Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 8 replies
  • Subscribers 1 subscriber
  • Views 16251 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Almost all links I click on (even sites like IMDB) result in 'Mal/HTML Gen-A'

ea210

Hi All,

As the title states, all links I click on on pretty much 90% of trusted websites result in the 'High risk website blocked' text box appearing with the following:

'Acces has been blocked to "def.jpisyncer.info/worker/init.js" as 'Mal/HTML Gen-A' has been found at this website.

I find it unusual that this is happening on a lot of sites I visit, again, ones that are highly trust worthy. 

Any help would be appreciated.

Thanks.

:26173


This thread was automatically locked due to age.
Parents
  • 0

    HI,

    There are a few potential causes for this,  One option is that your web browser has been compromised with a third party plugin.  Do you get the same bheaviour with another browser?  IE/Firefox/Chrome/Opera for example?  Essentially is it browser specific?  This would help narrow it down.

    If not at the browser level then it could be at the system level  For example if all of the sites you have tested share a common third party component.  For example Google Analytics, http://www.google-analytics.com/ga.js.  If a piece of malware on your machine was able to get your client to request: def.jpisyncer.info/worker/init.js instead of  http://www.google-analytics.com/ga.js, then you'd see the behaviour you describe.  There are many ways that malware could do this unfortunately.

    I would first check out your hosts file to see if that's where the redirection is coming from.    If you look in you host file, does it have a bunch of strange address entries, IP addresses?  Maybe post the contents here if you're unsure.  If so, take a backup of the hosts file and reset it as per: http://support.microsoft.com/kb/972034 .

    Have you recently run a full scan of your machine with up to date SAV?

    Regards,

    Jak

    :26175
Reply
  • 0

    HI,

    There are a few potential causes for this,  One option is that your web browser has been compromised with a third party plugin.  Do you get the same bheaviour with another browser?  IE/Firefox/Chrome/Opera for example?  Essentially is it browser specific?  This would help narrow it down.

    If not at the browser level then it could be at the system level  For example if all of the sites you have tested share a common third party component.  For example Google Analytics, http://www.google-analytics.com/ga.js.  If a piece of malware on your machine was able to get your client to request: def.jpisyncer.info/worker/init.js instead of  http://www.google-analytics.com/ga.js, then you'd see the behaviour you describe.  There are many ways that malware could do this unfortunately.

    I would first check out your hosts file to see if that's where the redirection is coming from.    If you look in you host file, does it have a bunch of strange address entries, IP addresses?  Maybe post the contents here if you're unsure.  If so, take a backup of the hosts file and reset it as per: http://support.microsoft.com/kb/972034 .

    Have you recently run a full scan of your machine with up to date SAV?

    Regards,

    Jak

    :26175
Children
No Data