewing a sub -forum.
Not the same as you had Ian ... and it hasn't appeared since I have been back on.
Judging that the 'source/target' of the 'virus' was the "*gif" file, I assume it was within one of the ads on the top of the forum.
[edit: had to stop the server converting the 'virus' path (of that *gif file) to an active website - which had the HTML/Framer virus still active]
Cheers - John
-- Edited by rockylizard on Sunday 21st of February 2016 07:40:09 PM
I PM'd Cindy (Webmaster) with advice of my encounter with that 'virus'.
Unfortunately I could not insert a photo/pic into a PM so I just had to explain it.
Perhaps you should PM Cindy and explain what you have been encountering.
Cheers - John
kandagal said
08:01 PM Feb 21, 2016
We got an alert too from Norton. They took care of it ok I assume.
rockylizard said
08:03 PM Feb 21, 2016
Gday...
Unfortunately, kandagal, if you click on, or enter it into a browser, that WWW site ending in 200x100.gif you will find the 'virus' is still active.
My Virus Scanner identified it again when I accidently clicked on that WWW site before.
I have PM'd Cindy and included the link to this thread so she can see the photos/pics of Ian's and mine.
Cheers - John
iana said
08:21 PM Feb 21, 2016
Thankyou John, its a persistent little bugger, glad to know I am not the only one getting treatment.
P.S. I am getting really p---ssed off with w10, can feel an apple coming on.
banjo said
09:21 PM Feb 21, 2016
iana wrote:
Thankyou John, its a persistent little bugger, glad to know I am not the only one getting treatment. P.S. I am getting really p---ssed off with w10, can feel an apple coming on.
Joined the fruit company 6 months ago, best thing ever, no more bugs or virus now and even better no more windoz updates.
Woody n Sue said
09:49 PM Feb 21, 2016
Is Apple is good
So far anyway
Moorey said
10:21 PM Feb 21, 2016
Hi All
I have been receiving notice from Nortons that it has blocked an attack for the past three days.
Sometimes it disappears after rebooting but eventually returns. Surely there must be a lot of members with this problem.
Yep - same here too - I've got Norton as well. Had been away for 3 days and not used computer. Soon as I switched on it said "Norton has successfully blocked Nuclear Exploit Kit Redirect 4". Details: Grey Nomads. Will try re-booting.
???
Bruce and Bev said
11:01 PM Feb 21, 2016
Stopped running Norton years ago - it slows down your system, not that great at the job, takes up a lot of memory and generates rubbish like this.
Many professional IT'ers don't use Norton for the same reasons.
I use Trend Micro - its fast, doesn't take up a heap of space and originally developed in Australia (although now USA based - but with an Aussie office and greeks still working there). It will auto up-date and check your drives without you being aware of it at all - if that's what you want and it doesn't slow you down as it works in the background. Has lots of other features in it as well that Norton doesn't have
Bushpie said
11:24 PM Feb 21, 2016
Good move Bruce moving on from Norton. Thoroughly recommended for all GNs ..... Trend Micro is a far better option...... Another very good one is nod32 which I use
The Phantom said
11:28 PM Feb 21, 2016
Anyone remember the Peter Paul and Mary song "Where Have All the Flowers Gone"
Oh When will they ever learn
Oh When will they ever learn.
Forget Norton, Trend Micro, AVG and Avast. Load Linux Mint 17 and never have a virus again.
Oh When will they ever learn.
The Phantom
Andrea said
11:42 PM Feb 21, 2016
I've already PM'd Cindy - had a message a couple of days ago; she thought it was fixed and it was OK for a bit, then ZoneAlarm came up with the same virus message again. I let her know again and I guess the crew are still working on it...
Andrea
Santa said
11:55 PM Feb 21, 2016
Bruce and Bev wrote:
Stopped running Norton years ago - it slows down your system, not that great at the job, takes up a lot of memory and generates rubbish like this.
Many professional IT'ers don't use Norton for the same reasons.
I use Trend Micro - its fast, doesn't take up a heap of space and originally developed in Australia (although now USA based - but with an Aussie office and greeks still working there). It will auto up-date and check your drives without you being aware of it at all - if that's what you want and it doesn't slow you down as it works in the background. Has lots of other features in it as well that Norton doesn't have
Same here Bruce, Norton is a resource hogging nightmare, have not used it for years.
Uninstalling it is also a drama, Unfortunately Norton products tend to install themselves deep down into the critical parts of your system and if the product becomes damaged in some way you have a big problem.
After using Norton, AVG, Trend Micro, Mcafee and Bit Defender over a long period of time, I now use the security software included in the cost of Windows 10,Windows Defender, unobtrusive and works like a charm.
As a bonus I don't have security software companies pestering me to renew every12 months.
I also use an Ad blocker and have not seen any sign of "Nuclear Exploit Kit Re-direct 4"
Jaahn said
08:39 AM Feb 22, 2016
Santa wrote:
Same here Bruce, Norton is a resource hogging nightmare, have not used it for years.
Uninstalling it is also a drama, Unfortunately Norton products tend to install themselves deep down into the critical parts of your system and if the product becomes damaged in some way you have a big problem.
After using Norton, AVG, Trend Micro, Mcafee and Bit Defender over a long period of time, I now use the security software included in the cost of Windows 10,Windows Defender, unobtrusive and works like a charm.
As a bonus I don't have security software companies pestering me to renew every12 months.
I also use an Ad blocker and have not seen any sign of "Nuclear Exploit Kit Re-direct 4"
Hi
I am no computer wizz so when I purchased a new laptop a few years back I asked the computer nerd from the uni where I had worked what to use. He spends his time fending off viruses etc for a living. He told me he used the free Windows one personally and recommended it for any other people who would listen. At work he has more tools of course. He thought the above mentioned ones are rubbish in general and not worth ANY money.
So that is what I use and it has protected my computer OK since. Microsoft Security Essentials and my system is Windows 7. The only problem I have found with Norton and Macafee is they download themselves automatically with some other programs sometimes when you are not watching and then start their rubbish promotions and scare programs finding non existent problems. I then just delete them as best I can. I run the above program manually as well sometimes if i think there is a problem showing and only once have then found a virus which it cleared, normally it just works in the background.
I guess this will promote discussion on value etc. Seems like people will not spend a few dollars on wheel studs but are happy to waste money on rubbish programs when a free one from the biggest name in the business is given free Ahh--- human nature ??? What was that statement about a fool and their -----
Cheers jaahn
-- Edited by Jaahn on Monday 22nd of February 2016 08:42:55 AM
Webmaster said
08:43 AM Feb 22, 2016
Hi all, We have contacted our web developers to report this problem and hopefully sort it out. They, and another company, have scanned our website and could not find any evidence of any virus or malware. It seemed to have been fixed last week but we note that the message has come up again. We have now employed a specialist security company who say they will be able to fix this. Please bear with us ... we're hoping all will be sorted out soon.
Santa said
09:10 AM Feb 22, 2016
Jaahn wrote:
The only problem I have found with Norton and Macafee is they download themselves automatically with some other programs sometimes when you are not watching and then start their rubbish promotions and scare programs finding non existent problems. I then just delete them as best I can.
I agree Jaahn, you really need to be on your toes when downloading programs, most of them have difficult to see tick boxes during the installation process that allow you to decline the trial offer, if you miss them and simply follow the bouncing ball you finish the process with your default browser having been changed and an unwanted security program that needs to be uninstalled.
Inconvenient, annoying and for some a major problem working out how to get back to their preferred configuration.
Santa said
09:12 AM Feb 22, 2016
Webmaster wrote:
Hi all, We have contacted our web developers to report this problem and hopefully sort it out. They, and another company, have scanned our website and could not find any evidence of any virus or malware. It seemed to have been fixed last week but we note that the message has come up again. We have now employed a specialist security company who say they will be able to fix this. Please bear with us ... we're hoping all will be sorted out soon.
Must be a nightmare trying to stay on top of these issues Cindy.
TrendMicro and TrendMicro-HouseCall found "Mal_Hifrm-2" but all other AV software reported that the file was clean. Previously TrendMicro's online URL scanner reported that the URL was not infected.
rockylizard said
10:45 AM Feb 22, 2016
Gday...
Interesting results Dorian Thanks.
I notice AVG scan "timed out" according to the report - wonder what that means?
However, at least AVG on my computer picked it up, cleaned it and removed it.
Cheers - John
dorian said
01:40 PM Feb 22, 2016
If we examine the source for the page we are looking at now, we find that the GIF file's URL is located within a DIV block whose attribute is "display:none;". I'm not a HTML programmer, but presumably this means that the problematic content is not displayed. (In Firefox select View -> Page Source.)
When we examine the "GIF" file in a text editor, we see typical HTML header information followed by a data block disguised as hexadecimal ASCII. This data block is really a block of HTML code.
This is how it appears in its encoded form (only a small excerpt at the beginning is shown):
ISTM that this block of code is a devious, convoluted mechanism for evading ad blockers in one's browser. It appears that its function is to serve up an ad, whether we like it or not.
The server's domain name resolves to an IP address of 188.166.149.17 which is owned by Digital Ocean, Inc.
Interestingly, in several Slavic languages "ogromnuezadnicu" translates as "enormous backside". Where else would ads come from?
After we get past the initial ad, the GIF/HTML file just serves up regular Grey Nomad content.
If you are one of the growing army of grey nomads discovering, or hoping to discover, the joys of the open road in this wonderful country, then this site is for you.
Webmaster said
04:50 PM Feb 22, 2016
Thanks for your patience everyone. A specialist company has now given the site a full check over, and put in place systems to make sure we don't get this sort of incident again. Everything should now be back to working as it should be. Please drop me a line if any of you are still having any sort of issues. Thanks again for your patience.
Moorey said
06:38 PM Feb 22, 2016
Thank you Cindy a job well done as we have come to expect. I believe you are under paid.
Dave
Sharke said
10:23 PM Feb 22, 2016
I Use UBUNTU LINUX operating system on my laptop and have done for the past 5 years and never had avirus.
Cheers
Jeff
Santa said
10:41 PM Feb 22, 2016
Linux is simply not a practical solution for most users.
If you want to exercise your brain a little, use Linux. If you are prepared to put money in Bill Gates rather large pockets, use Windows. The choice really is yours.
Am getting this message " Nuclear Exploit Kit Re-direct 4" from my virus checker each time I log into this site. Anyone know what it is? Apparently it is serious, but why is this site giving it to me?
Gday...
I experienced this twice earlier this arvo whenever I returned to 'main page' after viewing a sub -forum.
Not the same as you had Ian ... and it hasn't appeared since I have been back on.
Judging that the 'source/target' of the 'virus' was the "*gif" file, I assume it was within one of the ads on the top of the forum.
[edit: had to stop the server converting the 'virus' path (of that *gif file) to an active website - which had the HTML/Framer virus still active
]
Cheers - John
-- Edited by rockylizard on Sunday 21st of February 2016 07:40:09 PM
What do I do to stop this from happening?
Gday...
I PM'd Cindy (Webmaster) with advice of my encounter with that 'virus'.
Unfortunately I could not insert a photo/pic into a PM so I just had to explain it.
Perhaps you should PM Cindy and explain what you have been encountering.
Cheers - John
Gday...
Unfortunately, kandagal, if you click on, or enter it into a browser, that WWW site ending in 200x100.gif you will find the 'virus' is still active.
My Virus Scanner identified it again when I accidently clicked on that WWW site before.
I have PM'd Cindy and included the link to this thread so she can see the photos/pics of Ian's and mine.
Cheers - John
P.S. I am getting really p---ssed off with w10, can feel an apple coming on.
Joined the fruit company 6 months ago, best thing ever, no more bugs or virus now and even better no more windoz updates.
So far anyway
Hi All
I have been receiving notice from Nortons that it has blocked an attack for the past three days.
Sometimes it disappears after rebooting but eventually returns. Surely there must be a lot of members with this problem.
I have Microsoft 7.
Lets all keep our fingers crossed.
Dave
???
Many professional IT'ers don't use Norton for the same reasons.
I use Trend Micro - its fast, doesn't take up a heap of space and originally developed in Australia (although now USA based - but with an Aussie office and greeks still working there). It will auto up-date and check your drives without you being aware of it at all - if that's what you want and it doesn't slow you down as it works in the background. Has lots of other features in it as well that Norton doesn't have
Anyone remember the Peter Paul and Mary song "Where Have All the Flowers Gone"
Oh When will they ever learn
Oh When will they ever learn.
Forget Norton, Trend Micro, AVG and Avast. Load Linux Mint 17 and never have a virus again.
Oh When will they ever learn.
The Phantom
Andrea
Same here Bruce, Norton is a resource hogging nightmare, have not used it for years.
Uninstalling it is also a drama, Unfortunately Norton products tend to install themselves deep down into the critical parts of your system and if the product becomes damaged in some way you have a big problem.
After using Norton, AVG, Trend Micro, Mcafee and Bit Defender over a long period of time, I now use the security software included in the cost of Windows 10,Windows Defender, unobtrusive and works like a charm.
As a bonus I don't have security software companies pestering me to renew every12 months.
I also use an Ad blocker and have not seen any sign of "Nuclear Exploit Kit Re-direct 4"
Hi
I am no computer wizz so when I purchased a new laptop a few years back I asked the computer nerd from the uni where I had worked what to use. He spends his time fending off viruses etc for a living. He told me he used the free Windows one personally and recommended it for any other people who would listen. At work he has more tools of course. He thought the above mentioned ones are rubbish in general and not worth ANY money.
So that is what I use and it has protected my computer OK since. Microsoft Security Essentials and my system is Windows 7. The only problem I have found with Norton and Macafee is they download themselves automatically with some other programs sometimes when you are not watching and then start their rubbish promotions and scare programs finding non existent problems. I then just delete them as best I can. I run the above program manually as well sometimes if i think there is a problem showing and only once have then found a virus which it cleared, normally it just works in the background.
I guess this will promote discussion on value etc. Seems like people will not spend a few dollars on wheel studs but are happy to waste money on rubbish programs when a free one from the biggest name in the business is given free
Ahh--- human nature ??? What was that statement about a fool and their -----
Cheers jaahn
-- Edited by Jaahn on Monday 22nd of February 2016 08:42:55 AM
Hi all,
We have contacted our web developers to report this problem and hopefully sort it out. They, and another company, have scanned our website and could not find any evidence of any virus or malware. It seemed to have been fixed last week but we note that the message has come up again. We have now employed a specialist security company who say they will be able to fix this. Please bear with us ... we're hoping all will be sorted out soon.
I agree Jaahn, you really need to be on your toes when downloading programs, most of them have difficult to see tick boxes during the installation process that allow you to decline the trial offer, if you miss them and simply follow the bouncing ball you finish the process with your default browser having been changed and an unwanted security program that needs to be uninstalled.
Inconvenient, annoying and for some a major problem working out how to get back to their preferred configuration.
Must be a nightmare trying to stay on top of these issues Cindy.
These online tools might be useful:
Free Online Tools for Looking up Potentially Malicious Websites:
zeltser.com/lookup-malicious-websites/
I tried the following tool and it found no bad stuff:
global.sitesafety.trendmicro.com/
I downloaded the "GIF" file to my HDD. It was in fact a HTML file in disguise.
I then uploaded this HTML file to VirusTotal where it was scanned by 52 AV software products.
These are the results:
www.virustotal.com/en/file/df0e8f049f064f614d17ae646963ac40fccd23079700c05eb99bcc71cf1d236c/analysis/1456096642/
TrendMicro and TrendMicro-HouseCall found "Mal_Hifrm-2" but all other AV software reported that the file was clean. Previously TrendMicro's online URL scanner reported that the URL was not infected.
Gday...
Interesting results Dorian
Thanks.
I notice AVG scan "timed out" according to the report - wonder what that means?
However, at least AVG on my computer picked it up, cleaned it and removed it.
Cheers - John
If we examine the source for the page we are looking at now, we find that the GIF file's URL is located within a DIV block whose attribute is "display:none;". I'm not a HTML programmer, but presumably this means that the problematic content is not displayed. (In Firefox select View -> Page Source.)
When we examine the "GIF" file in a text editor, we see typical HTML header information followed by a data block disguised as hexadecimal ASCII. This data block is really a block of HTML code.
This is how it appears in its encoded form (only a small excerpt at the beginning is shown):
This is what the encoded part (7769...) looks like when it is decoded:
If we look further into this encoded block we find the URL of an ad server:
ISTM that this block of code is a devious, convoluted mechanism for evading ad blockers in one's browser. It appears that its function is to serve up an ad, whether we like it or not.
The server's domain name resolves to an IP address of 188.166.149.17 which is owned by Digital Ocean, Inc.
https://apps.db.ripe.net/search/query.html?form_type=simple&full_query_string=&searchtext=188.166.149.17&do_search=Search
Interestingly, in several Slavic languages "ogromnuezadnicu" translates as "enormous backside". Where else would ads come from?
After we get past the initial ad, the GIF/HTML file just serves up regular Grey Nomad content.
Thank you Cindy a job well done as we have come to expect. I believe you are under paid.
Dave
I Use UBUNTU LINUX operating system on my laptop and have done for the past 5 years and never had avirus.
Cheers
Jeff
Linux is simply not a practical solution for most users.
Top Ten Disadvantages of Linux
http://www.brighthub.com/computing/linux/articles/12838.aspx
Agreed. Linux is not for lazy computer users.
If you want to exercise your brain a little, use Linux. If you are prepared to put money in Bill Gates rather large pockets, use Windows. The choice really is yours.
The Phantom