Jump to content

Recommended Posts

Hi, I have some alerts on NOD Eset management console: blocked by PUA blacklist - it seems as something is opening a website ofhappinyer.com

I have scaned the system of the user, I have checked the chrome extentions, I have checked the history of visited sites, there is nothing special, also no new programs have been installed since the user is not local admin.

Does anyone have similar problems, can you help me remove this from the unit and get rid of this every day alerts?

Thank you

 

Share this post


Link to post
Share on other sites

Hybrid-Analysis scan of the site which also includes Virus Total results shows the web site is 100% clean: https://www.hybrid-analysis.com/sample/8993479e8b7d46961d12bbacdb6bb58d6cb659b236b08f5cb3fd2f16a21de852 . This means Eset doesn't detect the site on VT.

Suspect you are being redirected to somewhere else; i.e. phishing. Post the Eset event log entry details for the PUA detection.

Edited by itman

Share this post


Link to post
Share on other sites

What is occurring is some type of redirect to supposedly ofhappinyer.com. If you try to access it directly via URL:   https://ofhappinyear.com/ , you will get a browser connection error. Strongly suspect it is some type of adware site.

Share this post


Link to post
Share on other sites
6 hours ago, marbaj1 said:

Attached is the log export file.

NOD-log-export.txtUnavailable

Only Eset moderators can read forum attachments.

I asked you to copy the Eset PUA alert log entry from Eset's Filtered websites log and paste the entry into a forum reply.

Edited by itman

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...