Malicious Site: Malicious Domain Request 2
Severity: High
This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
Description
This signature detects a request to specific domains which characteristically has been known to host malicious exploits and executable files.
Additional Information
This signature detects a request to specific domains which characteristically has been known to host malicious exploits and executable files. Download of these files may result in the compromise of the target computer.
Response
The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.
1. Disable System Restore (Windows Me/XP).
2. Update the virus definitions.
3. Run a full system scan.
Safe Web Report for:
billion.uk.com
billion.uk.com
Web Site Location Unknown
icoCaution
CAUTION
Site Owner? Click here
Norton Rating
Safeweb Share
Norton Safe Web has analyzed billion.uk.com for safety and security problems. Below is a sample of the threats that were found.
Summary
Total threats on this site: 1
Web sites rated "Caution" may have a small number of threats and annoyances, but are not considered dangerous enough to warrant a red "Warning". Proceed with caution.
The Norton rating is a result of Symantec's automated analysis system. Learn more.
The opinions of our users are reflected separately in the community rating on the right.
Community Reviews (0)
Threat Report
small-warning
Drive-By Downloads
Threats found: 1
Here is a complete list: (for more information about a specific threat, click on the Threat Name below)
I run Norton 360 and have never received an alert for http://www.billion.uk.com/forum or when I've forgotten to add the /forum to the URL and gotten the Home page, but I don't use Norton Safe Web.
Some sites can occasionally have nasties attached to them when they are hacked but I don't know if this one has ever been.
If you get the alert with otherwise legit sites then it's possible that you've picked up a Google Redirect virus or some such other malicious toolbar and running IE without add-ons for the latter may confirm that.
Tomken wrote:I run Norton 360 and have never received an alert for http://www.billion.uk.com/forum or when I've forgotten to add the /forum to the URL and gotten the Home page, but I don't use Norton Safe Web.
Some sites can occasionally have nasties attached to them when they are hacked but I don't know if this one has ever been.
If you get the alert with otherwise legit sites then it's possible that you've picked up a Google Redirect virus or some such other malicious toolbar and running IE without add-ons for the latter may confirm that.
Thanks for that on MBAM - perhaps Norton 360 v7.0 has addressed that so I'll give it a try.
It caused a serious problem for me before by stopping the Microsoft Management Console (MMC) and I had to do a power shutdown.
Bandoo can be nasty as it can let in other viruses and can be difficult to otherwise get rid of http://www.file.net/process/bandoo.exe.html - fortunately AdwCleaner is specifically designed to get rid of these PuPs and an occasional scan with it as you would with any other scanner maybe worthwhile adding to the housekeeping.
Tomken wrote:Thanks for that on MBAM - perhaps Norton 360 v7.0 has addressed that so I'll give it a try.
Should be OK on all Norton products, according to their forum (but only the free / non-resident version of MBAM).
Tomken wrote:Bandoo can be nasty as it can let in other viruses and can be difficult to otherwise get rid of http://www.file.net/process/bandoo.exe.html - fortunately AdwCleaner is specifically designed to get rid of these PuPs and an occasional scan with it as you would with any other scanner maybe worthwhile adding to the housekeeping.
Thanks again for that - have added this to my housekeeping regimen.
) and everything is running fine.