summitit 0 Posted November 1, 2016 Share Posted November 1, 2016 Hi All, Wondering if you can point me in the right direction. I've seen a few of these alert in my environment and I've done a scan on the systems that have generated this alert. They've all come up clean and I cannot find any additional info on this. Is ESET aware of this alert? What can I do to prevent this alert? Thanks in advance! Link to comment Share on other sites More sharing options...
TomFace 539 Posted November 1, 2016 Share Posted November 1, 2016 Can you give us a screen shot of the alert? Link to comment Share on other sites More sharing options...
Administrators Marcos 4,694 Posted November 2, 2016 Administrators Share Posted November 2, 2016 Or better copy & paste the appropriate record from ESET's logs but make sure the link is not clickable. Link to comment Share on other sites More sharing options...
summitit 0 Posted November 2, 2016 Author Share Posted November 2, 2016 I get an email notification: 11/2/2016 14:40:15 PM - Module HTTP filter - Threat Alert triggered on computer XXXXXXXXX: hxxp://cdn.altitude/ contains HTML/Refresh.BC trojan. 11/2/2016 14:40:32 PM - Module HTTP filter - Threat Alert triggered on computer XXXXXXXXX: hxxp://cdn.altitude/ contains HTML/Refresh.BC Trojan. Link to comment Share on other sites More sharing options...
itman 1,538 Posted November 2, 2016 Share Posted November 2, 2016 I get an email notification: 11/2/2016 14:40:15 PM - Module HTTP filter - Threat Alert triggered on computer XXXXXXXXX: hxxp://cdn.altitude/ contains HTML/Refresh.BC trojan. 11/2/2016 14:40:32 PM - Module HTTP filter - Threat Alert triggered on computer XXXXXXXXX: hxxp://cdn.altitude/ contains HTML/Refresh.BC Trojan. Possibly e-mail based? If your using an e-mail client, you should have hot linking disabled in the e-mail client. Link to comment Share on other sites More sharing options...
summitit 0 Posted November 3, 2016 Author Share Posted November 3, 2016 This is the email notification I receive when an event is triggered on a client computer. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,694 Posted November 3, 2016 Administrators Share Posted November 3, 2016 I'd check DNS settings; make sure that DNS server is set to automatic or try using Google DNS 8.8.8.8 or 4.4.4.4. It's likely related to this: hxxp://www.dslreports.com/forum/r29394552-What-is-this-LEVEL3-. Link to comment Share on other sites More sharing options...
Recommended Posts