Hi:
Yesterday I thought I went to dictionary.com. In my haste I mispelled it to dicKtionary.com...DON'T MAKE THAT MISTAKE! Webroot didn't catch what happened next. It was a severe porn site and it immediately downloaded 17 virus'. But I will say this, I have GREAT faith in Webroot and when I scanned it caught all of the virus'.
But the virus' did leave some setting that I will have to have removed..
Userlevel 7
+56
Welcome to our community! Sorry that you got infected, but glad to hear that Webroot picked them all up. What were the settings that you had to change back manually? Did it reset your browser homepage?
Userlevel 7
Hi iam.gift
Welcome to the Community Forums...:D
As Nic said, glad that WSA did the job for you...and remember that if you have an issue with dealing with what is left the you can open a Support Ticket and let the Support Team take a look for you.
Regards
Baldrick
Welcome to the Community Forums...:D
As Nic said, glad that WSA did the job for you...and remember that if you have an issue with dealing with what is left the you can open a Support Ticket and let the Support Team take a look for you.
Regards
Baldrick
Userlevel 7
Hi Nic
Just went over to BrightCloud and ran an URL/IP Lookup on the website reported by iam.gift and found this:
but interestingly enough at the bottom of the anlysis was the following which my give a clue as to what happened?:
So I am wondering if iam.gift should report this via the approrpiate channel, i.e., and IP Reputation Change Request? Because it looks like the Web Threat Shield did not catch it. What do you think?
Daniel has documented the process to use in this post.
Regards
Baldrick
Just went over to BrightCloud and ran an URL/IP Lookup on the website reported by iam.gift and found this:
but interestingly enough at the bottom of the anlysis was the following which my give a clue as to what happened?:
So I am wondering if iam.gift should report this via the approrpiate channel, i.e., and IP Reputation Change Request? Because it looks like the Web Threat Shield did not catch it. What do you think?
Daniel has documented the process to use in this post.
Regards
Baldrick
Userlevel 7
+3
Agree with Baldrick...if you check on the Registrar and extended associations: Dicktionary.com WHOIS, DNS, & Domain Info - DomainTools
Userlevel 7
+52
https://www.virustotal.com/ru/url/9937f63e4cb6f69615033949cbaa9519622d7db8013e886009e1ea5fc89903e3/analysis/
0/50
http://www.urlvoid.com/scan/dicktionary.com/
0/28
http://www.webutations.net/go/review/dicktionary.com
Suspicious site
http://urlquery.net/report.php?id=9669940
I passed to this site - loading of viruses isn't present. I advise to execute full check of the computer, including third-party scanners. The problem can be not in a site.
0/50
http://www.urlvoid.com/scan/dicktionary.com/
0/28
http://www.webutations.net/go/review/dicktionary.com
Suspicious site
http://urlquery.net/report.php?id=9669940
I passed to this site - loading of viruses isn't present. I advise to execute full check of the computer, including third-party scanners. The problem can be not in a site.
Userlevel 7
+3
@ wrote:
https://www.virustotal.com/ru/url/9937f63e4cb6f69615033949cbaa9519622d7db8013e886009e1ea5fc89903e3/analysis/
0/50
http://www.urlvoid.com/scan/dicktionary.com/
0/28
http://www.webutations.net/go/review/dicktionary.com
Suspicious site
http://urlquery.net/report.php?id=9669940
I passed to this site - loading of viruses isn't present. I advise to execute full check of the computer, including third-party scanners. The problem can be not in a site.
Thanks Petrovic. Yes, that's correct, but not all reports are clean, and you have to consider also phishing etc.
Here's one bad report, and I've another to follow:
Sucuri SiteCheck - Free Website Malware Scanner
I wouldn't trust it myself, or advise trust.
Userlevel 7
Hi Petr
I disagree with your diagnosis, in part, given what was listed at the bottom of the BrightCloud Analysis, i.e., the proxy link, plus what Dermot reported from his investigations.
Agree that a second opinion with an on demand scanner or scanning site (there are plenty to choose from in both cases) would be an excellent idea...just to be safe but given that WSA has come up clean...I would tend to go with the site or something about the site being an issue.
Hi iam.gift
Please let us know what you have decided to do...but if yo uhave any doubts then please Open a Support Ticket to let the Support Team investigate this more closely.
Regards
Baldrick
I disagree with your diagnosis, in part, given what was listed at the bottom of the BrightCloud Analysis, i.e., the proxy link, plus what Dermot reported from his investigations.
Agree that a second opinion with an on demand scanner or scanning site (there are plenty to choose from in both cases) would be an excellent idea...just to be safe but given that WSA has come up clean...I would tend to go with the site or something about the site being an issue.
Hi iam.gift
Please let us know what you have decided to do...but if yo uhave any doubts then please Open a Support Ticket to let the Support Team investigate this more closely.
Regards
Baldrick
Userlevel 7
+3
Userlevel 7
Hi iam.gift
Hope that you are well?
Any news/progress re. your issue? What did you decide to do in the end...if anything?
Do post back and let us know as the information can be of use in relation to future queries by users in the same area or with the same issue.
Many thanks in anticipation.
Regards
Baldrick
Hope that you are well?
Any news/progress re. your issue? What did you decide to do in the end...if anything?
Do post back and let us know as the information can be of use in relation to future queries by users in the same area or with the same issue.
Many thanks in anticipation.
Regards
Baldrick
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.