Jump to content

Recommended Posts

Posted

Hi, I have some alerts on NOD Eset management console: blocked by PUA blacklist - it seems as something is opening a website ofhappinyer.com

I have scaned the system of the user, I have checked the chrome extentions, I have checked the history of visited sites, there is nothing special, also no new programs have been installed since the user is not local admin.

Does anyone have similar problems, can you help me remove this from the unit and get rid of this every day alerts?

Thank you

 

Posted (edited)

Hybrid-Analysis scan of the site which also includes Virus Total results shows the web site is 100% clean: https://www.hybrid-analysis.com/sample/8993479e8b7d46961d12bbacdb6bb58d6cb659b236b08f5cb3fd2f16a21de852 . This means Eset doesn't detect the site on VT.

Suspect you are being redirected to somewhere else; i.e. phishing. Post the Eset event log entry details for the PUA detection.

Edited by itman
Posted

What is occurring is some type of redirect to supposedly ofhappinyer.com. If you try to access it directly via URL:   https://ofhappinyear.com/ , you will get a browser connection error. Strongly suspect it is some type of adware site.

Posted (edited)
6 hours ago, marbaj1 said:

Attached is the log export file.

NOD-log-export.txtUnavailable

Only Eset moderators can read forum attachments.

I asked you to copy the Eset PUA alert log entry from Eset's Filtered websites log and paste the entry into a forum reply.

Edited by itman
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...