webroot protection insufficient for internet explorer

WSA may not have given the phishing attack warning under Edge (because there is currenlty no Web Threat Extension available) but when the payload attempted a download it was instantly dtected by WSA and quarantined.
 
So no issue here in terms of WSA protection.
 
And by the way, I hope that you are not indulging or reporting on previate malware testing activity as to do so is contrary to Community Guidelines...;)
 
Regards, Baldrick

Someone please post the correct URL to the Blocked site! This is not the correct URL showing in the Blocked pages posted: https://www.300mbmoviess.com
@
 
03/29 21:37:40:693 2716 Info: UrlCat Ticks=157 Br= [{"URL":","BCRI":80,"ALCAT":0,"RTAP":0,"BLK":0,"REF":1]https://www.300mbmoviess.com/","CAT.CONF":["30.90","78.90"],"BCRI":80,"ALCAT":0,"RTAP":0,"BLK":0,"REF":1}]
03/29 21:37:42:087 2716 Info: OPERATION_PHRESHFISH Handle=00000C74 RESET
03/29 21:37:42:324 2716 Info: OPERATION_GETCONFIG Br=
03/29 21:37:42:324 2716 Info: Browser: Firefox
03/29 21:37:42:362 2716 Info: UrlCat Ticks=0 Br= [{"URL":","BCRI":80,"ALCAT":0,"RTAP":0,"CACHED":1,"BLK":0,"REF":1]https://www.300mbmoviess.com/","CAT.CONF":["30.90","78.90"],"BCRI":80,"ALCAT":0,"RTAP":0,"CACHED":1,"BLK":0,"REF":1}]
03/29 21:37:42:491 2716 Verbose: PhreshPhish to server request
03/29 21:37:42:753 2716 Info: PhreshPhish Score=1 Ticks=344 Phish=0 White=0 Url=https://www.300mbmoviess.com/
03/29 21:37:42:753 2716 Info: PHISH Br= [{"ISPHIS":0,"ISWHT":0,"SCORE":1}]
 

 

 
03/29 21:45:16:819 2716 Info: Browser: Firefox
03/29 21:45:17:877 2716 Info: OPERATION_PHRESHFISH Handle=00000C74 RESET
03/29 21:45:21:097 2716 Info: UrlCat Ticks=94 Br= [{"URL":","BCRI":10,"ALCAT":1,"RTAP":0,"BLK":1,"BLKREASON":57,"EXTRA":"","REF":1]https://budgement.info/","CAT.CONF":["57.70"],"BCRI":10,"ALCAT":1,"RTAP":0,"BLK":1,"BLKREASON":57,"EXTRA":"","REF":1}]
03/29 21:45:21:423 2716 Info: OPERATION_PHRESHFISH Handle=00000C74 RESET
 
 

If you run into malicious URLs that are not blocked, you can submit a URL Categorization Change Request to have it classified as a Malware Site.
 
-Dan

Irrespective of whether the Web Threat Extension provides warning or not (it does nothing much more than provide the warnings) you are still 100% protected by WSA which will detect the malicious payload when it tries to run and will block/quarantine it, as it did when the page was access under Edge...so still really no worries.
 
Baldrick

@ wrote:

What is the point your trying to make? You just post pictures???? If your Malware testing we ask you not to posts topics on such things so please read this:
 
"From the Community Guidelines: https://community.webroot.com/t5/Announcements/Webroot-Community-Guidelines/td-p/2

 
No Private Testing Discussions.
"We do not condone private malware testing by end-users.  This is never a good idea, and in some areas it's actually illegal.  The whole point of antivirus software is to not get infected, and unfortunately when somebody sets a bad example, there will always be others who are influenced into following the same path.  It's not something we want to allow to be encouraged."
 
The reality is that it requires a very talented professional to so this safely, otherwise there exists huge risks of damage not only to your own computer but also a risk of releasing the malware to others. The average user is simply not safe in attempting this, yet discussion regarding it would encourage others to try it, with potential disasterous results.
 
Think of it like a beginner PC tech working from home with no real training or experience. How often have we heard stories of a PC being brought to the 'kid next door' to be worked on with disastrous results? Plenty!
 
We always advise that general users never attempt hardware repair on their own due to the risks, and the same holds true here.
 
This Forum, provided by Webroot, is designed with the average user in mind, to help them with day to day problems using the software, just as many PC troubleshooting forums sponsored by the PC manufacturers do not go into the technical areas of hardware repair.
 
We therefore are asking you to remove any references regarding the testing of malware and refrain from doing so in the future. But we are also happy to answer any questions, that conform to these guidelines. If you have some specific details of malware tests that you wish to present and/or query with Webroot then this is best done directly rather than here, and can be accomplished by Opening a Support Ticket, which will most probably be passed to one of Webroot's professional Threat Researchers for review & progressing.
 
Thank you for your understanding and co-operation in this matter."

 
That's odd. I don't get a page block from Webroot at all in Firefox, either. It goes straight to the site. Here's the site in my Google search returns.
 

I don't know. There are obviously differences based on user's individual setups. But as Baldrick has stated. You're still protected from any malicious payload should anything try to execute. Personally, I would just use a different site as that one appears very problematic. I avoid any site that forces popups, popunders, etc. But that's just me. Everyone has there own preference and opinion. ;)
 
BD
 

@ wrote:
We have tested the URL https://www.300mbmoviess.com/ on our VMs, the popup URLs change not only from browser to browser, but also each time you access the website again.

We are evaluating the risks of the popups not currently being under blocked categories, however we confirm that there is no discrepancy in behavior between browsers, the different behavior depends on the URL contained in the popup.
 
-Dan

Thanks Dan!
 
Daniel 😉

In my humble opinion you are helping no one but yyourself...the URLs of these sites are discernable from the screenshots and could induce a user who knows no better to try them out. As Dan has posted...if you have some sites that are suspicious or the like then submit a reprutation change request.
 
That is the correct thing to do.
 
Baldrick

@ wrote:

What is the point your trying to make? You just post pictures???? If your Malware testing we ask you not to posts topics on such things

@ wrote:
In my humble opinion you are helping no one but yyourself...

@ wrote:

I concur with JP.

Whilst I agree that @'s screenshot post was not clear and initially confusing (at least for me), and also agree that it is generally not advisable to post screenshots of potential malware links on this Forum, I do feel that these reactions are a bit over the top (...as if: "We think this poster might be a troll, so let's immediately jump on him :@" ).

My feeling is that this kind of thing does no favours to this (otherwise very friendly) Forum.

Just my 2 cents worth (not asking people agree with me. Just expressing my opinion) ;)

 
I concur with JP.
Whilst I agree that @bjm_'s screenshot post was not clear and initially confusing (at least for me), and also agree that it is generally not advisable to post screenshots of potential malware links on this Forum, I do feel that these reactions are a bit over the top (...as if: "We think this poster might be a troll, so let's immediately jump on him :@" ).
My feeling is that this kind of thing does no favours to this (otherwise very friendly) Forum.
Just my 2 cents worth (not asking people agree with me. Just expressing my opinion) ;)

Thanks for the great input,@Muddy7 :catwink:
 
We encourage everyone to share their opinions here on the Community, so long as they do it in a respectful manner that is not degrading to any other user.
 
Let's assume that everyone here has the best intent in their heart and not post responses that can lean towards sarcastic.

I repeat...in the context of the OP's subject for the thread "webroot protection insufficient for internet explorer"...irrespective of whether the Web Threat Extension provides warning or not (it does nothing much more than provide the warnings) you are still 100% protected by WSA which will detect the malicious payload when it tries to run and will block/quarantine it.Therefore, IMHO, WSA provides more than sufficient protection for users who may be using IE...even for those that do not seem to have a working Web Filtering extension. Baldrick