Recently I tried to clean my saved passwords history. Found one old entry and tried to enter the site (to confirm I no longer need it). I am using Google Chrome.
This is the page: http : //w ww . p2w - cod4 . yoyo . pl
Then i had few redirects to a different domain. I closed the card immediately. Then I switched into incognito mode and tried again (as there are no extensions) to check. Now Norton Security has set a pop-up that I have "Malicious domain request 22" from "ro9 . biz". On the internet I found several entries that this website is a malware and IF I click somewhere it may pop some notifications in my browser (but I didn't). Since I immediately closed the tab in normal mode I have no entries in my browser.
This is a screen what I had in incognito mode:
In incognito mode Norton didn't go any further and stopped at ro9.biz website.
Steps I did after closing browsers:
1) Quick scan by Norton -> No items,
2) Full scan by Norton -> No items,
3) Power eraser by Norton -> No items,
4) Full scan by Malwarebytes -> No items,
5) I checked that I have no entries in "Notifications menu" or similar, no cookies, no new extensions,
6) No new applications in autostart, services etc.
Why does Norton in normal mode (not Incognito) allows to redirect to certain malware sites multiple times?
Should I be worried now?
Is it possible that this site (after all redirections) somehow steal cookies (session IDs)?
If the translation of your image in the first post is the same as shown in bjm_'s post saying 'No Action Required', it means that Norton did its job and blocked access to your system from any malicious behaviour.
So I got redirected to some random page (Immediately closed card). I'm clean. Is it possible that some end page will steal cookies (I didn't click any image or buttons)?
Because then i should visit all sites, then logout and login or even change my password.
Continue to the site
