-
Posts
6 -
Joined
-
Last visited
Posts posted by Yevhen Sychov
-
-
2 minutes ago, itman said:
Also strange is all the detection hash values are different. Copy and post the first three hash values shown and I will see if I can find a match for them.
hxxp://ww1.bartzmovie.com/?sub1=7ff6acb0-47b3-11e9-b496-0f8abfda80ae 0D14BB0D32B4879D3C9FC52AD829D87674F2E559
hxxp://ww1.bartzmovie.com/?sub1=7ff6acb0-47b3-11e9-b496-0f8abfda80ae FDB03284DA239F29F63C8CC995770BD9D88F9067
hxxp://ww1.bartzmovie.com/?sub1=bfa05138-4667-11e9-b93f-11f91cb2fc4c FC7154DE4580C9C27B748765E5C6DF0858AA5AAB
thanks
-
-
4 hours ago, itman said:
The HTTP filter detections shown in the Cyber Security Pro log are detections and mitigations when a web site attempts to run a malicious JavaScript.
There is nothing to remove on your device since the malware is resident in the web page you accessed. In your case, the web page attempted to redirect the browser to another URL that was known to be malicious. Eset blocked the redirection attempt.
Obviously in the future, you want to avoid browsing to the source web site where the redirection was attempted.
Are you stating that these HTTP filter detections are occurring other than when a browser session is active?
that is the point - I don't use a browser in a time of such alerts.. but I'll continue my observations, thanks for the answer.
-
-
Quite often I get a notification about blocking opening of a url that leads to redirector trojan, but in the logs, I can't find any other information about which app tries to perform this action.
I am using Cyber Security Pro product(mac os), is it possible to get this app and remove it? Thanks!
How to understand which app executes "trojan url"
in Malware Finding and Cleaning
Posted · Edited by Yevhen Sychov
Seems I understood why it happens..
I don't know how it was added to the "Top hits" list(i suppose via js somehow), but it there and the top rated list is preloading by a browser(that explains random execution).
The solution is to reset the "Top hits" list in the safari.
Thanks to all for being participating.